SI-7(8): Auditing Capability For Significant Events

CSF v1.1 References:

Threats Addressed:


(Not part of any baseline)

Next Version:

Control Statement

The information system, upon detection of a potential integrity violation, provides the capability to audit the event and initiates the following actions: [Selection (one or more): generates an audit record; alerts current user; alerts [Assignment: organization-defined personnel or roles]; [Assignment: organization-defined other actions]].

Supplemental Guidance

Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations.