// Level 3 · Controls

Audit and Accountability

Create, protect, and review audit records.

Create and retain system audit logs and records to enable monitoring, analysis, investigation, and reporting.

Ensure that the actions of individual system users can be uniquely traced.

Review and update logged events.

Alert in the event of an audit logging process failure.

Correlate audit record review, analysis, and reporting processes for investigation.

Provide audit record reduction and report generation to support analysis.

Provide a system capability that compares and synchronizes internal clocks with an authoritative source.

Protect audit information and audit logging tools from unauthorized access, modification, and deletion.

Limit management of audit logging functionality to a subset of privileged users.