← Back to catalog
AU-9(6)
Read-only Access
Audit and Accountability (AU)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description
Authorize read-only access to audit information to [assignment].
Discussion
Restricting privileged user or role authorizations to read-only helps to limit the potential damage to organizations that could be initiated by such users or roles, such as deleting audit records to cover up malicious activity.
Implementation guidance
No content available.
CSF 2.0 crosswalk
No CSF mappings exist for this control.