← Back to catalog
AU-9(6)

Read-only Access

Audit and Accountability (AU)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Authorize read-only access to audit information to [assignment].

Discussion

Restricting privileged user or role authorizations to read-only helps to limit the potential damage to organizations that could be initiated by such users or roles, such as deleting audit records to cover up malicious activity.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.