AU-6c
AU
Applications and Websites
Progress Bar
Progress Bar
Progress Bar
The Data.gov Audit Log Management Policy provides guidance on Audit Monitoring and retention for the Data.gov program and states the Following:
Audit Monitoring, Analysis and Reporting
- 18F establishes processes for regularly reviewing audit log information, and reporting security issues if discovered. Reviews will occur at a minimum of weekly. These processes should be integrated with processes for incident response, in order to ensure standardization and cross-functional collaboration
- 18F employs automated mechanisms to integrate audit monitoring, analysis and reporting into an overall process for investigation and response to suspicious activities.
- 18F employs automated mechanisms to immediately alert security personnel of inappropriate or unusual activities that have security implications.
Audit Retention
- Data.gov retains audit logs according to FedRAMP and FISMA retention policy to provide support for after-the-fact investigations of security incidents and to meet regulatory and organizational information retention requirements.
- The log management framework will provide the capability to retain logs for 90 days online and one-year offline, with sufficient capacity as to mitigate the risk of exceeding storage space.
- Specific Policies, Procedures, Points of Contact, and Guidance will be established between 18F and GSA to support after-the-fact investigations, by the Data.gov Project Lead.