IVS-01: Audit Logging / Intrusion Detection

Control Family:

Infrastructure & Virtualization Security

CSF v1.1 References:

PR.PT-1
DE.AE-2
DE.AE-3
DE.CM-1
DE.CM-7
RS.AN-3

PF v1.0 References:

CT.DM-P8

Threats Addressed:

Tampering
Repudiation
Elevation of Privilege
Lateral Movement

Control Statement

Higher levels of assurance are required for protection, retention, and lifecycle management of audit logs, adhering to applicable legal, statutory or regulatory compliance obligations and providing unique user access accountability to detect potentially suspicious network behaviors and/or file integrity anomalies, and to support forensic investigative capabilities in the event of a security breach.

Control Statement

Related Controls

NIST Special Publication 800-53 Revision 5

NIST Special Publication 800-53 Revision 4