DISA Control Correlation Identifier (CCI)

CCI-000125 requires that “The organization provides a rationale for why the list of auditable events is deemed to be adequate...

CCI-000126 requires that “The organization determines that the organization-defined subset of the auditable events defined in AU-2 are to be...

CCI-000127 requires that “The organization reviews and updates the list of organization-defined audited events on an organization-defined frequency.” This Control...

CCI-000128 requires that “The organization includes execution of privileged functions in the list of events to be audited by the...

CCI-000129 requires that “The organization defines in the auditable events that the information system must be capable of auditing based...

CCI-000130 requires that “The information system generates audit records containing information that establishes what type of event occurred.” This Control...

CCI-000131 requires that “The information system generates audit records containing information that establishes when an event occurred.” This Control Correlation...

CCI-000132 requires that “The information system generates audit records containing information that establishes where the event occurred.” This Control Correlation...

CCI-000133 requires that “The information system generates audit records containing information that establishes the source of the event.” This Control...

CCI-000118 requires that “The organization disseminates a formal, documented, audit and accountability policy to elements within the organization having associated...