STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

AU-14

Audit and AccountabilityRev 5system

Session Audit

Control Statement

a. Provide and implement the capability for [Assignment: users or roles] to [Selection: organization-defined value] the content of a user session under [Assignment: circumstances] ; and b. Develop, integrate, and use session auditing activities in consultation with legal counsel and in accordance with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines.

Supplemental Guidance

Session audits can include monitoring keystrokes, tracking websites visited, and recording information and/or file transfers. Session audit capability is implemented in addition to event logging and may involve implementation of specialized session capture technology. Organizations consider how session auditing can reveal information about individuals that may give rise to privacy risk as well as how to mitigate those risks. Because session auditing can impact system and network performance, organizations activate the capability under well-defined situations (e.g., the organization is suspicious of a specific individual). Organizations consult with legal counsel, civil liberties officials, and privacy officials to ensure that any legal, privacy, civil rights, or civil liberties issues, including the use of personally identifiable information, are appropriately addressed.

Related Controls (10)

AC-3AC-8AU-2AU-3AU-4AU-5AU-8AU-9AU-11AU-12

CCI Identifiers (6)

CCI-003845Defines users or roles who will provide and implement the capability to record; view; hear; and/or log the content of a user session under organization-defined circumstances.CCI-003847Develop, integrate, and use session auditing activities in consultation with legal counsel and in accordance with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines.CCI-001463The information system provides the capability to remotely view/hear all content related to an established user session in real time.CCI-003846Defines the circumstances to record; view; hear; and/or log the content of a user session.CCI-003844Implement the capability for organization-defined users or roles to select a user session to record; view; hear; and/or log the content of a user session under organization-defined circumstances.CCI-001919Provide the capability for organization-defined users or roles to select a user session to record; view; hear; or log the content of a user session under organization-defined circumstances.

Linked STIG Checks (8)

Across 8 STIGs. Click to expand.