STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

AU-6

Audit and AccountabilityRev 5organization

Audit Record Review, Analysis, and Reporting

Baselines:LowModerateHigh

Control Statement

a. Review and analyze system audit records [Assignment: frequency] for indications of [Assignment: inappropriate or unusual activity] and the potential impact of the inappropriate or unusual activity; b. Report findings to [Assignment: personnel or roles] ; and c. Adjust the level of audit record review, analysis, and reporting within the system when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information.

Supplemental Guidance

Audit record review, analysis, and reporting covers information security- and privacy-related logging performed by organizations, including logging that results from the monitoring of account usage, remote access, wireless connectivity, mobile device connection, configuration settings, system component inventory, use of maintenance tools and non-local maintenance, physical access, temperature and humidity, equipment delivery and removal, communications at system interfaces, and use of mobile code or Voice over Internet Protocol (VoIP). Findings can be reported to organizational entities that include the incident response team, help desk, and security or privacy offices. If organizations are prohibited from reviewing and analyzing audit records or unable to conduct such activities, the review or analysis may be carried out by other organizations granted such authority. The frequency, scope, and/or depth of the audit record review, analysis, and reporting may be adjusted to meet organizational needs based on new information received.

Related Controls (30)

AC-2AC-3AC-5AC-6AC-7AC-17AU-7AU-16CA-2CA-7CM-2CM-5CM-6CM-10CM-11IA-2IA-3IA-5IA-8IR-5MA-4

CCI Identifiers (9)

CCI-000148Review and analyze system audit records on an organization-defined frequency for indications of organization-defined inappropriate or unusual activity.CCI-000149Report any findings to organization-defined personnel or roles for indications of organization-defined inappropriate or unusual activity.CCI-000150The organization adjusts the level of audit review, analysis, and reporting within the information system when there is a change in risk to organizational operations, organizational assets, individuals, other organizations, or the Nation based on law enforcement information, intelligence information, or other credible sources of information.CCI-000151Defines the frequency for the review and analysis of system audit records for organization-defined inappropriate or unusual activity.CCI-003818Adjust the level of audit review and analysis within the system when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information.CCI-003819Adjust the level of audit reporting within the system when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information.CCI-001862Defines the types of inappropriate or unusual activity to be reviewed and analyzed in the audit records.

Linked STIG Checks (1)

Across 1 STIGs. Click to expand.

MP-4
PE-3
PE-6
RA-5
SA-8
SC-7
SI-3
SI-4
SI-7
CCI-001863Defines the personnel or roles to receive the reports of organization-defined inappropriate or unusual activity.
CCI-003817Review and analyze the potential impact of the organization-defined inappropriate or unusual activity.