AU-9(6): Protection of Audit Information

AU-9(6): Protection of Audit Information | Read-only Access ()

Authorize read-only access to audit information to [Assignment: organization-defined subset of privileged users or roles].


Control Identifier	AU-9(6)
Latest Sync Date	19/12/24 09:18:14
Discussion	Restricting privileged user or role authorizations to read-only helps to limit the potential damage to organizations that could be initiated by such users or roles, such as deleting audit records to cover up malicious activity.
Related Controls	None.



NIST 800-53 Controls Catalogue