AU-11-727 Audit Record Retention

Audit Record Retention

AU-11-727
Audit Record Retention
Audit and Accountability
Protect
Data Loss Prevention
LOW, MOD, HIGH
P3
Yes
August 18, 2016

Audit records shall be retained in accordance with the Agency records retention schedule.

Laws and regulations are violated due to data not being retained for the required duration of time or inappropriate data being stored.
The organization retains audit records for [Assignment: organization-defined time period consistent with records retention policy] to provide support for after-the-fact investigations of security incidents and to meet regulatory and organizational information retention requirements.
Data retention policies and procedures define the pre-determined period of time that records are maintained.
The state organization retains audit records to provide support for after-the-fact investigations of security incidents and to meet regulatory and organizational information retention requirements.
Obtain audit and accountability policy; procedures addressing audit record retention; organization-defined retention period for audit records; information system audit records; other relevant documents or records and ascertain if : (I)the organization defines the retention period for audit records generated by the information system; and (ii)the organization retains information system audit records for the organization-defined time period to provide support for after-the-fact investigations of security incidents and to meet regulatory and organizational information retention requirements.