AU-11 Audit Record Retention
Description
Organizations retain audit records until it is determined that they are no longer needed for administrative, legal, audit, or other operational purposes. This includes, for example, retention and availability of audit records relative to Freedom of Information Act (FOIA) requests, subpoenas, and law enforcement actions.
Organizations develop standard categories of audit records relative to such types of actions and standard response processes for each type of action.
The National Archives and Records Administration (NARA) General Records Schedules provide federal policy on record retention.
Applicability
This Control applies to all TAMU-CC University information resources storing or accessing restricted or confidential information.
The intended audience is information resource custodians who are responsible for the installation of new information resources, the operations of existing information resources, and individuals accountable for information resources security.
Implementation
The organization retains audit records for at least the last 365 days to provide support for after-the-fact investigations of security incidents and to meet regulatory and organizational information retention requirements.
Revision History
Last Updated: February 21, 2025
Previous Versions:
- June 29, 2023
- May 31, 2022
- March 25, 2021
- September 16, 2019