NIST 800-53 Rev. 5

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
AU-1
AU-2
AU-10(5)
AU-14(2)
AU-15
AU-2(1)
AU-3
AU-3(1)
AU-2(2)
AU-3(3)
AU-4
AU-4(1)
AU-5
AU-5(1)
AU-5(2)
AU-5(3)
AU-5(4)
AU-5(5)
AU-6
AU-6(1)
AU-2(3)
AU-6(3)
AU-6(4)
AU-6(5)
AU-6(6)
AU-6(7)
AU-6(8)
AU-6(9)
AU-2(4)
AU-7
AU-7(1)
AU-3(2)
AU-8
AU-6(10)
AU-6(2)
AU-9
AU-9(1)
AU-9(2)
AU-9(3)
AU-9(4)
AU-9(5)
AU-9(6)
AU-9(7)
AU-10
AU-10(1)
AU-10(2)
AU-10(3)
AU-10(4)
AU-7(2)
AU-11
AU-11(1)
AU-12
AU-12(1)
AU-12(2)
AU-12(3)
AU-12(4)
AU-13
AU-13(1)
AU-13(2)
AU-13(3)
AU-14
AU-14(1)
AU-8(1)
AU-14(3)
AU-8(2)
AU-16
AU-16(1)
AU-16(2)
AU-16(3)

AU-9(6): Protection of Audit Information | Read-only Access

Control Text:

Authorize read-only access to audit information to [Assignment: organization-defined subset of privileged users or roles].

Restricting privileged user or role authorizations to read-only helps to limit the potential damage to organizations that could be initiated by such users or roles, such as deleting audit records to cover up malicious activity.

Related Controls

  • None