AU-14 - Session Audit
Control requirements
- AU-14 - 0
- The information system provides the capability for authorized users to select a user session to capture/record or view/hear.
Implementation guidance
See the resources that follow to learn more about how to implement this control.
NIST supplemental guidance
Session audits include, for example, monitoring keystrokes, tracking websites visited, and recording information and/or file transfers. Session auditing activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, or standards.