AU-11

Audit and AccountabilityRev 5organization

Audit Record Retention

Baselines:LowModerateHighPrivacy

Control Statement

Retain audit records for [Assignment: time period] to provide support for after-the-fact investigations of incidents and to meet regulatory and organizational information retention requirements.

Supplemental Guidance

Organizations retain audit records until it is determined that the records are no longer needed for administrative, legal, audit, or other operational purposes. This includes the retention and availability of audit records relative to Freedom of Information Act (FOIA) requests, subpoenas, and law enforcement actions. Organizations develop standard categories of audit records relative to such types of actions and standard response processes for each type of action. The National Archives and Records Administration (NARA) General Records Schedules provide federal policy on records retention.

Related Controls (9)

AU-2 AU-4 AU-5 AU-6 AU-9 AU-14 MP-6 RA-5 SI-12

CCI Identifiers (2)

CCI-000168Defines the time period for retention of audit records, which is consistent with its records retention policy, to provide support for after-the-fact investigations of incidents and meet regulatory and organizational information retention requirements.CCI-000167Retain audit records for an organization-defined time period to provide support for after-the-fact investigations of incidents and to meet regulatory and organizational information retention requirements.

Linked STIG Checks (5)

Across 5 STIGs. Click to expand.