AU-9: Protection of Audit Information

NIST Baseline: Low

Information resource custodians are responsible for:
- Ensuring that audit logs and related tools are protected so only authorized individuals and systems can access them;
- Configuring information resources to protect audit information and audit tools from unauthorized access, modification, or deletion; and
- Configuring information resources to send alerts to appropriate personnel upon detection of unauthorized access, modification, or deletion of audit information.

None. See any applicable internal procedures.