AU-9(6): Read-only Access

Control Family:

Audit and Accountability

Parent Control:

AU-9: Protection of Audit Information

Threats Addressed:

Tampering

Baselines:

(Not part of any baseline)

Previous Version:

NIST Special Publication 800-53 Revision 4:
AU-9(6): Read Only Access

Control Statement

Authorize read-only access to audit information to [Assignment: organization-defined subset of privileged users or roles].

Supplemental Guidance

Restricting privileged user or role authorizations to read-only helps to limit the potential damage to organizations that could be initiated by such users or roles, such as deleting audit records to cover up malicious activity.