Audit Record Generation | AU-12

Description

  • Information Resource Custodians are responsible for ensuring that information systems generate audit logs following the list of event types defined in control AU-2 with the content defined in control AU-3 on the following types of information systems:
    • High Impact Information Resources, including applications.
    • servers (including application servers, database servers, file servers, security appliances and web servers).
    • network components (including switches, routers, wireless access points); and
    • desktop and laptop
  • Information Resource Custodians will work with the Chief Information Security Officer or their designee to determine which systems and event types to send to the central logging system.

Last updated: 5/12/2026

Contact Hours or Questions?

Information on Tech Support