SI-7(8)—Auditing Capability For Significant Events
>Control Description
Upon detection of a potential integrity violation, provide the capability to audit the event and initiate the following actions: [Selection (one or more): generate an audit record; alert current user; alert [Assignment: organization-defined personnel or roles]; [Assignment: organization-defined other actions]].
>Supplemental Guidance
Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations.