3.3.4—Audit and Accountability - Derived
Derived Requirement
>Control Description
Alert in the event of an audit logging process failure.
>Discussion
Audit logging process failures include software and hardware errors, failures in the audit record capturing mechanisms, and audit record storage capacity being reached or exceeded. This requirement applies to each audit record data storage repository (i.e., distinct system component where audit records are stored), the total audit record storage capacity of organizations (i.e., all audit record data storage repositories combined), or both.
>Cross-Framework Mappings
>Assessment Interview Topics
Questions assessors commonly ask
Process & Governance:
- •What documented policies and procedures address audit and accountability - derived for CUI systems?
- •Who is accountable for implementing and maintaining audit and accountability - derived controls?
- •How frequently are audit and accountability - derived requirements reviewed, and what triggers updates?
- •What process ensures changes to systems maintain compliance with audit and accountability - derived requirements?
- •How are exceptions to audit and accountability - derived requirements documented and approved?
Technical Implementation:
- •What technical controls enforce audit and accountability - derived in your CUI environment?
- •How are audit and accountability - derived controls configured and maintained across all CUI systems?
- •What automated mechanisms support audit and accountability - derived compliance?
- •How do you validate that audit and accountability - derived implementations achieve their intended security outcome?
- •What compensating controls exist if primary audit and accountability - derived controls cannot be fully implemented?
Evidence & Documentation:
- •What documentation proves audit and accountability - derived is implemented and operating effectively?
- •Can you provide configuration evidence showing how audit and accountability - derived is technically enforced?
- •What audit logs or monitoring data demonstrate ongoing audit and accountability - derived compliance?
- •Can you show evidence of a recent review or assessment of audit and accountability - derived controls?
- •What artifacts would you provide to a CMMC assessor to demonstrate audit and accountability - derived compliance?
Ask AI
Configure your API key to use AI features.