☐ Service Provider Hybrid (Corporate and System Specific)
AU-1 What is the solution and how is it implemented?
Part a
Part b
AU-2 Audit Events (L) (M) (H)
The organization:
Determines that the information system is capable of auditing the following events: [FedRAMP Assignment: [Successful and unsuccessful account logon events, account management events, object access, policy change, privilege functions, process tracking, and system events. For Web applications: all administrator activity, authentication checks, authorization checks, data deletions, data access, data changes, and permission changes];
Coordinates the security audit function with other organizational entities requiring audit-related information to enhance mutual support and to help guide the selection of auditable events;
Provides a rationale for why the auditable events are deemed to be adequate to support after-the-fact investigations of security incidents; and
Determines that the following events are to be audited within the information system: [FedRAMP Assignment: organization-defined subset of the auditable events defined in AU-2 a. to be audited continually for each identified event].
AU-2 Additional FedRAMP Requirements and Guidance:
Requirement: Coordination between service provider and consumer shall be documented and accepted by the JAB/AO.
AU-2
Control Summary Information
Responsible Role:
Parameter AU-2(a):
Parameter AU-2(d):
Implementation Status (check all that apply):
☐ Implemented
☐ Partially implemented
☐ Planned
☐ Alternative implementation
☐ Not applicable
Control Origination (check all that apply):
☐ Service Provider Corporate
☐ Service Provider System Specific
☐ Service Provider Hybrid (Corporate and System Specific)
☐ Configured by Customer (Customer System Specific)
☐ Provided by Customer (Customer System Specific)
☐ Shared (Service Provider and Customer Responsibility)
☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,
AU-2 What is the solution and how is it implemented?
