home || catalog: SP800-53rev3 / class: Technical / family: (AU) Audit and Accountability ||
search controls:
search nistpubs:

AC
AT
AU

AU-01
AU-02
AU-03
AU-04
AU-05
AU-06
AU-07 *
AU-08
AU-09
AU-10
AU-11
AU-12
AU-13
AU-14

CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA
SC
SI
MMMMM

  AU-07: Audit Reduction and Report Generation  

base control objective:
The information system provides an audit reduction and report generation capability.

supplemental objective information:
An audit reduction and report generation capability provides support for near real-time audit review, analysis, and reporting requirements described in AU-6 and after-the-fact investigations of security incidents. Audit reduction and reporting tools do not alter original audit records.

enhancements to the base objective:

(1) The information system provides the capability to automatically process audit records for events of interest based on selectable, event criteria.

mapping to FIPS199 baseline:

  LOW: null     MOD: base (1)     HIGH: base (1)  

related (regimented) controls:

AU-06   Audit Monitoring, Analysis, and Reporting

documents referenced in SP800-53rev3 for AU-07:

Document Date Status Title
NIST SP800-12 October, 1995 current   An Introduction to Computer Security: The NIST Handbook
NIST SP800-44 September 2002 current   Guidelines on Securing Public Web Servers
NIST SP800-92 September, 2006 current   Guide to Computer Security Log Management

Search SP800-53rev3 catalog: