![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
PD-0010: Site-Configurable Prevention Of Audit Loss
This decision represents a long-term technical decision based on an OD, and may not be the same as the final results of the source OD. With respect to published criteria documentation and scheme documents, it provides suggested guidance on evaluation direction, but is not authoritative. Authoritative decisions are provided through the published criteria documents and published scheme and international interpretations thereof. With respect to published PPs, PDs are authoritative corrections to the PP, based on input from the PP author (if available), that are in force until the publication of the next revision of that PP.
| Effective Date: | 2002-03-11 |
| Last Modified | 2006-08-02 |
Issue
The FAU_STG family does not support a way for the administrator to specify that the actions taken by the TSF to prevent audit data loss when the audit trail is full can be site-selectable. Instead, the FAU_STG.4.1 element explicitly states the actions to be taken by the TSF when the audit log is full. This wording implicitly prevents a site from selecting the actions taken to prevent loss of audit data.
Resolution
This issue is addressed by I-0414.
Modification History:
- 2004-08-12
- Updated effective date to reflect the date the PD was issued. (August 2004 NIB 6.c.xiv)
References:
- CAPPv1.a
Related NIs:
- I-0348: Audit Data Loss Prevention Method May Be Site-Selectable
- I-0387: Auditing Of Audit Storage Failures
- I-0414: Site-Configurable Prevention Of Audit Loss
Related CCIMB-INTERPs:
- None
Source OD: 0050