AU-13 Monitoring for Information Disclosure
a. Monitor au-13_odp.01 au-13_odp.02 for evidence of unauthorized disclosure of organizational information; and
b. If an information disclosure is discovered:
1. Notify au-13_odp.03 ; and
2. Take the following additional actions: au-13_odp.04.
| Parameter ID | Definition |
|---|---|
| au-13_odp.01 | open-source information and/or information sites |
| au-13_odp.02 | frequency |
| au-13_odp.03 | personnel or roles |
| au-13_odp.04 | additional actions |
Baselines
- L
- M
- H
- P
Guidance
Unauthorized disclosure of information is a form of data leakage. Open-source information includes social networking sites and code-sharing platforms and repositories. Examples of organizational information include personally identifiable information retained by the organization or proprietary information generated by the organization.
Control Enhancements 3
- AU-13(01) Use of Automated Tools L M H P
- AU-13(02) Review of Monitored Sites L M H P
- AU-13(03) Unauthorized Replication of Information L M H P
Related controls 6
- AC-22 Publicly Accessible Content L M H P
- PE-03 Physical Access Control L M H P
- PM-12 Insider Threat Program L M H P
- RA-05 Vulnerability Monitoring and Scanning L M H P
- SC-07 Boundary Protection L M H P
- SI-20 Tainting L M H P