The mobile operating system must allow organizational personnel through mobile device management services to select which auditable events are to be audited by the mobile operating system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-32980	SRG-OS-000063-MOS-000031	SV-43378r3_rule		Medium

Description
The list of audited events is the set of events for which audits are to be generated. This set of events is typically a subset of the list of all events for which the system is capable of generating audit records (i.e., auditable events). Organizations will define the organizational personal accountable for selecting auditable events. The mobile operating system must allow the designated personnel to select the items to be audited through mobile device management services. Rationale for non-applicability: It is unnecessary for the mobile operating system to perform this function because all the necessary selections and filtering can be performed by the MDM or audit system that retrieves the logs from the device.

Description

The list of audited events is the set of events for which audits are to be generated. This set of events is typically a subset of the list of all events for which the system is capable of generating audit records (i.e., auditable events). Organizations will define the organizational personal accountable for selecting auditable events. The mobile operating system must allow the designated personnel to select the items to be audited through mobile device management services. Rationale for non-applicability: It is unnecessary for the mobile operating system to perform this function because all the necessary selections and filtering can be performed by the MDM or audit system that retrieves the logs from the device.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41279r2_chk )
This requirement is NA for the Mobile OS SRG.

Fix Text (F-36894r2_fix)
The requirement is NA. No fix is required.