SI-7(8): Auditing Capability for Significant Events

Control Family:

System and Information Integrity

Parent Control:

SI-7: Software, Firmware, and Information Integrity

CSF v1.1 References:

PR.DS-6

Threats Addressed:

Tampering

Baselines:

(Not part of any baseline)

Previous Version:

NIST Special Publication 800-53 Revision 4:
SI-7(8): Auditing Capability For Significant Events

Control Statement

Upon detection of a potential integrity violation, provide the capability to audit the event and initiate the following actions: [Assignment (one or more): generate an audit record, alert current user, alert [Assignment: organization-defined personnel or roles] , [Assignment: organization-defined other actions] ].

Supplemental Guidance

Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5