AU-09.4: Access by Subset of Privileged Users

AU-09.4 · Access by Subset of Privileged Users

Control Description

Authorize access to management of audit logging functionality to only {{ insert: param, au-09.04_odp }}.

Impact Baselines

Security baselines where this control applies

Not in any baseline

Control Properties

SP800-53-enhancement

organization

Enhancement

Control Statement

The control requirements

Authorize access to management of audit logging functionality to only {{ insert: param, au-09.04_odp }}.

Supplemental Guidance

Individuals or roles with privileged access to a system and who are also the subject of an audit by that system may affect the reliability of the audit information by inhibiting audit activities or modifying audit records. Requiring privileged access to be further defined between audit-related privileges and other privileges limits the number of users or roles with audit-related privileges.

Related NIST Controls

Other NIST 800-53 controls related to this one

AC-05