N
|
controlAU-11

Audit Record Retention (AU-11)

Retain audit records for [organization-defined] to provide support for after-the-fact investigations of incidents and to meet regulatory and organizational information retention requirements.

Security Baselines

LOWMODERATEHIGH
auditaccountabilitylogging

Why These Connect

Baselined In3

This control is included in the linked security baseline (LOW, MODERATE, or HIGH).

Supports13

These related controls work together — a change to one may affect the others.

Enhances1

These enhancements add specific capabilities or refinements to the base control.

Related Controls(9)

AU-2Event Logging (AU-2)
LMH
AU-4Audit Log Storage Capacity (AU-4)
LMH
AU-5Response to Audit Logging Process Failures (AU-5)
LMH
AU-9Protection of Audit Information (AU-9)
LMH
AU-6Audit Record Review, Analysis, and Reporting (AU-6)
LMH
AU-14Session Audit (AU-14)MP-6Media Sanitization (MP-6)
LMH
RA-5Vulnerability Monitoring and Scanning (RA-5)
LMH
SI-12Information Management and Retention (SI-12)
LMH

Control Enhancements(1)

AU-11(1)Long-term Retrieval Capability (AU-11(1))

See Also

@SP 800-53 OverviewCompare Baselines