Ansible Tower - Audit and Accountability

Control responses for NIST 800-53 rev4.


Requirements Traceability Matrix

Control Name Status
AU-1 Audit And Accountability Policy And Procedures

not applicable

AU-2 Audit Events

not applicable

AU-2 (1) Compilation Of Audit Records From Multiple Sources
AU-2 (2) Selection Of Audit Events By Component
AU-2 (3) Reviews And Updates
AU-2 (4) Privileged Functions
AU-3 Content Of Audit Records

complete

AU-3 (1) Additional Audit Information
AU-3 (2) Centralized Management Of Planned Audit Record Content
AU-4 Audit Storage Capacity

not applicable

AU-4 (1) Transfer To Alternate Storage
AU-5 Response To Audit Processing Failures

not applicable

AU-5 (1) Audit Storage Capacity
AU-5 (2) Real-Time Alerts
AU-5 (3) Configurable Traffic Volume Thresholds
AU-5 (4) Shutdown On Failure
AU-6 Audit Review, Analysis, And Reporting

not applicable

AU-6 (1) Process Integration
AU-6 (2) Automated Security Alerts
AU-6 (3) Correlate Audit Repositories
AU-6 (4) Central Review And Analysis
AU-6 (5) Integration / Scanning And Monitoring Capabilities
AU-6 (6) Correlation With Physical Monitoring
AU-6 (7) Permitted Actions
AU-6 (8) Full Text Analysis Of Privileged Commands
AU-6 (9) Correlation With Information From Nontechnical Sources
AU-6 (10) Audit Level Adjustment
AU-7 Audit Reduction And Report Generation
AU-7 (1) Automatic Processing
AU-7 (2) Automatic Sort And Search
AU-8 Time Stamps

complete

AU-8 (1) Synchronization With Authoritative Time Source
AU-8 (2) Secondary Authoritative Time Source
AU-9 Protection Of Audit Information

complete

AU-9 (1) Hardware Write-Once Media
AU-9 (2) Audit Backup On Separate Physical Systems / Components
AU-9 (3) Cryptographic Protection
AU-9 (4) Access By Subset Of Privileged Users
AU-9 (5) Dual Authorization
AU-9 (6) Read Only Access
AU-10 Non-Repudiation
AU-10 (1) Association Of Identities
AU-10 (2) Validate Binding Of Information Producer Identity
AU-10 (3) Chain Of Custody
AU-10 (4) Validate Binding Of Information Reviewer Identity
AU-10 (5) Digital Signatures
AU-11 Audit Record Retention

not applicable

AU-11 (1) Long-Term Retrieval Capability
AU-12 Audit Generation

planned

AU-12 (1) System-Wide / Time-Correlated Audit Trail
AU-12 (2) Standardized Formats
AU-12 (3) Changes By Authorized Individuals
AU-13 Monitoring For Information Disclosure
AU-13 (1) Use Of Automated Tools
AU-13 (2) Review Of Monitored Sites
AU-14 Session Audit
AU-14 (1) System Start-Up
AU-14 (2) Capture/Record And Log Content
AU-14 (3) Remote Viewing / Listening
AU-15 Alternate Audit Capability
AU-16 Cross-Organizational Auditing
AU-16 (1) Identity Preservation
AU-16 (2) Sharing Of Audit Information



AU-1: Audit And Accountability Policy And Procedures

The organization: a. Develops, documents, and disseminates to [Assignment: organization-defined personnel or roles]: 1. An audit and accountability policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and 2. Procedures to facilitate the implementation of the audit and accountability policy and associated audit and accountability controls; and b. Reviews and updates the current: 1. Audit and accountability policy [Assignment: organization-defined frequency]; and 2. Audit and accountability procedures [Assignment: organization-defined frequency].

AU-1 Control Response Information
Implementation Status:

not applicable

AU-1: What is the solution and how is it implemented?



AU-2: Audit Events

The organization: a. Determines that the information system is capable of auditing the following events: [Assignment: organization-defined auditable events]; b. Coordinates the security audit function with other organizational entities requiring audit-related information to enhance mutual support and to help guide the selection of auditable events; c. Provides a rationale for why the auditable events are deemed to be adequate to support after-the-fact investigations of security incidents; and d. Determines that the following events are to be audited within the information system: [Assignment: organization-defined audited events (the subset of the auditable events defined in AU-2 a.) along with the frequency of (or situation requiring) auditing for each identified event].

AU-2 Control Response Information
Implementation Status:

not applicable

AU-2: What is the solution and how is it implemented?



AU-2 (1): Compilation Of Audit Records From Multiple Sources

“[Withdrawn: Incorporated into AU-12].”

AU-2 (1) Control Response Information
Implementation Status: