KSI-MLA-ALAImplementation guide coming soonAuthorizing Log Access
MLA — Monitoring, Logging, and Auditing
NIST 800-53: si-11
- Who this is for
- Cloud service providers
- Service class
- Varies: B, C
- Implementation guidance
- Official source only
- Evidence automation
- Not published
Reviewed implementation guidance for KSI-MLA-ALA is not published yet. The official source below remains complete and authoritative.
Official FedRAMP source
Verbatim from FedRAMP/rules
Class B
**Optional:** A least-privileged, role and attribute-based, and just-in-time access authorization model is used and persistently reviewed for access to log data based on organizationally defined data sensitivity.
Class C
A least-privileged, role and attribute-based, and just-in-time access authorization model is used and persistently reviewed for access to log data based on organizationally defined data sensitivity.
Content provenance
Official requirement text is sourced from FedRAMP/rules . Boundera implementation guidance has not been fully reviewed for this item.