MA-4(1): Logging and Review
Control Family:
Parent Control:
CSF v1.1 References:
Threats Addressed:
Baselines:
(Not part of any baseline)
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- MA-4(1): Auditing And Review
Control Statement
- Log [Assignment: organization-defined audit events] for nonlocal maintenance and diagnostic sessions; and
- Review the audit records of the maintenance and diagnostic sessions to detect anomalous behavior.
Supplemental Guidance
Audit logging for nonlocal maintenance is enforced by AU-2. Audit events are defined in AU-2a.