Loading controls...
Benchmark: 3.3 Audit and Accountability
Description
The AU control family consists of security controls related to an organization’s audit capabilities. This includes audit policies and procedures, audit logging, audit report generation, and protection of audit information.
Usage
Browse dashboards and select 3.3 Audit and Accountability:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.nist_800_171_rev_2_3_3Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.nist_800_171_rev_2_3_3Benchmarks
- 3.3.1 Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity
- 3.3.2 Ensure that the actions of individual system users can be uniquely traced to those users, so they can be held accountable for their actions
- 3.3.3 Review and update logged events
- 3.3.4 Alert in the event of an audit logging process failure
- 3.3.5 Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity
- 3.3.8 Protect audit information and audit logging tools from unauthorized access, modification, and deletion