CMMC Practice Requirement:

Review audit logs.

CMMC Requirement Explanation:

By periodically reviewing audit logs you can identify security incidents in your environment.

Example CMMC Implementation:

Determine a time in which you periodically (e.g. weekly) review system logs to identify security incidents. Create a list systems and and event types to review.

Scenario(s):

- Scenario 1:

Example:

Alice is a system administrator at a small company. She has a list of key systems whose audit logs she wants to review. She also has a list of event types and IDs she wants to review. Alice sets a side time every week to log into her listed systems to review their audit logs.
An example of the security logs captured by a Windows system.
An example of the security logs captured by a Windows system.
 

Discover Our NIST SP 800-171 Solutions:

 /assets/images/compliance_accelerator_white.png

Compliance Accelerator

For contractors seeking compliance
 /assets/images/quantum_assessor_white.png

Quantum Assessor

For IT service providers
 /assets/images/supply_chain_logo_white.png

Supply Chain Verifier

For contractors seeking to verify partner compliance