a. Develop, document, and disseminate to [Assignment: organization-defined personnel or roles]: 1. [Selection (one or more): organization-level; mission/business process-level; system-level] audit and accountability policy that: (a) Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (b) Is consistent with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines; and 2. Procedures to facilitate the implementation of the audit and accountability policy and the associated audit and accountability controls; b. Designate an [Assignment: organization-defined official] to manage the development, documentation, and dissemination of the audit and accountability policy and procedures; and c. Review and update the current audit and accountability: 1. Policy [Assignment: organization-defined frequency] and following [Assignment: organization-defined events]; and 2. Procedures [Assignment: organization-defined frequency] and following [Assignment: organization-defined events].
| ID | Name | Description | D3FEND | |
| CM0088 | Organizational Policy | Documenting cyber security policies is crucial for several reasons, paramount among them being the establishment of a clear, consistent framework for managing and protecting an organization's information assets. Such documentation serves as a foundational guideline that outlines the principles, procedures, and responsibilities that govern the security of information. Having well-documented security policies ensures that everyone in the organization, from the top management to the newest employee, is on the same page regarding security expectations and behaviors. It provides a reference point for all staff, helping them understand their roles and responsibilities in safeguarding sensitive data. By clearly defining what is expected, employees are better equipped to follow best practices and avoid actions that could compromise security. These policies act as a guide for implementing technical controls and security measures. They inform the selection, development, and maintenance of security tools and protocols, ensuring that there is a methodical approach to securing the organization's digital assets. In the event of a security incident, having a documented policy in place provides a roadmap for response and recovery, reducing the time and resources spent in mitigating the issue. As cybersecurity in space is an area where regulatory compliance is becoming increasingly stringent, having documented information security policies is often a legal or regulatory requirement, and not simply a best practice. | ||
| ID | Description | |
| SPARTA ID | Requirement | Rationale/Additional Guidance/Notes |
|---|---|---|
| SPR-365 | The [organization] shall develop and maintain Audit and Accountability policy that specifies, at a minimum: the methods and procedures for auditing on-board events; the processes for capturing, recording, and reviewing audit logs; the criteria for audit event selection, frequency of audits, and data retention; the responsibilities for audit management and review.{SV-DCO-1}{AU-1} | Clear audit policy defines expectations for logging and review. Structured retention ensures forensic capability. Defined criteria strengthen monitoring consistency. Accountability deters misuse. |
| SPR-366 | The [organization] shall identify the applicable audit and accountability policies that cover the information on the spacecraft. {SV-DCO-1}{AU-1} | Ensuring policy applicability prevents coverage gaps. Alignment ensures consistent governance. Comprehensive audit scope strengthens detection capability. Policy clarity supports enforcement. |
| SPR-523 | The [organization] shall define and implement a common audit schema for flight and ground that supports event tiering, consistent identifiers/time bases, and dynamic elevation/suppression of categories by phase/mode; ground aggregators shall normalize and integrity‑check records.{SV-DCO-1}{AU-1,AU-6,AU-12} | Normalization supports cross-domain correlation. Tiered categories enable adaptive visibility. Integrity checks prevent log injection. Structured schema strengthens systemic monitoring. |
| ID | Name | Description | |
|---|---|---|---|