← Back to catalog
AU-9(4)
Access by Subset of Privileged Users
Audit and Accountability (AU)
Baselines
Low · Not includedModerate · IncludedHigh · Included
Description
Authorize access to management of audit logging functionality to only [assignment].
Discussion
Individuals or roles with privileged access to a system and who are also the subject of an audit by that system may affect the reliability of the audit information by inhibiting audit activities or modifying audit records. Requiring privileged access to be further defined between audit-related privileges and other privileges limits the number of users or roles with audit-related privileges.
Implementation guidance
No content available.
CSF 2.0 crosswalk
No CSF mappings exist for this control.