AU-4: Audit Storage Capacity

Control Family:

Audit And Accountability

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

PF v1.0 References:

PR.DS-P4

Threats Addressed:

Denial of Service

Baselines:

Low
- AU-4
Moderate
- AU-4
High
- AU-4

Next Version:

NIST Special Publication 800-53 Revision 5:
AU-4: Audit Log Storage Capacity

Control Statement

The organization allocates audit record storage capacity in accordance with [Assignment: organization-defined audit record storage requirements].

Supplemental Guidance

Organizations consider the types of auditing to be performed and the audit processing requirements when allocating audit storage capacity. Allocating sufficient audit storage capacity reduces the likelihood of such capacity being exceeded and resulting in the potential loss or reduction of auditing capability.

Control Enhancements

AU-4(1): Transfer To Alternate Storage

Baseline(s):

(Not part of any baseline)

The information system off-loads audit records [Assignment: organization-defined frequency] onto a different system or media than the system being audited.

Control Statement

Supplemental Guidance

Control Enhancements

Related Controls

NIST Special Publication 800-53 Revision 4

Cloud Controls Matrix v3.0.1

Critical Security Controls Version 8

Critical Security Controls Version 7.1