AC-2(4): Automated Audit Actions

Control Family:

Access Control

CSF v1.1 References:

Threats Addressed:


  • Moderate
  • High

Previous Version:

Control Statement

Automatically audit account creation, modification, enabling, disabling, and removal actions.

Supplemental Guidance

Account management audit records are defined in accordance with AU-2 and reviewed, analyzed, and reported in accordance with AU-6.