AC-2(4): Automated Audit Actions

Control Family:

Access Control

Parent Control:

AC-2: Account Management

CSF v1.1 References:

Threats Addressed:

Baselines:

  • Moderate
  • High

Previous Version:

Control Statement

Automatically audit account creation, modification, enabling, disabling, and removal actions.

Supplemental Guidance

Account management audit records are defined in accordance with AU-2 and reviewed, analyzed, and reported in accordance with AU-6.

Related Controls

NIST Special Publication 800-53 Revision 5