control_freak | Controls | AU-09(05)

Enforce dual authorization for au-09.05_odp.01 of au-09.05_odp.02.

Parameter ID	Definition
au-09.05_odp.01	Selection (one-or-more): movement deletion
au-09.05_odp.02	audit information

Parameter ID

Definition

au-09.05_odp.01

Selection (one-or-more):

movement
deletion

au-09.05_odp.02

audit information

Baselines

Guidance

Organizations may choose different selection options for different types of audit information. Dual authorization mechanisms (also known as two-person control) require the approval of two authorized individuals to execute audit functions. To reduce the risk of collusion, organizations consider rotating dual authorization duties to other individuals. Organizations do not require dual authorization mechanisms when immediate responses are necessary to ensure public and environmental safety.

Related controls 1

AC-03 Access Enforcement L M H P

AU-09(05) Dual Authorization

Baselines

Guidance

Related controls 1