SI-7(8): Auditing Capability for Significant Events
Control Family:
Parent Control:
CSF v1.1 References:
Threats Addressed:
Baselines:
(Not part of any baseline)
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- SI-7(8): Auditing Capability For Significant Events
Control Statement
Upon detection of a potential integrity violation, provide the capability to audit the event and initiate the following actions: [Assignment (one or more): generate an audit record, alert current user, alert [Assignment: organization-defined personnel or roles] , [Assignment: organization-defined other actions] ].
Supplemental Guidance
Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations.