AU — AUDIT AND ACCOUNTABILITY

AU-14: SESSION AUDIT

The information system provides the capability for authorized users to select a user session to capture/record or view/hear.

SUPPLEMENTAL GUIDANCE

Session audits include, for example, monitoring keystrokes, tracking websites visited, and recording information and/or file transfers. Session auditing activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, or standards.

CONTROL ENHANCEMENTS

AU-14 (1) SESSION AUDIT | SYSTEM START-UP

The information system initiates session audits at system start-up.

Supplemental Guidance: NONE

AU-14 (2) SESSION AUDIT | CAPTURE/RECORD AND LOG CONTENT

The information system provides the capability for authorized users to capture/record and log content related to a user session.

Supplemental Guidance: NONE

AU-14 (3) SESSION AUDIT | REMOTE VIEWING/LISTENING

The information system provides the capability for authorized users to remotely view/hear all content related to an established user session in real time.

Supplemental Guidance: NONE

REFERENCES:

NO REFERENCES

AU — AUDIT AND ACCOUNTABILITY

AU-14: SESSION AUDIT

SUPPLEMENTAL GUIDANCE

RELATED CONTROLS: AU-14

CONTROL ENHANCEMENTS

AU-14 (1) SESSION AUDIT | SYSTEM START-UP

AU-14 (2) SESSION AUDIT | CAPTURE/RECORD AND LOG CONTENT

AU-14 (3) SESSION AUDIT | REMOTE VIEWING/LISTENING

REFERENCES: