4.8: Log and Alert on Changes to Administrative Group Membership

CSF v1.1 References:

Threats Addressed:


Info icon.

The next version of the control set incorporates all or part of this control into: 8.5: Collect Detailed Audit Logs.

Control Statement

Configure systems to issue a log entry and alert when an account is added to or removed from any group assigned administrative privileges.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]