Audit Monitoring, Analysis, and Reporting

Automated Inspection items for NIST SP 800-53 AU-6 assessment.

Automated Inspection items are efficient enough that they can usually be part of a CA-7 Continuous Monitoring program on a daily (or in some cases hourly) basis, simultaneously meeting the requirements of RA-5 Vulnerability Scanning. While NIST 800-53 allows Continuous Monitoring results to be used for CA-2 Security Assessments and CA-4 Security Certification, a separate run using the same automated Inspection items in combination with more laborious items for CA-2 and CA-4 adds no significant burden.

Depending on FIPS 199 impact level and whether the Industrial Control Systems (ICS/SCADA) subset of 800-53 is chosen,  LJK/Security™ starter templates provide automated Inspection items as follows:

Interview questions for NIST SP 800-53 AU-6 assessment.

Interview questions are useful mainly for CA-2 Security Assessments and CA-4 Security Certification. For most environments they are too laborious to include in CA-7 Continuous Monitoring.

Depending on FIPS 199 impact level and whether the Industrial Control Systems (ICS/SCADA) subset of 800-53 is chosen,  LJK/Security™ starter templates provide Interview questions in the following groups:

Manual Inspection items for NIST SP 800-53 AU-6 assessment.

Manual Inspection items are useful mainly for CA-2 Security Assessments and CA-4 Security Certification. For most environments they are too laborious to include in CA-7 Continuous Monitoring.

Depending on FIPS 199 impact level and whether the Industrial Control Systems (ICS/SCADA) subset of 800-53 is chosen,  LJK/Security™ starter templates provide Manual Inspection items in the following groups:

Manual Invasive Testing items for NIST SP 800-53 AU-6 assessment.

Manual Invasive Testing items are useful mainly for CA-2 Security Assessments and CA-4 Security Certification. For most environments they are too laborious to include in CA-7 Continuous Monitoring. The level of effort required and the degree of invasiveness are so high (in most cases making up for lack of Common Criteria evaluation) that arrangement as a Common Control is almost always a requirement for execution.

Depending on FIPS 199 impact level and whether the Industrial Control Systems (ICS/SCADA) subset of 800-53 is chosen,  LJK/Security™ starter templates provide Manual Invasive Testing items in the following groups: