The Security audit event selection family provides requirements related to the capabilities of identifying which of the possible auditable events are to be audited. The auditable events are defined in the FAU_GEN Security audit data generation family, but those events should be defined as being selectable in this component to be audited.
Application Notes
This family ensures that it is possible to keep the audit trail from becoming so large that it becomes useless, by defining the appropriate granularity of the selected security audit events.