![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
PD-0057: Is It Necessary To Repeat The List Of Audit Information in FAU_GEN.1
This decision represents a long-term technical decision based on an OD, and may not be the same as the final results of the source OD. With respect to published criteria documentation and scheme documents, it provides suggested guidance on evaluation direction, but is not authoritative. Authoritative decisions are provided through the published criteria documents and published scheme and international interpretations thereof. With respect to published PPs, PDs are authoritative corrections to the PP, based on input from the PP author (if available), that are in force until the publication of the next revision of that PP.
| Effective Date: | 2002-08-13 |
| Last Modified | 2006-08-02 |
Issue
Should the list of audit information specified in the security functional requirement (SFR) of FAU_GEN.1 be fully repeated in full detail in the SFR of FAU_SAR.1?
Resolution
When employing the SFR, FAU_SAR.1, it is not necessary to repeat, in full detail, the list of audit information first specified in FAU_GEN.1. Use of terms such as "all" or "all audit information" assist in eliminating ambiguity and the further need for comparative analysis between the two security requirements.
Support
Part 2 of the CC, specifically section C.4 indicates that the use of the terms such as "all," "subject identity," and "all information belonging to audit records referencing this user" are acceptable substitutions for a redisplay of the full details of the audit information.
Employing this shorthand verbiage also serves to:
- eliminate ambiguity,
- reduce the need to undertake a comparative process in order to determine completeness, and
- reduce time and overall cost in the PP/ST evaluation process.
This observation is not a compliance issue with respect to CC requirements. While use of the term "all" or "all audit information" reduces or eliminates the need to compare the audit information of the two security requirements, the PP/ST author is free to choose their own conveyance method.
In fact, in some cases, the PP/ST author may choose to repeat all the audit information, and additionally separate the type of information viewable or retrievable based on roles articulated in the FMT_SMR.1 security requirement. In this instance, iteration of FAU_SAR would be appropriate.
Modification History:
- 2004-08-12
- Updated effective date to reflect the date the PD was issued. (August 2004 NIB 6.c.xiv)
References:
- CAPPv1.a
Related NIs:
- None
Related CCIMB-INTERPs:
- None
Source OD: 0045