AU.3.045 Review and update logged events.

CMMC Practice AU.3.045: Review and update logged events.

Links to Publicly Available Resources

CMMC CLARIFICATION (Ref CMMC – Appendix B)

Organizations should periodically review logged events that identify possible security incidents, and the organization should update the list of events that need to be logged as necessary. Non-security events that should have logging requirements reviewed include 1) logging all installed software on endpoints to identify license irregularities or 2) logging connections to a VPN server or load balancer to manage capacity and quality of service.