CMMC Level 2

Audit and Accountability Controls

Controls for creating, protecting, and retaining system audit records to enable monitoring, analysis, investigation, and reporting of unlawful or unauthorized activity.

CMMC-RP Certified Team 9 Controls in Family 3.3 24+ Years Experience

About the Audit and Accountability Family (AU)

Controls for creating, protecting, and retaining system audit records to enable monitoring, analysis, investigation, and reporting of unlawful or unauthorized activity. This family contains 9 security requirements that organizations must implement to achieve CMMC Level 2 certification and protect Controlled Unclassified Information (CUI). Petronella Technology Group's CMMC-RP certified team provides expert guidance on implementing every control in this family.

CMMC Level 2 - Audit and Accountability Controls

All 9 Audit and Accountability controls with CMMC-focused implementation guidance.

3.3.1Create and Retain System Audit Logs 3.3.2Individual Accountability for Audited Events 3.3.3Review and Update Audited Events 3.3.4Alert on Audit Logging Process Failure 3.3.5Correlate Audit Record Review and Reporting 3.3.6Audit Record Reduction and Report Generation 3.3.7Authoritative Time Source 3.3.8Protect Audit Information 3.3.9Limit Management of Audit Logging to Privileged Users

NIST SP 800-171 - Audit and Accountability Requirements

The same 9 controls with NIST 800-171-focused assessment preparation guidance.

3.3.1Create and Retain System Audit Logs 3.3.2Individual Accountability for Audited Events 3.3.3Review and Update Audited Events 3.3.4Alert on Audit Logging Process Failure 3.3.5Correlate Audit Record Review and Reporting 3.3.6Audit Record Reduction and Report Generation 3.3.7Authoritative Time Source 3.3.8Protect Audit Information 3.3.9Limit Management of Audit Logging to Privileged Users
All CMMC Families
AC: Access Control AT: Awareness and Training AU: Audit and Accountability CM: Configuration Management IA: Identification and Authentication IR: Incident Response MA: Maintenance MP: Media Protection PS: Personnel Security PE: Physical Protection RA: Risk Assessment CA: Security Assessment SC: System and Communications Protection SI: System and Information Integrity

Need Help With Audit and Accountability Controls?

Our CMMC-RP certified team has helped 2,500+ organizations implement these controls and pass assessments.

Schedule a Compliance Assessment