control_freak | Controls | SI-07(08) - Auditing Capability for Significant Events

Upon detection of a potential integrity violation, provide the capability to audit the event and initiate the following actions: si-07.08_odp.01.

Parameter ID	Definition
si-07.08_odp.01	Selection (one-or-more): generate an audit record alert current user alert {{ insert: param si-07.08_odp.02 }} {{ insert: param si-07.08_odp.03 }}
si-07.08_odp.02	personnel or roles
si-07.08_odp.03	other actions

Parameter ID

Definition

si-07.08_odp.01

Selection (one-or-more):

generate an audit record
alert current user
alert {{ insert: param
si-07.08_odp.02 }}
{{ insert: param
si-07.08_odp.03 }}

si-07.08_odp.02

personnel or roles

si-07.08_odp.03

other actions

Baselines

Guidance

Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations.

Related controls 3

AU-02 Event Logging L M H P
AU-06 Audit Record Review, Analysis, and Reporting L M H P
AU-12 Audit Record Generation L M H P

SI-07(08) Auditing Capability for Significant Events

Baselines

Guidance

Related controls 3