HITRUST CSF 01.0 Access Control

The HITRUST Common Security Framework (CSF) reports provide available documentation and compliance artifacts that help you demonstrate compliance with HITRUST CSF control categories, as outlined in the HITRUST Risk Management Framework.

The HITRUST CSF 01.0 Access Control report describes how to use and access log searches and the list of users with access to security functions and access logs in the Alert Logic console that help demonstrate compliance with Control Category 01.0.

To access the HITRUST CSF 01.0 report:

  1. In the Alert Logic console, click the menu icon (), and then click Validate.
  2. Click Reports, and then click Compliance.
  3. Under HITRUST CSF, click VIEW.
  4. Click HITRUST CSF 01.0 Access Control.

The report summary page displays two columns. Control References lists each procedure that is required to meet the selected control objective. Available Documentation and Artifacts describes, and contains links to, the documentation and compliance artifacts that can demonstrate compliance with each testing procedure.

Filter the report

To refine your findings, you can filter your report by date range and customer account.

Filter the report using drop-down menus

By default, Alert Logic includes (All) values for most filters in the report.

To add or remove filter values:

  1. Click the drop-down menu in the filter, and then select or clear values.
  2. Click Apply.

Schedule the report

After you finish setting up the report, you can use CREATE REPORT to run it periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. To learn how to schedule the report and subscribe notification recipients, see Scheduled Reports and Notifications.

Available Documentation and Artifacts

This report provides access to log searches and a list of users that help you demonstrate compliance with Control Category 01.0 Access Control. This control objective requires authorized user accounts to be registered, tracked, and periodically validated to prevent unauthorized access to information systems.

Control Reference 01.b User Registration (Level 1 Implementation Requirements)

Compliance with Control Reference 01.b User Registration requires your organization to have access control procedure for user registration and de-registration as outlined in the in the HITRUST Risk Management Framework.

This section provides you with a link to the Alert Logic Log Search page where you can search logs for message types related to changing user accounts and groups. You can use this information to demonstrate that there is a procedure for granting and revoking access of user registration and de-registration.

The report page includes a link to an Alert Logic Knowledge Base article that contains the recommended log search statements you can use on the Alert Logic Log Search page. You can use the log search statements to gather the supporting documentation that illustrates compliance with Control Reference 01.b User Registration.

Control Reference 01.c Privilege Management (Level 1 Implementation Requirements)

Compliance with Control Reference 01.c Privilege Management requires that your organization at minimum, explicitly authorizes access to security functions (deployed in hardware, software, and firmware) and security-relevant information that are outlined in the HITRUST Risk Management Framework. An authorization process and a record of all privileges allocated are maintained.

This section provides you with a link for quick access to a list of users in the Alert Logic console that have authorized access to security function and security-relevant access logs.