UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Email audit records must be retained for 1 year.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18879 EMG3-071 EMail SV-20671r2_rule ECRR-1 Medium
Description
Audit data retention serves as a history that can aid in determining actions executed by users and administrators. Reasons for such research include both malicious actions that may have been perpetrated, as well as legal evidence that might be needed for proof of activity. Audit data records are required to be retained for a period of 1 year.
STIG Date
Email Services Policy STIG 2013-12-11

Details

Check Text ( C-22681r3_chk )
Access EDSP documentation that describes data retention for audit records. Examine artifacts that demonstrate audit data retention for a period of 1 year.

If email audit records are retained for required time period (1 year), this is not a finding.
Fix Text (F-19478r2_fix)
Create a process that details email audit record retention for required time period of 1 year. Document the process in the EDSP.