| Control number | Control name | Assessment methods | Notes and guidance | SP 800-53A Guidance |
| AU-1 | Audit and accountability policy and procedures | Review audit policy and procedures, organizational security program guidance. Interview System Owner and Security Officer. | SP 800-12, SP 800-100, GAO-12-331G | Examine: Audit and accountability policy and procedures; other relevant documents or records. Interview: Organizational personnel with audit and accountability responsibilities; organizational personnel with information security responsibilities. |
| AU-2 | Audit events | Review documentation for identification and selection of auditable events for system. Review system security plan for auditing criteria and requirements to ensure that auditable events ... |
Get Security Controls Evaluation, Testing, and Assessment Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
