AU-13: Monitoring for Information Disclosure

CSF v1.1 References:

CSF v2.0 References:

PF v1.0 References:

Threats Addressed:


  • Low


  • Moderate


  • High


  • Privacy


Previous Version:

Control Statement

  1. Monitor [Assignment: organization-defined open-source information and/or information sites] [Assignment: organization-defined frequency] for evidence of unauthorized disclosure of organizational information; and
  2. If an information disclosure is discovered:
    1. Notify [Assignment: organization-defined personnel or roles]; and
    2. Take the following additional actions: [Assignment: organization-defined additional actions].

Supplemental Guidance

Unauthorized disclosure of information is a form of data leakage. Open-source information includes social networking sites and code-sharing platforms and repositories. Examples of organizational information include personally identifiable information retained by the organization or proprietary information generated by the organization.

Control Enhancements

AU-13(1): Use of Automated Tools


(Not part of any baseline)

Monitor open-source information and information sites using [Assignment: organization-defined automated mechanisms].

AU-13(2): Review of Monitored Sites


(Not part of any baseline)

Review the list of open-source information sites being monitored [Assignment: organization-defined frequency].