FAU_GEN.1 Audit data generation
User application notes
This component defines requirements to identify the auditable events for which audit records should be generated, and the information to be provided in the audit records.
FAU_GEN.1 by itself might be used when the TSP does not require that individual user identities be associated with audit events. This could be appropriate when the PP/ST also contains privacy requirements. If the user identity must be incorporated FAU_GEN.2 could be used in addition.
Evaluator application notes
There is a dependency on FPT_STM. If correctness of time is not an issue for this TOE, elimination of this dependency could be justified.
Operations
Selection:
For FAU_GEN.1.1b, the PP/ST author should select the level of auditable events called out in the audit section of other functional components included in the PP/ST. This level could be 'minimum', 'basic', 'detailed' or 'not specified'. If 'not specified' is selected, the PP/ ST author should fill in all desired auditable events in FAU_GEN.1.1c, and this part of the element (item b) can be removed entirely.
Assignment:
For FAU_GEN.1.1c, the PP/ST author should assign a list of other specifically defined auditable events to be included in the list of auditable events. These events could be auditable events of a functional requirement that are of higher audit level than requested in FAU_GEN.1.1b, as well as the events generated through the use of a specified Application Programming Interface (API).
For FAU_GEN.1.2b, the PP/ST author should assign, for each auditable events included in the PP/ST, a list of other audit relevant information to be included in audit event records.