CMMC 2.0 • LEVEL 1 • AUDIT & ACCOUNTABILITY

AU.L1-3.3.5Audit Record Review, Analysis, and Reporting

Review and analyze system audit records minimum 1 year total, with at least 90 days immediately accessible onlineCMMC/STIG for indications and the potential impact of inappropriate or unusual activity. Report findings to organizational personnel or roles. Analyze and correlate audit records across different repositories to gain organization-wide situational awareness.

NIST 800-171 Mapping

NIST 800-53 Controls

AU-8

Assessment Objectives

  • system audit records are reviewed and analyzed minimum 1 year total, with at least 90 days immediately accessible onlineCMMC/STIG for indications and the potential impact of inappropriate or unusual activity.
  • findings are reported to organizational personnel or roles.
  • audit records across different repositories are analyzed to gain organization-wide situational awareness.
  • audit records across different repositories are correlated to gain organization-wide situational awareness.

Practitioner Notes

Practitioner commentary coming soon.

Related CMMC 2.0 Practices

AU.L2-3.3.1 Event Logging AU.L2-3.3.2 Audit Record Content AU.L2-3.3.3 Audit Record Generation AU.L2-3.3.4 Response to Audit Logging Process Failures