UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Audit data must be retained for at least one year.


Overview

Finding ID Version Rule ID IA Controls Severity
WN12-AU-000201 WN12-AU-000201 WN12-AU-000201_rule Medium
Description
Audit records are essential for investigating system activity after the fact. Retention periods for audit data are determined based on the sensitivity of the data handled by the system.
STIG Date
Microsoft Windows Server 2012 Member Server Security Technical Implementation Guide 2013-07-25

Details

Check Text ( C-WN12-AU-000201_chk )
Determine whether the organization has a policy that requires audit data to be retained for at least one year. If the data is not retained for this period, this is a finding.
Fix Text (F-WN12-AU-000201_fix)
Establish a policy that will ensure the retention of audit data for at least one year. Ensure the audit retention policy is implemented.