HIPAA Windows Audit

Audit Details

Name: HIPAA Windows Audit

Updated: 4/25/2022

Authority: HIPAA

Plugin: Windows

Revision: 1.27

Estimated Item Count: 44

Audit Items

Description	Categories
HIPAA 164.308(a)(1)(ii)(D) - Information System Activity Review (R) 'Application Log Restrict Guest Access'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(1)(ii)(D) - Information System Activity Review (R) 'Maximum Application Log Size (KB)'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(1)(ii)(D) - Information System Activity Review (R) 'Maximum Security Log Size (KB)'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(1)(ii)(D) - Information System Activity Review (R) 'Maximum System Log Size (KB)'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(1)(ii)(D) - Information System Activity Review (R) 'Retain application log'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(1)(ii)(D) - Information System Activity Review (R) 'Retain security log'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(1)(ii)(D) - Information System Activity Review (R) 'Retain system log'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(1)(ii)(D) - Information System Activity Review (R) 'Security Log Restrict Guest Access'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(1)(ii)(D) - Information System Activity Review (R) 'System Log Restrict Guest Access'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(B) - Protection from Malicious Software (A) 'root\SecurityCenter'	SYSTEM AND INFORMATION INTEGRITY
HIPAA 164.308(a)(5)(ii)(B) - Protection from Malicious Software (A) 'root\SecurityCenter2'
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Application Group Management'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Audit Account Logon Events'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Audit Account Management'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Audit Logon Events'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'AUDIT_ACCOUNT_LOGON'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'AUDIT_ACCOUNT_MANAGER'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'AUDIT_LOGON'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Computer Account Management'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Credential Validation'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Distribution Group Management'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Kerberos Authentication Service'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Kerberos Service Ticket Operations'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Logon'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Other Account Logon Events'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Other Account Management'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Security Group Management'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'User Account Management'	AUDIT AND ACCOUNTABILITY
HIPAA 164.308(a)(5)(ii)(D) - Password Management (A) - Account Lockout Duration	ACCESS CONTROL
HIPAA 164.308(a)(5)(ii)(D) - Password Management (A) - Account Lockout Threshold	ACCESS CONTROL
HIPAA 164.308(a)(5)(ii)(D) - Password Management (A) - Enforce Password History	IDENTIFICATION AND AUTHENTICATION
HIPAA 164.308(a)(5)(ii)(D) - Password Management (A) - Maximum Password Age	IDENTIFICATION AND AUTHENTICATION
HIPAA 164.308(a)(5)(ii)(D) - Password Management (A) - Minimum Password Age	IDENTIFICATION AND AUTHENTICATION
HIPAA 164.308(a)(5)(ii)(D) - Password Management (A) - Minimum Password Length	IDENTIFICATION AND AUTHENTICATION
HIPAA 164.308(a)(5)(ii)(D) - Password Management (A) - Password Must Meet Complexity Requirements	IDENTIFICATION AND AUTHENTICATION
HIPAA 164.308(a)(5)(ii)(D) - Password Management (A) - Reset Account Lockout Counter After	ACCESS CONTROL
HIPAA 164.308(a)(5)(ii)(D) - Password Management (A) - Store Passwords Using Reversible Encryption	IDENTIFICATION AND AUTHENTICATION
HIPAA 164.312(a)(2)(iii) - Automatic Logoff (A): Terminate an electronic session after a predetermined time of inactivity 'AutoDisconnect'.	ACCESS CONTROL
HIPAA 164.312(a)(2)(iii) - Automatic Logoff (A): Terminate an electronic session after a predetermined time of inactivity 'FORCE_LOGOFF'	ACCESS CONTROL
HIPAA 164.312(a)(2)(iii) - Automatic Logoff (A): Terminate an electronic session after a predetermined time of inactivity 'MaxIdleTime'.	ACCESS CONTROL
HIPAA 164.312(a)(2)(iv) - Encryption and Decryption (A)	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
HIPAA 164.312(e)(1) - Transmission Security 'MSFtpsvc'	CONFIGURATION MANAGEMENT
HIPAA 164.312(e)(1) - Transmission Security 'Telnet'	CONFIGURATION MANAGEMENT
HIPAA 164.312(e)(1) - Transmission Security 'TFTPD'	CONFIGURATION MANAGEMENT

Detections

Analytics

HIPAA Windows Audit

Audit Details

Audit Items