|
|
Audit and accountability guidelines are as follows:
- Create, protect, and retain system audit records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful, unauthorized, or inappropriate system activity.
- Ensure that the actions of individual system users can be uniquely traced.
- Review and update logged events.
- Alert appropriate personnel in the event of an audit process failure.
- Correlate audit review, analysis, and reporting processes for investigation and response to indications of inappropriate, suspicious, or unusual activity.
- Provide audit reduction and report generation to support on-demand analysis and reporting.
- Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records.
- Protect audit information and audit tools from unauthorized access, modification, and deletion.
- Limit management of audit functionality to a subset of privileged users.
|
|
