AU-12: Audit Record Generation
NIST Baseline: Low
DIR Required By: 07/20/2023
Review Date: 05/08/2024
- Information resource custodians are responsible for:
- Configuring information systems to provide audit record generation capability for the list of auditable events defined in Control AU-2, Event Logging, with content prescribed in Control AU-3, Content of Audit Records, on, at a minimum, the following information system components:
- Desktop and laptop computers (end-users);
- Servers (file and print, web, firewalls); and
- Network components (switches, routers, wireless).
- Configuring information systems to provide audit record generation capability for the list of auditable events defined in Control AU-2, Event Logging, with content prescribed in Control AU-3, Content of Audit Records, on, at a minimum, the following information system components:
- Determining which auditable events are to be audited by specific components of the information system; and
- Generating audit records for the events defined in Control AU-2, Event Logging, with content defined in Control AU-3, Content of Audit Records.
References/Additional Resources
None. See any applicable internal procedures.