Detections
Analytics

800-53|SI-12

Title

INFORMATION HANDLING AND RETENTION

Description

The organization handles and retains information within the information system and information output from the system in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and operational requirements.

Supplemental

Information handling and retention requirements cover the full life cycle of information, in some cases extending beyond the disposal of information systems. The National Archives and Records Administration provides guidance on records retention.

Reference Item Details

Related: AC-16,AU-11,AU-5,MP-2,MP-4

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Priority: P2

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.19 Ensure that all the expired SSL/TLS certificates stored in AWS IAM are removedamazon_awsCIS Amazon Web Services Foundations L1 2.0.0
2.1.2 Ensure 'Retain deleted items for the specified number of days' is set to '14'WindowsCIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0
2.1.3 Ensure all data in Amazon S3 has been discovered, classified and secured when required.amazon_awsCIS Amazon Web Services Foundations L2 2.0.0
2.1.5 Ensure 'Keep deleted mailboxes for the specified number of days' is set to '30'WindowsCIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0
2.1.6 Ensure 'Do not permanently delete items until the database has been backed up' is set to 'True'WindowsCIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0
2.4 Set 'Keep deleted mailboxes for the specified number of days' to '30'WindowsCIS Microsoft Exchange Server 2016 Mailbox v1.0.0
2.4 Set 'Keep deleted mailboxes for the specified number of days' to '30'WindowsCIS Microsoft Exchange Server 2013 Mailbox v1.1.0
3.1.21 Establish retention set size for backupsUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.21 Establish retention set size for backupsUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.2.1 Ensure DLP policies are enabledmicrosoft_azureCIS Microsoft 365 Foundations E3 L1 v3.0.0
3.2.2 Ensure DLP policies are enabled for Microsoft Teamsmicrosoft_azureCIS Microsoft 365 Foundations E5 L1 v3.0.0
3.2.11 Establish retention set size for backups - 'num_db_backups <= 100'UnixCIS IBM DB2 OS L2 v1.2.0
6.4 Disable Form Fill AssistanceWindowsCIS Mozilla Firefox 102 ESR Windows L2 v1.0.0
6.4 Disable Form Fill AssistanceUnixCIS Mozilla Firefox 102 ESR Linux L2 v1.0.0
8.1 Ensure that the Expiration Date is set for all Keys in RBAC Key Vaultsmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L1
8.2 Ensure that the Expiration Date is set for all Keys in Non-RBAC Key Vaults.microsoft_azureCIS Microsoft Azure Foundations v2.0.0 L1
8.3 Ensure that the Expiration Date is set for all Secrets in RBAC Key Vaultsmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L1
8.4 Ensure that the Expiration Date is set for all Secrets in Non-RBAC Key Vaultsmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L1
8.6.1 Ensure nonpersistent disks are limitedVMwareCIS VMware ESXi 7.0 v1.3.0 Level 2
8.6.1 Ensure nonpersistent disks are limitedVMwareCIS VMware ESXi 6.7 v1.3.0 Level 2
8.8 Ensure Automatic Key Rotation is Enabled Within Azure Key Vault for the Supported Servicesmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L2
18.8.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
18.8.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
18.8.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
18.8.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
18.8.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
18.8.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
18.8.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
18.8.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v2.0.0 L1
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 EMS Gateway v2.0.0 L1
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL + NG
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + NG
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v2.0.0 L1 + BL
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + NG
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 11 Stand-alone v2.0.0 L1
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 11 Stand-alone v2.0.0 L1 + BL
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL + NG
18.10.57.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' - DisabledWindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL
18.10.58.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL
18.10.58.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 11 v2.0.0 L1 + NG
18.10.58.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL + NG
18.10.58.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 11 v2.0.0 L1
18.10.58.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 v2.0.0 L1
18.10.58.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 v2.0.0 L1 + BL + NG
18.10.58.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 v2.0.0 L1 + BL
18.10.58.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 v2.0.0 L1 + NG