Re: I-0387: Auditing Of Audit Storage Failures
- Subject: Re: I-0387: Auditing Of Audit Storage Failures
- From: "NIAP Interpretations Board" <firstname.lastname@example.org>
- Date: Tue, 21 Dec 2004 07:47:27 -0800
- Content-description: Mail message body
- Content-transfer-encoding: 7BIT
- Content-type: text/plain; charset=US-ASCII
- Priority: normal
"Arnold, James L. Jr." <JAMES.L.ARNOLD.JR@saic.com> wrote:
> I am a little confused about which requirement this applies to.
> FAU_STG.4 is about what happens when the audit trail becomes full. If
> events are overwritten or ignored, for example, I don't see the problem.
> I would tend to think PPs would require what they want and STs would
> claim what they do. Is there an expectation that this event needs to
> be generated in the first place?
There seems to be a bit of a misunderstanding here.
I-0387 will be updated so that the Issue more clearly explains that the cause
of the problem is the Audit section that identifies the auditable events for
each of the Part 2 requirements. For FAU_STG.4, this Audit section (paragraph
136, CCv2.1 Part 2) says that audit storage failures need to be audited, which
prompts the question of where this audit record is to be stored.
Date Index |
Thread Index |
Problems or questions? Contact email@example.com