Audit and Accountability - Level 2
CMMC AU.2.044 - Review Audit Logs
Requirement text: AU.2.044: Review audit logs. DISCUSSION FROM SOURCE: CMMC Reviewing audit logs is a common control in information security. Organizations have the flexibility to determine which logs and specific events to review. The level of audit ...
CMMC AU.2.043 - Synchronize System Clocks
Requirement text: AU.2.043: Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 Internal system ...
CMMC AU.2.042 - Retain System Audit Logs
Requirement text: AU.2.042: Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity. DISCUSSION FROM SOURCE: DRAFT NIST SP ...
CMMC AU.2.041 - Ensure System User Attribution
Requirement text: AU.2.041: Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171 R2 This requirement ensures that the ...