July 21, 2023 2 min read

NIST SP 800-53 AU-1 Audit and Accountability Policy and Procedures

AU-1 requires organizations to develop, disseminate, and periodically review and update an audit and accountability policy and associated procedures that address the following:

  • Purpose: Defining the purpose and scope of the audit and accountability program, outlining the objectives, and establishing the organization's commitment to auditing and accountability practices.
  • Auditing and Monitoring: Detailing the types of events and activities that are subject to auditing and monitoring, including both user actions and system-related events.
  • Frequency: Specifying the frequency of audits and monitoring activities based on the organization's risk assessment and compliance requirements.
  • Retention: Defining the retention period for audit records, including storage, access, and protection mechanisms to ensure their integrity and confidentiality.
  • Response to Audit Findings: Describing the procedures for responding to audit findings, including corrective actions and remediation plans.
  • Access Restrictions: Stipulating access restrictions and permissions for individuals involved in the auditing and monitoring process, ensuring that access to audit data is appropriately controlled.
  • External Connections: Addressing the audit and accountability considerations for external connections, such as those to cloud service providers or other organizations.
  • Review and Update: Establishing a process for regularly reviewing and updating the audit and accountability policy and procedures to address changes in the organization's environment or evolving threats.

Reporting Requirements

Specifically, Per AU-1 of NIST SP 800-53, organizations are to “Develop, document, and disseminate...” an audit and accountability policy and procedure.. The keyword here is “document”, which means you need a policy and procedure for AU-1.

Additionally, per NIST SP 800-53, “Events that may precipitate an update to audit and accountability policy and procedures include assessment or audit findings, security incidents or breaches, or changes in applicable laws, executive orders, directives, regulations, policies, standards, and guidelines.”

How to Get Started

Start by downloading our world-class NIST RMF Security and Privacy Policies and Procedures templates at the Arlington Security Portal (ASP), which includes access to our assessment, authorization, and monitoring policy and procedures template.  Additionally, get access to more than 100 + NIST 800-53, Revision 5 policies, procedures, programs, and plans.   

About Arlington

We are Arlington, a team of innovative, solution-oriented, highly agile, and well-versed professionals with decades of experience in working with America’s defense industry. From emerging cybersecurity regulations to helping our clients solve complex security & compliance solutions – and so much more – you can trust Arlington, the firm that’s Dedicated to Defense®.  Learn more at arlingtonintel.com.