The application must be capable of taking organization-defined actions upon audit failure (e.g., overwrite oldest audit records, stop generating audit records, cease processing, notify of audit failure).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35340 | SRG-APP-000109-MAPP-NA | SV-46627r1_rule | Medium |
| Description |
|---|
| It is critical when a system is at risk of failing to process audit logs as required; it detects and takes action to mitigate the failure. Audit processing failures include: software/hardware errors, failures in the audit capturing mechanisms, and audit storage capacity being reached or exceeded. Applications are required to be capable of either directly performing or calling system level functionality performing defined actions upon detection of an application audit log processing failure. Rationale for non-applicability: The mobile operating system is best positioned to respond to audit failures. Local applications can write to the local system log. If a mobile application maintains its own log, it is much more likely that audits events will be lost than if these events are forwarded to a system log. |
| STIG | Date |
|---|---|
| Mobile Application Security Requirements Guide | 2013-01-04 |
Details
| Check Text ( C-43708r1_chk ) |
|---|
| This requirement is NA for the MAPP SRG. |
| Fix Text (F-39886r1_fix) |
|---|
| The requirement is NA. No fix is required. |