NIST 800-53 Rev. 5

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
AU-1
AU-2
AU-10(5)
AU-14(2)
AU-15
AU-2(1)
AU-3
AU-3(1)
AU-2(2)
AU-3(3)
AU-4
AU-4(1)
AU-5
AU-5(1)
AU-5(2)
AU-5(3)
AU-5(4)
AU-5(5)
AU-6
AU-6(1)
AU-2(3)
AU-6(3)
AU-6(4)
AU-6(5)
AU-6(6)
AU-6(7)
AU-6(8)
AU-6(9)
AU-2(4)
AU-7
AU-7(1)
AU-3(2)
AU-8
AU-6(10)
AU-6(2)
AU-9
AU-9(1)
AU-9(2)
AU-9(3)
AU-9(4)
AU-9(5)
AU-9(6)
AU-9(7)
AU-10
AU-10(1)
AU-10(2)
AU-10(3)
AU-10(4)
AU-7(2)
AU-11
AU-11(1)
AU-12
AU-12(1)
AU-12(2)
AU-12(3)
AU-12(4)
AU-13
AU-13(1)
AU-13(2)
AU-13(3)
AU-14
AU-14(1)
AU-8(1)
AU-14(3)
AU-8(2)
AU-16
AU-16(1)
AU-16(2)
AU-16(3)

AU-13: Monitoring for Information Disclosure

Control Text:

a. Monitor [Assignment: organization-defined open-source information and/or information sites] [Assignment: organization-defined frequency] for evidence of unauthorized disclosure of organizational information; and b. If an information disclosure is discovered: 1. Notify [Assignment: organization-defined personnel or roles]; and 2. Take the following additional actions: [Assignment: organization-defined additional actions].

Unauthorized disclosure of information is a form of data leakage. Open-source information includes social networking sites and code-sharing platforms and repositories. Examples of organizational information include personally identifiable information retained by the organization or proprietary information generated by the organization.

Related Controls