← Back to catalog
AU-3(1)

Additional Audit Information

Audit and Accountability (AU)
Baselines
Low · Not includedModerate · IncludedHigh · Included
Description

Generate audit records containing the following additional information: [assignment].

Discussion

The ability to add information generated in audit records is dependent on system functionality to configure the audit record content. Organizations may consider additional information in audit records including, but not limited to, access control or flow control rules invoked and individual identities of group account users. Organizations may also consider limiting additional audit record information to only information that is explicitly needed for audit requirements. This facilitates the use of audit trails and audit logs by not including information in audit records that could potentially be misleading, make it more difficult to locate information of interest, or increase the risk to individuals' privacy.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.