Description

Audit generation entails the planning and execution of IT logging activities to detect potential compromise of critical business processes and data.

Applicability

  • This Control applies to all Texas A&M University information resources storing or accessing restricted, controlled, or confidential information. The intended audience is information custodians who are responsible for the installation of new information resources, the operations of existing information resources, and individuals accountable for information resources security.

Implementation

  • 1

    The information resource custodian is responsible for:

    • 1.1

      Configuring information systems to provide audit record generation capability for the list of auditable events defined in AU-2 with content prescribed in AU-3 on, at a minimum, the following information system components:

      • 1.1.1

        Desktop and laptop computers (end-users);

      • 1.1.2

        Servers (file and print, web, firewalls); and

      • 1.1.3

        Network Components (switches, routers, wireless).

    • 1.2

      Determining which auditable events are to be audited by specific components of the information system; and

    • 1.3

      Generating audit records for the events defined in AU-2 with the content defined in AU-3