This Control applies to all Texas A&M University information resources storing or accessing Critical or Confidential data. The intended audience is information resource custodians who are responsible for the installation of new information resources, the operations of existing information resources, and individuals accountable for information resources security.

Information resource custodians are responsible for:

• 1.1

  Reviewing and analyzing information resource audit records for indications of inappropriate or unusual activity;

• 1.2

  Reporting findings to information resource owner; and

• 1.3

  Responding to audit events as specified in AU-2, Audit Events.