Control: The information system provides the capability for authorised users to select a user session to capture/record or view/hear.
Supplemental Guidance: Session audits include, for example, monitoring keystrokes, tracking websites visited, and recording information and/or file transfers. Session auditing activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, or standards.
Session Audit Control Enhancements:
AU-14 (1) Session Audit - System start-up
The information system initiates session audits at system start-up.
AU-14 (2) Session Audit - Capture/ record and log content
The information system provides the capability for authorised users to capture/record and log content related to a user session.
AU-14 (2) Session Audit - Remote viewing / listening
The information system provides the capability for authorised users to remotely view/hear all content related to an established user session in real time.