AU-16(3): Disassociability

Control Family:

Audit and Accountability

Parent Control:

AU-16: Cross-organizational Audit Logging

CSF v1.1 References:

PR.PT-1

PF v1.0 References:

CT.DP-P1
CT.DP-P3

Threats Addressed:

Spoofing
Tampering
Repudiation

Baselines:

(Not part of any baseline)

Control is new to this version of the control set.

Control Statement

Implement [Assignment: organization-defined measures] to disassociate individuals from audit information transmitted across organizational boundaries.

Supplemental Guidance

Preserving identities in audit trails could have privacy ramifications, such as enabling the tracking and profiling of individuals, but may not be operationally necessary. These risks could be further amplified when transmitting information across organizational boundaries. Implementing privacy-enhancing cryptographic techniques can disassociate individuals from audit information and reduce privacy risk while maintaining accountability.