V-222499
SV-222499r961446_rule
CAT II
The application must record time stamps for audit records that meet a granularity of one second for a minimum degree of precision.
From: Application Security and Development Security Technical Implementation Guide (V6R4)
Description
<VulnDiscussion>Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records.
Time stamps generated by the application include date and time. Granularity of time measurements refers to the degree of synchronization between information system clocks and reference clocks.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Review the system documentation and interview the application administrator to determine where application audit logs are written and how time stamps are recorded.
If the application utilizes the underlying OS for time stamping and time synchronization when writing the audit logs, this requirement is not applicable.
Access and review log files over a period of at least 10 minutes; compare time stamps written in the application log to the system clock to ensure time is synchronized to within 1 second of precision.
If the application audit log time stamps differ from the OS time source by more than one second, this is a finding.
Fix Text
Configure the application to leverage the underlying operating system as the time source when recording time stamps or design the application to ensure granularity of 1 second as the minimum degree of precision.
CCI Reference
CCI-001889- Created
- 2026-04-07 20:08:09
- Last Updated
- 2026-04-07 20:08:09