Back to Control Families

Audit and Accountability

9 controls in this family. Select a control for detailed guidance, implementation examples, and assessment questions.

3.3.1

Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity

3.3.2

Ensure that the actions of individual system users can be uniquely traced to those users, so they can be held accountable for their actions.

3.3.3

Review and update logged events.

3.3.4

Alert in the event of an audit logging process failure.

3.3.5

Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity.

3.3.6

Provide audit record reduction and report generation to support on-demand analysis and reporting.

3.3.7

Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records

3.3.8

Protect audit information and audit logging tools from unauthorized access, modification, and deletion.

3.3.9

Limit management of audit logging functionality to a subset of privileged users.

Need Complete CMMC Guidance?

Get full access to all controls, detailed implementation guidance, and expert support.

Request Full Access