NIST 800-53 Rev 5
424 controls available
AU-6lowmoderatehigh
Audit Record Review, Analysis, and Reporting
Audit and Accountability
Control Statement
Review and analyze system audit records {{ insert: param, au-06_odp.01 }} for indications of {{ insert: param, au-06_odp.02 }} and the potential impact of the inappropriate or unusual activity; Report findings to {{ insert: param, au-06_odp.03 }} ; and Adjust the level of audit record review, analysis, and reporting within the system when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information.
Discussion
Audit record review, analysis, and reporting covers information security- and privacy-related logging performed by organizations, including logging that results from the monitoring of account usage, remote access, wireless connectivity, mobile device connection, configuration settings, system component inventory, use of maintenance tools and non-local maintenance, physical access, temperature and humidity, equipment delivery and removal, communications at system interfaces, and use of mobile code or Voice over Internet Protocol (VoIP). Findings can be reported to organizational entities that include the incident response team, help desk, and security or privacy offices. If organizations are prohibited from reviewing and analyzing audit records or unable to conduct such activities, the review or analysis may be carried out by other organizations granted such authority. The frequency, scope, and/or depth of the audit record review, analysis, and reporting may be adjusted to meet organizational needs based on new information received.
- Framework
- NIST SP 800-53 Rev 5
- Family
- Audit and Accountability
- Baselines
- low, moderate, high
Related Frameworks
58 paths across 2 frameworks
Related Frameworks
NIST 800-1712 mappings
CCI32 mappings
CCI-000123
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000124
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000125
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000126
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000130
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000131
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000132
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000133
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000134
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000135
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000148
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000149
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000151
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000167
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000168
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000169
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000171
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000172
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001459
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001484
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001485
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001487
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001488
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001571
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001862
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001863
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001910
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003810
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003811
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003817
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003818
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003819
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
Related STIGs
68 STIGs reach this control through 24 CCIs. Expand a row to see the responsible NICE and O*NET roles.
Operating System — Desktop
4 STIGs
Operating System — Desktop
4 STIGsApple macOS 14 (Sonoma) Security Technical Implementation Guide
22024-12-041 of 155 findings match
H1
Apple macOS 15 (Sequoia) Security Technical Implementation Guide
12025-05-051 of 161 findings match
H1
Apple macOS 15 (Sequoia) Security Technical Implementation Guide
V1R72026-02-061 of 160 findings match
H1
Apple macOS 26 (Tahoe) Security Technical Implementation Guide
V1R22026-02-111 of 160 findings match
H1
Operating System — Server
12 STIGs
Operating System — Server
12 STIGsAnduril NixOS Security Technical Implementation Guide
12024-10-253 of 104 findings match
M3
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-193 of 103 findings match
M3
Red Hat Enterprise Linux 9 Security Technical Implementation Guide
22025-05-142 of 450 findings match
M2
Red Hat Enterprise Linux 9 Security Technical Implementation Guide
V2R82026-02-052 of 446 findings match
M2
Amazon Linux 2023 Security Technical Implementation Guide
V1R32026-02-271 of 187 findings match
M1
Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide
V1R62026-02-271 of 439 findings match
M1
CloudLinux AlmaLinux OS 9 Security Technical Implementation Guide
12025-05-221 of 445 findings match
M1
General Purpose Operating System Security Requirements Guide
32024-12-041 of 198 findings match
M1
Show 4 more STIGs in this category →Hide additional STIGs
General Purpose Operating System Security Requirements Guide
V3R32025-09-221 of 203 findings match
M1
Oracle Linux 9 Security Technical Implementation Guide
12025-05-081 of 456 findings match
M1
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-171 of 448 findings match
M1
Red Hat Enterprise Linux 10 Security Technical Implementation Guide
V1R12026-03-111 of 434 findings match
M1
Operating System — Mainframe
2 STIGs
Operating System — Mainframe
2 STIGsMainframe Product Security Requirements Guide
32024-12-052 of 193 findings match
M2
Mainframe Product Security Requirements Guide
V3R42025-09-102 of 194 findings match
M2
Operating System — Mobile
18 STIGs
Operating System — Mobile
18 STIGsGoogle Android 13 COBO Security Technical Implementation Guide
22024-12-041 of 31 findings match
M1
Google Android 13 COPE Security Technical Implementation Guide
22024-12-041 of 36 findings match
M1
Google Android 14 COBO Security Technical Implementation Guide
22024-12-041 of 30 findings match
M1
Google Android 14 COBO Security Technical Implementation Guide
V2R42026-02-061 of 38 findings match
M1
Google Android 14 COPE Security Technical Implementation Guide
22024-12-041 of 35 findings match
M1
Google Android 14 COPE Security Technical Implementation Guide
V2R42026-02-121 of 43 findings match
M1
Google Android 15 COBO Security Technical Implementation Guide
12024-12-051 of 36 findings match
M1
Google Android 15 COBO Security Technical Implementation Guide
V1R42026-02-061 of 44 findings match
M1
Show 10 more STIGs in this category →Hide additional STIGs
Google Android 15 COPE Security Technical Implementation Guide
12024-12-051 of 39 findings match
M1
Google Android 15 COPE Security Technical Implementation Guide
V1R42026-02-121 of 47 findings match
M1
Google Android 16 COBO Security Technical Implementation Guide
V1R22026-02-061 of 42 findings match
M1
Google Android 16 COPE Security Technical Implementation Guide
V1R22026-02-121 of 45 findings match
M1
Honeywell Android 13 COBO Security Technical Implementation Guide
V1R12025-05-071 of 32 findings match
M1
Honeywell Android 13 COPE Security Technical Implementation Guide
V1R12025-05-071 of 36 findings match
M1
Zebra Android 13 COBO Security Technical Implementation Guide
V1R12024-12-111 of 31 findings match
M1
Zebra Android 13 COPE Security Technical Implementation Guide
V1R12024-12-111 of 35 findings match
M1
Zebra Technologies Android 14 COBO Security Technical Implementation Guide
V1R12026-02-221 of 38 findings match
M1
Zebra Technologies Android 14 COPE Security Technical Implementation Guide
V1R12026-02-221 of 43 findings match
M1
Network Device
5 STIGs
Network Device
5 STIGsDomain Name System (DNS) Security Requirements Guide
42024-07-021 of 118 findings match
M1
Domain Name System (DNS) Security Requirements Guide
V4R22025-12-191 of 119 findings match
M1
Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide
22024-12-061 of 31 findings match
M1
Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide
V2R32026-02-131 of 31 findings match
M1
Trend Micro TippingPoint IDPS Security Technical Implementation Guide
V2R22024-09-161 of 30 findings match
M1
Database
3 STIGs
Database
3 STIGsDatabase Security Requirements Guide
42024-12-041 of 142 findings match
M1
Database Security Requirements Guide
V4R52026-02-261 of 142 findings match
M1
Microsoft Azure SQL Managed Instance Security Technical Implementation Guide
V1R12025-10-071 of 84 findings match
M1
Web / Application Server
10 STIGs
Web / Application Server
10 STIGsApplication Security and Development Security Technical Implementation Guide
62025-02-124 of 286 findings match
M4
Application Security and Development Security Technical Implementation Guide
V6R42025-09-094 of 286 findings match
M4
Apache Server 2.4 Windows Server Security Technical Implementation Guide
32025-02-121 of 54 findings match
M1
Apache Server 2.4 Windows Server Security Technical Implementation Guide
V3R42026-02-251 of 49 findings match
M1
Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation Guide
V2R62024-12-061 of 68 findings match
M1
Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide
V2R62023-12-181 of 64 findings match
M1
Microsoft Exchange 2019 Edge Server Security Technical Implementation Guide
V2R22024-12-061 of 68 findings match
M1
Microsoft Exchange 2019 Mailbox Server Security Technical Implementation Guide
V2R32025-05-141 of 66 findings match
M1
Show 2 more STIGs in this category →Hide additional STIGs
Web Server Security Requirements Guide
42025-02-121 of 124 findings match
M1
Web Server Security Requirements Guide
V4R42025-09-101 of 126 findings match
M1
Virtualization / Container
6 STIGs
Virtualization / Container
6 STIGsContainer Platform Security Requirements Guide
22025-05-152 of 187 findings match
M2
Container Platform Security Requirements Guide
V2R42025-09-102 of 188 findings match
M2
Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide
22025-05-151 of 83 findings match
M1
Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide
V2R52025-12-041 of 83 findings match
M1
Virtual Machine Manager Security Requirements Guide
22024-12-061 of 193 findings match
M1
Virtual Machine Manager Security Requirements Guide
V2R32025-09-101 of 198 findings match
M1
Endpoint Security Management
8 STIGs
Endpoint Security Management
8 STIGsCentral Log Server Security Requirements Guide
32024-12-042 of 125 findings match
M1L1
Central Log Server Security Requirements Guide
V3R42026-02-122 of 127 findings match
M1L1
Intrusion Detection and Prevention Systems Security Requirements Guide
32025-05-191 of 58 findings match
M1
Intrusion Detection and Prevention Systems Security Requirements Guide
V3R42025-09-221 of 60 findings match
M1
Tanium 7.x Application on TanOS Security Technical Implementation Guide
V2R22025-02-111 of 75 findings match
M1
Tanium 7.x Security Technical Implementation Guide
V2R32025-05-141 of 98 findings match
M1
Xylok Security Suite 20.x Security Technical Implementation Guide
12024-12-131 of 19 findings match
H1
Xylok Security Suite 20.x Security Technical Implementation Guide
V1R22025-12-041 of 19 findings match
H1