MA-4(1): Logging and Review

Control Family:


CSF v1.1 References:

Threats Addressed:


(Not part of any baseline)

Previous Version:

Control Statement

  1. Log [Assignment: organization-defined audit events] for nonlocal maintenance and diagnostic sessions; and
  2. Review the audit records of the maintenance and diagnostic sessions to detect anomalous behavior.

Supplemental Guidance

Audit logging for nonlocal maintenance is enforced by AU-2. Audit events are defined in AU-2a.