NIST 800-53 Audit and Accountability Compliance for Private Mendix Platform
Last modified: June 2, 2026
Introduction
Documents in this section provide more information about Private Mendix Platform's compliance with the Audit and Accountability (AU) category of the NIST 800-53 security framework. For each applicable control, we have listed which party (Mendix or the customer) is responsible for which component or aspect.
In general, Mendix is responsible for the Private Mendix Platform, Mendix Operator, Mendix Studio Pro, Mendix Runtime, and so on. Customer responsibilities are related to infra and organization processes. For more information, refer to detailed documentation below.
- AU-02 (03) Audit Events Reviews And Updates
- AU-03 Content Of Audit Records
- AU-03 (01) Content Of Audit Records - Additional Audit Information
- AU-04 Audit Storage Capacity
- AU-04 (01) Audit Storage Capacity - Transfer To Alternate Storage
- AU-05 Email Notifications
- AU 06 (01) Audit Review, Analysis, And Reporting - Process Integration
- AU 06 (04) Audit Review, Analysis, And Reporting - Process Integration
- AU-06 (10) Audit Review, Analysis, And Reporting - Audit Level Adjustment
- AU-07 Audit Reduction And Report Generation
- AU-07 (01) Audit Reduction And Report Generation - Automatic Processing
- AU-08 Time Stamps
- AU-09 Protection Of Audit Information