{"id":1093,"date":"2024-07-16T21:02:59","date_gmt":"2024-07-16T21:02:59","guid":{"rendered":"https:\/\/www.tarleton.edu\/security-controls-catalog\/?page_id=1093"},"modified":"2024-09-06T21:33:01","modified_gmt":"2024-09-06T21:33:01","slug":"au-6-audit-record-review-analysis-and-reporting","status":"publish","type":"page","link":"https:\/\/www.tarleton.edu\/security-controls-catalog\/audit-and-accountability-au\/au-6-audit-record-review-analysis-and-reporting\/","title":{"rendered":"AU-6: Audit Record Review, Analysis, and Reporting"},"content":{"rendered":"\n<h1 class=\"wp-block-heading has-large-font-size\">AU-6: Audit Record Review, Analysis, and Reporting<\/h1>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>NIST Baseline: &nbsp;<\/strong>Low<strong> <\/strong>&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>DIR Required By: &nbsp;<\/strong>07\/20\/2023 &nbsp;&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>Review Date: &nbsp;<\/strong>05\/08\/2024&nbsp;<\/h2>\n\n\n\n<ul class=\"wp-block-list its-nested-list\">\n<li>Information resource custodians are responsible for:&nbsp;\n<ul class=\"wp-block-list\">\n<li>Routinely reviewing information system audit logs for indications of security incidents and other unusual or suspicious activity at a frequency appropriate for the level of risk;&nbsp;<\/li>\n\n\n\n<li>Reporting security incidents, and other unusual or suspicious activity to the information resource owner and\/or the Chief Information Security Officer (CISO) following the processes defined in <a href=\"https:\/\/www.tarleton.edu\/security-controls-catalog\/incident-response-ir\/ir-1-incident-response-policy-and-procedures\/\" data-type=\"link\" data-id=\"https:\/\/www.tarleton.edu\/security-controls-catalog\/incident-response-ir\/ir-1-incident-response-policy-and-procedures\/\">Control IR-1, Incident Response Policy and Procedure<\/a>, and <a href=\"https:\/\/www.tarleton.edu\/security-controls-catalog\/incident-response-ir\/ir-6-incident-reporting\/\" data-type=\"link\" data-id=\"https:\/\/www.tarleton.edu\/security-controls-catalog\/incident-response-ir\/ir-6-incident-reporting\/\">Control IR-6, Incident Reporting<\/a>; and\u00a0\u00a0<\/li>\n\n\n\n<li>Updating the level of log review and reporting when there is a change in risk for an information system.&nbsp; The level of audit review, analysis, and reporting should also be adjusted accordingly due to changes in risk based on law enforcement, intelligence information, or other credible sources of information.&nbsp;&nbsp;<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator alignfull has-text-color has-tarleton-purple-color has-alpha-channel-opacity has-tarleton-purple-background-color has-background is-style-wide\"\/>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\">References\/Additional Resources<\/h3>\n\n\n\n<p>None.&nbsp; See any applicable internal procedures.&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>AU-6: Audit Record Review, Analysis, and Reporting NIST Baseline: &nbsp;Low &nbsp; DIR Required By: &nbsp;07\/20\/2023 &nbsp;&nbsp; Review Date: &nbsp;05\/08\/2024&nbsp; References\/Additional Resources None.&nbsp; See any applicable internal procedures.&nbsp;<\/p>\n","protected":false},"author":1,"featured_media":580,"parent":784,"menu_order":6,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"inline_featured_image":false,"advgb_blocks_editor_width":"","advgb_blocks_columns_visual_guide":"","footnotes":""},"class_list":["post-1093","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"coauthors":[],"author_meta":{"author_link":"https:\/\/www.tarleton.edu\/security-controls-catalog\/author\/brian-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-3\/","display_name":"brian"},"relative_dates":{"created":"Posted 2 years ago","modified":"Updated 2 years ago"},"absolute_dates":{"created":"Posted on July 16, 2024","modified":"Updated on September 6, 2024"},"absolute_dates_time":{"created":"Posted on July 16, 2024 9:02 pm","modified":"Updated on September 6, 2024 9:33 pm"},"featured_img_caption":"","featured_img":false,"series_order":"","_links":{"self":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1093","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/comments?post=1093"}],"version-history":[{"count":0,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1093\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/784"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/media?parent=1093"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}