NIST Special Publication 800-53 (Rev. 4)
Security and Privacy Controls for Federal Information Systems and Organizations
Session audits include, for example, monitoring keystrokes, tracking websites visited, and recording information and/or file transfers. Session auditing activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, or standards.
Related to: AC-3, AU-4, AU-5, AU-9, AU-11
SESSION AUDIT | SYSTEM START-UP
The information system initiates session audits at system start-up.
SESSION AUDIT | CAPTURE/RECORD AND LOG CONTENT
The information system provides the capability for authorized users to capture/record and log content related to a user session.
SESSION AUDIT | REMOTE VIEWING / LISTENING
The information system provides the capability for authorized users to remotely view/hear all content related to an established user session in real time.