CMMC 2.0 • LEVEL 2 • AUDIT & ACCOUNTABILITY

AU.L2-3.3.4Response to Audit Logging Process Failures

Alert organizational personnel or roles within weekly for routine review, with automated daily alerting for security-relevant eventsCMMC/STIG in the event of an audit logging process failure. Take the following additional actions: the ISSO or designated Security Operations Center (SOC) personnelCMMC/STIG.

NIST 800-171 Mapping

NIST 800-53 Controls

AU-7

Assessment Objectives

  • organizational personnel or roles are alerted in the event of an audit logging process failure within weekly for routine review, with automated daily alerting for security-relevant eventsCMMC/STIG.
  • the following additional actions are taken: the ISSO or designated Security Operations Center (SOC) personnelCMMC/STIG.

Practitioner Notes

Practitioner commentary coming soon.

Related CMMC 2.0 Practices

AU.L2-3.3.1 Event Logging AU.L2-3.3.2 Audit Record Content AU.L2-3.3.3 Audit Record Generation AU.L1-3.3.5 Audit Record Review, Analysis, and Reporting