MA-4(1): Logging and Review
CSF v1.1 References:
(Not part of any baseline)
- NIST Special Publication 800-53 Revision 4:
- MA-4(1): Auditing And Review
- Log [Assignment: organization-defined audit events] for nonlocal maintenance and diagnostic sessions; and
- Review the audit records of the maintenance and diagnostic sessions to detect anomalous behavior.
Audit logging for nonlocal maintenance is enforced by AU-2. Audit events are defined in AU-2a.