The ISSO must review audit trails periodically based on system documentation recommendations or immediately upon system security events.

An XCCDF Rule

Description

Without access control the data is not secure. It can be compromised, misused, or changed by unauthorized access at any time.

ID: SV-222622r961863_rule
Version: APSC-DV-002910
Severity: Medium
References: CCI-001872
Updated: about 2 months ago

Remediation Templates

Establish a scheduled process for reviewing logs.

Maintain a log or records of dates and times audit logs are reviewed.