The university develops, disseminates, and periodically reviews/updates formal, documented procedures to facilitate the implementation of the Audit and Accountability policy and associated Audit and Accountability controls

An audit event is the discovery, by the monitoring and analysis of system logs, of any action that potentially impacts the security of data, hardware, or software.

This Control addresses how information resources generate audit records containing information that establishes what type of event occurred, when the event occurred, where the event occurred, the source of the event, the outcome of the event, and the identity of any individuals or subjects associated with the event.

The data storage capacity of information resources accommodates audit records.

Automated alerts are generated to provide notification of an audit processing failure.

The University regularly reviews/analyzes information system audit records for indications of inappropriate or unusual activity, investigates suspicious activity or suspected violations, reports findings to appropriate management, and takes necessary actions.

Information resources are configured to use internal system clocks to generate time stamps for audit records.

Failure to restrict access to logging facilities and log information may result in unauthorized access, log information tampering and loss of user activity evidence.

Audit records are retained to provide support for investigations of information security events and to meet university record retention requirements.

Audit generation entails the planning and execution of IT logging activities to detect potential compromise of critical business processes and data.