FedRAMP Control Explorer

AU-12 Audit Record Generation

Control

a.
Provide audit record generation capability for the event types the system is capable of auditing as defined in AU-2a on [all information system and network components where audit capability is deployed/available];
b.
Allow [Assignment: organization-defined personnel or roles] to select the event types that are to be logged by specific components of the system; and
c.
Generate audit records for the event types defined in AU-2c that include the audit record content defined in AU-3.

Discussion

Audit records can be generated from many different system components. The event types specified in AU-2d are the event types for which audit logs are to be generated and are a subset of all event types for which the system can generate audit records.

FedRAMP-Defined Assignment / Selection Parameters