AU-14 SESSION AUDIT
Overview
| Number | Title | Impact | Priority | Subject Area |
|---|---|---|---|---|
| AU-14 | Session Audit | P0 | Audit And Accountability |
| Instructions |
|---|
| The information system provides the capability for authorized users to select a user session to capture/record or view/hear. |
| Guidance |
|---|
| Session audits include, for example, monitoring keystrokes, tracking websites visited, and recording information and/or file transfers. Session auditing activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, or standards. |
| Enhancements | ||||||
|---|---|---|---|---|---|---|
The information system initiates session audits at system start-up.
The information system provides the capability for authorized users to capture/record and log content related to a user session.
The information system provides the capability for authorized users to remotely view/hear all content related to an established user session in real time. |