Event Logging | AU-2

Description

• Information resources must keep security-related event logs that establish individual accountability for actions that can potentially threaten the confidentiality, integrity, or availability of the information resource.
• Based on periodic risk assessments, Information Resource Custodians, and the Cybersecurity Manager are responsible for ensuring that information systems log a sufficiently complete history of transactions to support an after-the-fact investigation by logging and tracing the activities of individuals through the system.
• The Cybersecurity Manager or their designee is responsible for reviewing and updating the event types selected for logging periodically.

Last updated: 5/12/2026