AU-12(2): Standardized Formats

Control Family:

Audit And Accountability

Parent Control:

AU-12: Audit Generation

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
AU-12(2): Standardized Formats

Control Statement

The information system produces a system-wide (logical or physical) audit trail composed of audit records in a standardized format.

Supplemental Guidance

Audit information that is normalized to common standards promotes interoperability and exchange of such information between dissimilar devices and information systems. This facilitates production of event information that can be more readily analyzed and correlated. Standard formats for audit records include, for example, system log records and audit records compliant with Common Event Expressions (CEE). If logging mechanisms within information systems do not conform to standardized formats, systems may convert individual audit records into standardized formats when compiling system-wide audit trails.