SI-7(8): Auditing Capability for Significant Events
Upon detection of a potential integrity violation, provide the capability to audit the event and initiate the following actions: [Selection (one or more): generate an audit record; alert current user; alert [Assignment: organization-defined personnel or roles]; [Assignment: organization-defined other actions]].
Implementation
Description
Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations.