AU-5(1): Audit Storage Capacity

Control Family:

Audit And Accountability

Parent Control:

AU-5: Response To Audit Processing Failures

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

PR.PT-1

Threats Addressed:

Denial of Service

Baselines:

High

Next Version:

NIST Special Publication 800-53 Revision 5:
AU-5(1): Storage Capacity Warning

Control Statement

The information system provides a warning to [Assignment: organization-defined personnel, roles, and/or locations] within [Assignment: organization-defined time period] when allocated audit record storage volume reaches [Assignment: organization-defined percentage] of repository maximum audit record storage capacity.

Supplemental Guidance

Organizations may have multiple audit data storage repositories distributed across multiple information system components, with each repository having different storage volume capacities.