AU-09 Protection Of Audit Information
Control: The information system protects audit information and audit tools from unauthorized access, modification, and deletion.
Supplemental Guidance: Audit information includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity.
Control Enhancements: (1) The information system produces audit records on hardware-enforced, write-once media.
Baseline: LOW AU-9 MOD AU-9 HIGH AU-9
Family: Audit And Accountability
Class: Technical
ISO 17799 mapping: 10.10.3, 15.1.3, 15.3.2
COBIT 4.1 mapping: None.
PCI-DSS v2 mapping: 10.5