ACR-10.10v1.0

Telemetry access controls SHALL prevent unauthorized viewing, modification, or deletion of operation

Domain

10 — Domain 10: Monitoring and Telemetry

Eval Method

AT+EIAT+EI

Risk Weight

4 / 10

Applicability

L1L2L3

Description#

Telemetry access controls SHALL prevent unauthorized viewing, modification, or deletion of operational logs.

Evaluation Method#

AT+EIAT+EI

Evaluation methodology as specified by the assigned method code.

v1.1 Details#

Profile Applicability

F,S,A,C

Evaluation Frequency

Annual

Platform Cert Eligible

Framework Crosswalk Refs

NIST SP 800-53 AU-9; ISO/IEC 27001 A.8.3

This is a conditional control. Non-compliance with this ACR may result in conditional certification with a mandated remediation period. The Authorized Verification Body will specify the remediation timeline and required evidence for the condition to be cleared. If remediation is not completed within the specified period, the conditional certification will be revoked.

← PreviousACR-10.09: Telemetry infrastructure SHALL NOT itself become a single point of failure for the autonomous system Next →ACR-10.11: Log collection latency SHALL NOT exceed defined maximum delay from event occurrence to log availabil

Telemetry access controls SHALL prevent unauthorized viewing, modification, or deletion of operation

Description#

Evaluation Method#

v1.1 Details#

Classification#