AU-12 Audit Generation
Description
Audit records can be generated from many different information system components. The list of audited events is the set of events for which audits are to be generated. These events are typically a subset of all events for which the information system is capable of generating audit records.
Applicability
This Control applies to all TAMU-CC University information resources storing or accessing restricted, controlled, or confidential information.
The intended audience is information custodians who are responsible for the installation of new information resources, the operations of existing information resources, and individuals accountable for information resources security.
Implementation
The information system:
- Provides audit record generation capability for the auditable events defined in AU-2 (1) utilizing the designated TAMU-CC SIEM;
- Allows Office of Information Security (OIS) to select which auditable events are to be audited by specific components of the information system; and
- Generates audit records for the events defined in AU-2 (4) with the content defined in AU-3.
Revision History
Last Updated: February 21, 2025
Previous Versions:
- June 29, 2023
- May 31, 2022
- March 25, 2021
- September 16, 2019