{"id":5344,"date":"2020-04-03T08:34:50","date_gmt":"2020-04-03T13:34:50","guid":{"rendered":"https:\/\/ndisac.org\/dibscc\/?p=5344"},"modified":"2025-01-29T12:47:26","modified_gmt":"2025-01-29T17:47:26","slug":"au-l2-3-3-1","status":"publish","type":"post","link":"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/","title":{"rendered":"AU.L2-3.3.1 System Auditing"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;3.22&#8243;][et_pb_row _builder_version=&#8221;3.25&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.0.47&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.2&#8243; vertical_offset_tablet=&#8221;0&#8243; horizontal_offset_tablet=&#8221;0&#8243; hover_enabled=&#8221;0&#8243; z_index_tablet=&#8221;0&#8243; text_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; text_text_shadow_vertical_length_tablet=&#8221;0px&#8221; text_text_shadow_blur_strength_tablet=&#8221;1px&#8221; link_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; link_text_shadow_vertical_length_tablet=&#8221;0px&#8221; link_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ul_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ul_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ul_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ol_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ol_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ol_text_shadow_blur_strength_tablet=&#8221;1px&#8221; quote_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; quote_text_shadow_vertical_length_tablet=&#8221;0px&#8221; quote_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_2_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_2_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_2_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_3_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_3_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_3_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_4_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_4_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_4_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_5_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_5_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_5_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_6_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_6_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_6_text_shadow_blur_strength_tablet=&#8221;1px&#8221; box_shadow_horizontal_tablet=&#8221;0px&#8221; box_shadow_vertical_tablet=&#8221;0px&#8221; box_shadow_blur_tablet=&#8221;40px&#8221; box_shadow_spread_tablet=&#8221;0px&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h2>CMMC Requirement AU.L2-3.3.1 &#8211; System Auditing: Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity. <\/h2>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.4.3&#8243; vertical_offset_tablet=&#8221;0&#8243; horizontal_offset_tablet=&#8221;0&#8243; custom_margin=&#8221;||||false|false&#8221; custom_padding=&#8221;20px|20px|20px|20px|false|false&#8221; z_index_tablet=&#8221;0&#8243; text_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; text_text_shadow_vertical_length_tablet=&#8221;0px&#8221; text_text_shadow_blur_strength_tablet=&#8221;1px&#8221; link_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; link_text_shadow_vertical_length_tablet=&#8221;0px&#8221; link_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ul_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ul_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ul_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ol_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ol_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ol_text_shadow_blur_strength_tablet=&#8221;1px&#8221; quote_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; quote_text_shadow_vertical_length_tablet=&#8221;0px&#8221; quote_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_2_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_2_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_2_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_3_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_3_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_3_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_4_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_4_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_4_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_5_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_5_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_5_text_shadow_blur_strength_tablet=&#8221;1px&#8221; header_6_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; header_6_text_shadow_vertical_length_tablet=&#8221;0px&#8221; header_6_text_shadow_blur_strength_tablet=&#8221;1px&#8221; border_width_all=&#8221;1px&#8221; border_color_all=&#8221;#bcbcbc&#8221; box_shadow_style=&#8221;preset1&#8243; box_shadow_horizontal_tablet=&#8221;0px&#8221; box_shadow_vertical_tablet=&#8221;0px&#8221; box_shadow_blur_tablet=&#8221;40px&#8221; box_shadow_spread_tablet=&#8221;0px&#8221;]Links to Publicly Available Resources<\/p>\n<p class=\"p1\"><span class=\"s1\"><!-- Beginning of Link Library Output --><div id='linklist1' class='linklist'><!-- Div Linklist -->\n<div class=\"LinkLibraryCat LinkLibraryCat355 level0\"><!-- Div Category -->\n\t<ul>\n<li><a href=\"https:\/\/docs.aws.amazon.com\/config\/latest\/developerguide\/operational-best-practices-for-cmmc_2.0_level_2.html\" id=\"link-16968\" class=\"track_this_link \" rel=\"noopener noreferrer\" target=\"_blank\">Amazon Web Services &#8211; Operational Best Practices for CMMC 2.0 Level 2<\/a>\n<p>The following provides a sample mapping between the Cybersecurity Maturity Model Certification (CMMC) 2.0 Level 2 and AWS managed Config rules. Each Config rule applies to a specific AWS resource, and relates to one or more CMMC 2.0 Level 2 controls. A CMMC 2.0 Level 2 control can be related to multiple Config rules.<\/p><\/li>\n<li><a href=\"https:\/\/dodcio.defense.gov\/Portals\/0\/Documents\/CMMC\/AssessmentGuideL2v2.pdf\" id=\"link-9989\" class=\"track_this_link \" rel=\"noopener noreferrer\" target=\"_blank\">CMMC Level 2 Assessment Guide<\/a>\n<p>This document provides assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 2.<\/p><\/li>\n<li><a href=\"https:\/\/ndisac.org\/dibscc\/wp-content\/uploads\/sites\/2\/2025\/11\/The-Role-of-VDI-for-CMMC-White-Paper.pdf\" id=\"link-17322\" class=\"track_this_link \" rel=\"noopener noreferrer\" target=\"_blank\">National Defense-ISAC: The Role of VDI for CMMC<\/a>\n<p>Focused on securing Controlled Unclassified Information, this work highlights how Virtual Desktop Infrastructure (VDI) reduces endpoint risk and aligns with CMMC requirements across the defense industrial base.<\/p><\/li>\n<li><a href=\"https:\/\/nvlpubs.nist.gov\/nistpubs\/Legacy\/SP\/nistspecialpublication800-92.pdf\" id=\"link-1942\" class=\"track_this_link \" rel=\"noopener noreferrer\" target=\"_blank\">NIST SP 800-92: Guide to Computer Security Log Management<\/a>\n<p>This NIST Special Publication provides practical guidance on developing and maintaining effective log management practices.<\/p><\/li>\n<li><a href=\"https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Logging_Cheat_Sheet.html\" id=\"link-6503\" class=\"track_this_link \" rel=\"noopener noreferrer\" target=\"_blank\">Open Web Application Security Project (OWASP) \u2013 Logging Cheat Sheet OWASP<\/a>\n<p>This cheat sheet covers all of the important aspects of logging such as what to include and how long to retain among others.<\/p><\/li>\n<li><a href=\"https:\/\/www.splunk.com\/en_us\/blog\/learn\/log-management.html\" id=\"link-16819\" class=\"track_this_link \" rel=\"noopener noreferrer\" target=\"_blank\">Splunk \u2013 Log Management: Introduction &amp; Best Practices<\/a>\n<p>In this introductory guide, Splunk emphasizes the importance of log management for businesses of all sizes. It highlights that understanding logs is essential for effectively resolving errors and failures. The guide concludes by addressing the question, \"What does log management actually mean?\"<\/p><\/li>\n<li><a href=\"https:\/\/security.berkeley.edu\/security-audit-logging-guideline\" id=\"link-6210\" class=\"track_this_link \" rel=\"noopener noreferrer\" target=\"_blank\">University of California Berkeley &#8211;  Security Audit Logging Guideline<\/a>\n<p>This guideline describes the risk of inadequate logging, defines events to be logged and establishes a case for using an automated tool for log review.<\/p><\/li>\n\t<\/ul>\n<\/div><!-- Div End Category -->\n<script type='text\/javascript'>\njQuery(document).ready(function()\n{\njQuery('.arrow-up').hide();\njQuery('#linklist1 a.track_this_link').click(function() {\nlinkid = this.id;\nlinkid = linkid.substring(5);\npath = '';\njQuery.ajax( {    type: 'POST',    url: 'https:\/\/ndisac.org\/dibscc\/wp-admin\/admin-ajax.php',     data: { action: 'link_library_tracker',             _ajax_nonce: 'b6c3152607',             id:linkid, xpath:path }     });\nreturn true;\n});\njQuery('#linklist1 .expandlinks').click(function() {\ntarget = '.' + jQuery(this).attr('id');\nsubcattarget = '.' + jQuery(this).attr('data-subcat');\nif ( jQuery( target ).is(':visible') ) {\njQuery(target).slideUp();\njQuery(subcattarget).slideToggle();\njQuery(this).children('img').attr('src', 'https:\/\/ndisac.org\/dibscc\/wp-content\/plugins\/link-library\/icons\/expand-32.png');\n} else {\njQuery(target).slideDown();\njQuery(subcattarget).slideToggle();\njQuery(this).children('img').attr('src', 'https:\/\/ndisac.org\/dibscc\/wp-content\/plugins\/link-library\/icons\/collapse-32.png');\n}\n});\njQuery('#linklist1 .linklistcatclass').click(function() {\njQuery(this).siblings('.expandlinks').click();\n});\njQuery('#linklist1 .linklistcatnamedesc').click(function() {\njQuery(this).siblings('.expandlinks').click();\n});\n});\n<\/script>\n<\/div><!-- Div Linklist -->\n<!-- End of Link Library Output -->\n\n<\/span><\/p>\n<p>[\/et_pb_text][et_pb_divider _builder_version=&#8221;4.2.2&#8243; vertical_offset_tablet=&#8221;0&#8243; horizontal_offset_tablet=&#8221;0&#8243; z_index_tablet=&#8221;0&#8243; box_shadow_horizontal_tablet=&#8221;0px&#8221; box_shadow_vertical_tablet=&#8221;0px&#8221; box_shadow_blur_tablet=&#8221;40px&#8221; box_shadow_spread_tablet=&#8221;0px&#8221;][\/et_pb_divider][et_pb_testimonial quote_icon=&#8221;off&#8221; _builder_version=&#8221;4.9.2&#8243; vertical_offset_tablet=&#8221;0&#8243; horizontal_offset_tablet=&#8221;0&#8243; hover_enabled=&#8221;0&#8243; z_index_tablet=&#8221;0&#8243; author_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; author_text_shadow_vertical_length_tablet=&#8221;0px&#8221; author_text_shadow_blur_strength_tablet=&#8221;1px&#8221; position_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; position_text_shadow_vertical_length_tablet=&#8221;0px&#8221; position_text_shadow_blur_strength_tablet=&#8221;1px&#8221; company_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; company_text_shadow_vertical_length_tablet=&#8221;0px&#8221; company_text_shadow_blur_strength_tablet=&#8221;1px&#8221; body_link_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; body_link_text_shadow_vertical_length_tablet=&#8221;0px&#8221; body_link_text_shadow_blur_strength_tablet=&#8221;1px&#8221; body_ul_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; body_ul_text_shadow_vertical_length_tablet=&#8221;0px&#8221; body_ul_text_shadow_blur_strength_tablet=&#8221;1px&#8221; body_ol_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; body_ol_text_shadow_vertical_length_tablet=&#8221;0px&#8221; body_ol_text_shadow_blur_strength_tablet=&#8221;1px&#8221; body_quote_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; body_quote_text_shadow_vertical_length_tablet=&#8221;0px&#8221; body_quote_text_shadow_blur_strength_tablet=&#8221;1px&#8221; box_shadow_horizontal_tablet=&#8221;0px&#8221; box_shadow_vertical_tablet=&#8221;0px&#8221; box_shadow_blur_tablet=&#8221;40px&#8221; box_shadow_spread_tablet=&#8221;0px&#8221; box_shadow_horizontal_image_tablet=&#8221;0px&#8221; box_shadow_vertical_image_tablet=&#8221;0px&#8221; box_shadow_blur_image_tablet=&#8221;40px&#8221; box_shadow_spread_image_tablet=&#8221;0px&#8221; text_shadow_horizontal_length_tablet=&#8221;0px&#8221; text_shadow_vertical_length_tablet=&#8221;0px&#8221; text_shadow_blur_strength_tablet=&#8221;1px&#8221; sticky_enabled=&#8221;0&#8243;]Discussion [NIST SP 800-171 R2]<br \/>\nAn event is any observable occurrence in a system, which includes unlawful or unauthorized system activity. Organizations identify event types for which a logging functionality is needed as those events which are significant and relevant to the security of systems and the environments in which those systems operate to meet specific and ongoing auditing needs. Event types can include password changes, failed logons or failed accesses related to systems, administrative privilege usage, or third-party credential usage. In determining event types that require logging, organizations consider the monitoring and auditing appropriate for each of the CUI security requirements. Monitoring and auditing requirements can be balanced with other system needs. For example, organizations may determine that systems must have the capability to log every file access both successful and unsuccessful, but not activate that capability except for specific circumstances due to the potential burden on system performance.<br \/>\nAudit records can be generated at various levels of abstraction, including at the packet level as information traverses the network. Selecting the appropriate level of abstraction is a critical aspect of an audit logging capability and can facilitate the identification of root causes to problems. Organizations consider in the definition of event types, the logging necessary to cover related events such as the steps in distributed, transaction-based processes (e.g., processes that are distributed across multiple organizations) and actions that occur in service-oriented or cloud-based architectures.<br \/>\nAudit record content that may be necessary to satisfy this requirement includes time stamps, source and destination addresses, user or process identifiers, event descriptions, success or failure indications, filenames involved, and access control or flow control rules invoked. Event outcomes can include indicators of event success or failure and event-specific results (e.g., the security state of the system after the event occurred).<br \/>\nDetailed information that organizations may consider in audit records includes full text recording of privileged commands or the individual identities of group account users. Organizations consider limiting the additional audit log information to only that information explicitly needed for specific audit requirements. This facilitates the use of audit trails and audit logs by not including information that could potentially be misleading or could make it more difficult to locate information of interest. Audit logs are reviewed and analyzed as often as needed to provide important information to organizations to facilitate risk-based decision making. NIST SP 800-92 provides guidance on security log management.<\/p>\n<p>Further Discussion<br \/>\nOSAs must ensure that all applicable systems create and retain audit logs that contain enough information to identify and investigate potentially unlawful or unauthorized system activity. OSAs must define the audit logs it needs to collect as well as the specific events to capture within the selected logs. Captured audit records are checked to verify that they contain the required events.<br \/>\nIn defining the audit log retention period, OSAs must ensure that logs are retained for a sufficiently long period to allow for the investigation of a security event. The retention period must take into account the delay of weeks or months that can occur between an initial compromise and the discovery of attacker activity.<br \/>\n[\/et_pb_testimonial][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;3.22&#8243;][et_pb_row _builder_version=&#8221;3.25&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.0.47&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.2&#8243; vertical_offset_tablet=&#8221;0&#8243; horizontal_offset_tablet=&#8221;0&#8243; hover_enabled=&#8221;0&#8243; z_index_tablet=&#8221;0&#8243; text_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; text_text_shadow_vertical_length_tablet=&#8221;0px&#8221; text_text_shadow_blur_strength_tablet=&#8221;1px&#8221; link_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; link_text_shadow_vertical_length_tablet=&#8221;0px&#8221; link_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ul_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ul_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ul_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ol_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ol_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ol_text_shadow_blur_strength_tablet=&#8221;1px&#8221; quote_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; quote_text_shadow_vertical_length_tablet=&#8221;0px&#8221; [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"[et_pb_section bb_built=\"1\"][et_pb_row][et_pb_column type=\"4_4\"][et_pb_text _builder_version=\"4.2.2\" text_text_shadow_horizontal_length=\"text_text_shadow_style,%91object Object%93\" text_text_shadow_horizontal_length_tablet=\"0px\" text_text_shadow_vertical_length=\"text_text_shadow_style,%91object Object%93\" text_text_shadow_vertical_length_tablet=\"0px\" text_text_shadow_blur_strength=\"text_text_shadow_style,%91object Object%93\" text_text_shadow_blur_strength_tablet=\"1px\" link_text_shadow_horizontal_length=\"link_text_shadow_style,%91object Object%93\" link_text_shadow_horizontal_length_tablet=\"0px\" link_text_shadow_vertical_length=\"link_text_shadow_style,%91object Object%93\" link_text_shadow_vertical_length_tablet=\"0px\" link_text_shadow_blur_strength=\"link_text_shadow_style,%91object Object%93\" link_text_shadow_blur_strength_tablet=\"1px\" ul_text_shadow_horizontal_length=\"ul_text_shadow_style,%91object Object%93\" ul_text_shadow_horizontal_length_tablet=\"0px\" ul_text_shadow_vertical_length=\"ul_text_shadow_style,%91object Object%93\" ul_text_shadow_vertical_length_tablet=\"0px\" ul_text_shadow_blur_strength=\"ul_text_shadow_style,%91object Object%93\" ul_text_shadow_blur_strength_tablet=\"1px\" ol_text_shadow_horizontal_length=\"ol_text_shadow_style,%91object Object%93\" ol_text_shadow_horizontal_length_tablet=\"0px\" ol_text_shadow_vertical_length=\"ol_text_shadow_style,%91object Object%93\" ol_text_shadow_vertical_length_tablet=\"0px\" ol_text_shadow_blur_strength=\"ol_text_shadow_style,%91object Object%93\" ol_text_shadow_blur_strength_tablet=\"1px\" quote_text_shadow_horizontal_length=\"quote_text_shadow_style,%91object Object%93\" quote_text_shadow_horizontal_length_tablet=\"0px\" quote_text_shadow_vertical_length=\"quote_text_shadow_style,%91object Object%93\" quote_text_shadow_vertical_length_tablet=\"0px\" quote_text_shadow_blur_strength=\"quote_text_shadow_style,%91object Object%93\" quote_text_shadow_blur_strength_tablet=\"1px\" header_text_shadow_horizontal_length=\"header_text_shadow_style,%91object Object%93\" header_text_shadow_horizontal_length_tablet=\"0px\" header_text_shadow_vertical_length=\"header_text_shadow_style,%91object Object%93\" header_text_shadow_vertical_length_tablet=\"0px\" header_text_shadow_blur_strength=\"header_text_shadow_style,%91object Object%93\" header_text_shadow_blur_strength_tablet=\"1px\" header_2_text_shadow_horizontal_length=\"header_2_text_shadow_style,%91object Object%93\" header_2_text_shadow_horizontal_length_tablet=\"0px\" header_2_text_shadow_vertical_length=\"header_2_text_shadow_style,%91object Object%93\" header_2_text_shadow_vertical_length_tablet=\"0px\" header_2_text_shadow_blur_strength=\"header_2_text_shadow_style,%91object Object%93\" header_2_text_shadow_blur_strength_tablet=\"1px\" header_3_text_shadow_horizontal_length=\"header_3_text_shadow_style,%91object Object%93\" header_3_text_shadow_horizontal_length_tablet=\"0px\" header_3_text_shadow_vertical_length=\"header_3_text_shadow_style,%91object Object%93\" header_3_text_shadow_vertical_length_tablet=\"0px\" header_3_text_shadow_blur_strength=\"header_3_text_shadow_style,%91object Object%93\" header_3_text_shadow_blur_strength_tablet=\"1px\" header_4_text_shadow_horizontal_length=\"header_4_text_shadow_style,%91object Object%93\" header_4_text_shadow_horizontal_length_tablet=\"0px\" header_4_text_shadow_vertical_length=\"header_4_text_shadow_style,%91object Object%93\" header_4_text_shadow_vertical_length_tablet=\"0px\" header_4_text_shadow_blur_strength=\"header_4_text_shadow_style,%91object Object%93\" header_4_text_shadow_blur_strength_tablet=\"1px\" header_5_text_shadow_horizontal_length=\"header_5_text_shadow_style,%91object Object%93\" header_5_text_shadow_horizontal_length_tablet=\"0px\" header_5_text_shadow_vertical_length=\"header_5_text_shadow_style,%91object Object%93\" header_5_text_shadow_vertical_length_tablet=\"0px\" header_5_text_shadow_blur_strength=\"header_5_text_shadow_style,%91object Object%93\" header_5_text_shadow_blur_strength_tablet=\"1px\" header_6_text_shadow_horizontal_length=\"header_6_text_shadow_style,%91object Object%93\" header_6_text_shadow_horizontal_length_tablet=\"0px\" header_6_text_shadow_vertical_length=\"header_6_text_shadow_style,%91object Object%93\" header_6_text_shadow_vertical_length_tablet=\"0px\" header_6_text_shadow_blur_strength=\"header_6_text_shadow_style,%91object Object%93\" header_6_text_shadow_blur_strength_tablet=\"1px\" box_shadow_horizontal_tablet=\"0px\" box_shadow_vertical_tablet=\"0px\" box_shadow_blur_tablet=\"40px\" box_shadow_spread_tablet=\"0px\" vertical_offset_tablet=\"0\" horizontal_offset_tablet=\"0\" z_index_tablet=\"0\"]\r\n\r\nAC.2.005: Provide privacy and security notices consistent with applicable CUI rules.\r\n\r\n[\/et_pb_text][et_pb_text _builder_version=\"4.2.2\" text_text_shadow_horizontal_length=\"text_text_shadow_style,%91object Object%93\" text_text_shadow_horizontal_length_tablet=\"0px\" text_text_shadow_vertical_length=\"text_text_shadow_style,%91object Object%93\" text_text_shadow_vertical_length_tablet=\"0px\" text_text_shadow_blur_strength=\"text_text_shadow_style,%91object Object%93\" text_text_shadow_blur_strength_tablet=\"1px\" link_text_shadow_horizontal_length=\"link_text_shadow_style,%91object Object%93\" link_text_shadow_horizontal_length_tablet=\"0px\" link_text_shadow_vertical_length=\"link_text_shadow_style,%91object Object%93\" link_text_shadow_vertical_length_tablet=\"0px\" link_text_shadow_blur_strength=\"link_text_shadow_style,%91object Object%93\" link_text_shadow_blur_strength_tablet=\"1px\" ul_text_shadow_horizontal_length=\"ul_text_shadow_style,%91object Object%93\" ul_text_shadow_horizontal_length_tablet=\"0px\" ul_text_shadow_vertical_length=\"ul_text_shadow_style,%91object Object%93\" ul_text_shadow_vertical_length_tablet=\"0px\" ul_text_shadow_blur_strength=\"ul_text_shadow_style,%91object Object%93\" ul_text_shadow_blur_strength_tablet=\"1px\" ol_text_shadow_horizontal_length=\"ol_text_shadow_style,%91object Object%93\" ol_text_shadow_horizontal_length_tablet=\"0px\" ol_text_shadow_vertical_length=\"ol_text_shadow_style,%91object Object%93\" ol_text_shadow_vertical_length_tablet=\"0px\" ol_text_shadow_blur_strength=\"ol_text_shadow_style,%91object Object%93\" ol_text_shadow_blur_strength_tablet=\"1px\" quote_text_shadow_horizontal_length=\"quote_text_shadow_style,%91object Object%93\" quote_text_shadow_horizontal_length_tablet=\"0px\" quote_text_shadow_vertical_length=\"quote_text_shadow_style,%91object Object%93\" quote_text_shadow_vertical_length_tablet=\"0px\" quote_text_shadow_blur_strength=\"quote_text_shadow_style,%91object Object%93\" quote_text_shadow_blur_strength_tablet=\"1px\" header_text_shadow_horizontal_length=\"header_text_shadow_style,%91object Object%93\" header_text_shadow_horizontal_length_tablet=\"0px\" header_text_shadow_vertical_length=\"header_text_shadow_style,%91object Object%93\" header_text_shadow_vertical_length_tablet=\"0px\" header_text_shadow_blur_strength=\"header_text_shadow_style,%91object Object%93\" header_text_shadow_blur_strength_tablet=\"1px\" header_2_text_shadow_horizontal_length=\"header_2_text_shadow_style,%91object Object%93\" header_2_text_shadow_horizontal_length_tablet=\"0px\" header_2_text_shadow_vertical_length=\"header_2_text_shadow_style,%91object Object%93\" header_2_text_shadow_vertical_length_tablet=\"0px\" header_2_text_shadow_blur_strength=\"header_2_text_shadow_style,%91object Object%93\" header_2_text_shadow_blur_strength_tablet=\"1px\" header_3_text_shadow_horizontal_length=\"header_3_text_shadow_style,%91object Object%93\" header_3_text_shadow_horizontal_length_tablet=\"0px\" header_3_text_shadow_vertical_length=\"header_3_text_shadow_style,%91object Object%93\" header_3_text_shadow_vertical_length_tablet=\"0px\" header_3_text_shadow_blur_strength=\"header_3_text_shadow_style,%91object Object%93\" header_3_text_shadow_blur_strength_tablet=\"1px\" header_4_text_shadow_horizontal_length=\"header_4_text_shadow_style,%91object Object%93\" header_4_text_shadow_horizontal_length_tablet=\"0px\" header_4_text_shadow_vertical_length=\"header_4_text_shadow_style,%91object Object%93\" header_4_text_shadow_vertical_length_tablet=\"0px\" header_4_text_shadow_blur_strength=\"header_4_text_shadow_style,%91object Object%93\" header_4_text_shadow_blur_strength_tablet=\"1px\" header_5_text_shadow_horizontal_length=\"header_5_text_shadow_style,%91object Object%93\" header_5_text_shadow_horizontal_length_tablet=\"0px\" header_5_text_shadow_vertical_length=\"header_5_text_shadow_style,%91object Object%93\" header_5_text_shadow_vertical_length_tablet=\"0px\" header_5_text_shadow_blur_strength=\"header_5_text_shadow_style,%91object Object%93\" header_5_text_shadow_blur_strength_tablet=\"1px\" header_6_text_shadow_horizontal_length=\"header_6_text_shadow_style,%91object Object%93\" header_6_text_shadow_horizontal_length_tablet=\"0px\" header_6_text_shadow_vertical_length=\"header_6_text_shadow_style,%91object Object%93\" header_6_text_shadow_vertical_length_tablet=\"0px\" header_6_text_shadow_blur_strength=\"header_6_text_shadow_style,%91object Object%93\" header_6_text_shadow_blur_strength_tablet=\"1px\" box_shadow_horizontal_tablet=\"0px\" box_shadow_vertical_tablet=\"0px\" box_shadow_blur_tablet=\"40px\" box_shadow_spread_tablet=\"0px\" vertical_offset_tablet=\"0\" horizontal_offset_tablet=\"0\" z_index_tablet=\"0\"]\r\n\r\n<a href=\"https:\/\/ndisac.org\/dibscc\/links\/cloudfaq19\/microsoft-azure-security-fundamentals\/\">Microsoft \u2013 Azure Security Fundamentals<\/a><a href=\"https:\/\/ndisac.org\/dibscc\/links\/regulations\/uk-ministry-of-defences-mod-defcon-658-cyber\/\">UK Ministry of Defence\u2019s (MOD) DEFCON 658 (Cyber)<\/a><a href=\"https:\/\/ndisac.org\/dibscc\/links\/ir-exercises-implementation\/mitre-cyber-exercise-playbook\/\">MITRE \u2013 Cyber Exercise Playbook<\/a>\r\n\r\n[\/et_pb_text][et_pb_divider _builder_version=\"4.2.2\" box_shadow_horizontal_tablet=\"0px\" box_shadow_vertical_tablet=\"0px\" box_shadow_blur_tablet=\"40px\" box_shadow_spread_tablet=\"0px\" vertical_offset_tablet=\"0\" horizontal_offset_tablet=\"0\" z_index_tablet=\"0\" \/][et_pb_testimonial _builder_version=\"4.2.2\" quote_icon_background_color=\"#f5f5f5\" box_shadow_horizontal_image_tablet=\"0px\" box_shadow_vertical_image_tablet=\"0px\" box_shadow_blur_image_tablet=\"40px\" box_shadow_spread_image_tablet=\"0px\" text_shadow_horizontal_length=\"text_shadow_style,%91object Object%93\" text_shadow_horizontal_length_tablet=\"0px\" text_shadow_vertical_length=\"text_shadow_style,%91object Object%93\" text_shadow_vertical_length_tablet=\"0px\" text_shadow_blur_strength=\"text_shadow_style,%91object Object%93\" text_shadow_blur_strength_tablet=\"1px\" body_link_text_shadow_horizontal_length=\"body_link_text_shadow_style,%91object Object%93\" body_link_text_shadow_horizontal_length_tablet=\"0px\" body_link_text_shadow_vertical_length=\"body_link_text_shadow_style,%91object Object%93\" body_link_text_shadow_vertical_length_tablet=\"0px\" body_link_text_shadow_blur_strength=\"body_link_text_shadow_style,%91object Object%93\" body_link_text_shadow_blur_strength_tablet=\"1px\" body_ul_text_shadow_horizontal_length=\"body_ul_text_shadow_style,%91object Object%93\" body_ul_text_shadow_horizontal_length_tablet=\"0px\" body_ul_text_shadow_vertical_length=\"body_ul_text_shadow_style,%91object Object%93\" body_ul_text_shadow_vertical_length_tablet=\"0px\" body_ul_text_shadow_blur_strength=\"body_ul_text_shadow_style,%91object Object%93\" body_ul_text_shadow_blur_strength_tablet=\"1px\" body_ol_text_shadow_horizontal_length=\"body_ol_text_shadow_style,%91object Object%93\" body_ol_text_shadow_horizontal_length_tablet=\"0px\" body_ol_text_shadow_vertical_length=\"body_ol_text_shadow_style,%91object Object%93\" body_ol_text_shadow_vertical_length_tablet=\"0px\" body_ol_text_shadow_blur_strength=\"body_ol_text_shadow_style,%91object Object%93\" body_ol_text_shadow_blur_strength_tablet=\"1px\" body_quote_text_shadow_horizontal_length=\"body_quote_text_shadow_style,%91object Object%93\" body_quote_text_shadow_horizontal_length_tablet=\"0px\" body_quote_text_shadow_vertical_length=\"body_quote_text_shadow_style,%91object Object%93\" body_quote_text_shadow_vertical_length_tablet=\"0px\" body_quote_text_shadow_blur_strength=\"body_quote_text_shadow_style,%91object Object%93\" body_quote_text_shadow_blur_strength_tablet=\"1px\" author_text_shadow_horizontal_length=\"author_text_shadow_style,%91object Object%93\" author_text_shadow_horizontal_length_tablet=\"0px\" author_text_shadow_vertical_length=\"author_text_shadow_style,%91object Object%93\" author_text_shadow_vertical_length_tablet=\"0px\" author_text_shadow_blur_strength=\"author_text_shadow_style,%91object Object%93\" author_text_shadow_blur_strength_tablet=\"1px\" position_text_shadow_horizontal_length=\"position_text_shadow_style,%91object Object%93\" position_text_shadow_horizontal_length_tablet=\"0px\" position_text_shadow_vertical_length=\"position_text_shadow_style,%91object Object%93\" position_text_shadow_vertical_length_tablet=\"0px\" position_text_shadow_blur_strength=\"position_text_shadow_style,%91object Object%93\" position_text_shadow_blur_strength_tablet=\"1px\" company_text_shadow_horizontal_length=\"company_text_shadow_style,%91object Object%93\" company_text_shadow_horizontal_length_tablet=\"0px\" company_text_shadow_vertical_length=\"company_text_shadow_style,%91object Object%93\" company_text_shadow_vertical_length_tablet=\"0px\" company_text_shadow_blur_strength=\"company_text_shadow_style,%91object Object%93\" company_text_shadow_blur_strength_tablet=\"1px\" box_shadow_horizontal_tablet=\"0px\" box_shadow_vertical_tablet=\"0px\" box_shadow_blur_tablet=\"40px\" box_shadow_spread_tablet=\"0px\" vertical_offset_tablet=\"0\" horizontal_offset_tablet=\"0\" z_index_tablet=\"0\" quote_icon=\"off\"]\r\n\r\nCMMC CLARIFICATION\r\nEvery   system   has   legal   information   about   user   privacy   and   security. A system-use notification banner displays the legal requirements of using the systems.  Users are required to click to agree to the displayed requirements of using the system each time they logon to the machine.  You can use this implicit agreement in the civil and\/or criminal prosecution of an attacker that violates the terms.\r\nDiscuss  legal  notification  requirements  with  your  organization\u2019s  legal  counsel.    This  will  ensure that they meet all applicable requirements.  You should inform the user that:\r\n\u2022 you may monitor, record, and subject to audit any information system usage;\r\n\u2022 you prohibit unauthorized use of the information system;\r\n\u2022 you may subject unauthorized use to criminal and civil penalties; and\r\n\u2022 use of the information system indicates consent to monitoring and recording.\r\n\r\n[\/et_pb_testimonial][\/et_pb_column][\/et_pb_row][\/et_pb_section]","_et_gb_content_width":"","footnotes":""},"categories":[330],"tags":[],"class_list":["post-5344","post","type-post","status-publish","format-standard","hentry","category-level-2"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>AU.L2-3.3.1 System Auditing - DIB SCC CyberAssist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"AU.L2-3.3.1 System Auditing - DIB SCC CyberAssist\" \/>\n<meta property=\"og:description\" content=\"[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;3.22&#8243;][et_pb_row _builder_version=&#8221;3.25&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.0.47&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.2&#8243; vertical_offset_tablet=&#8221;0&#8243; horizontal_offset_tablet=&#8221;0&#8243; hover_enabled=&#8221;0&#8243; z_index_tablet=&#8221;0&#8243; text_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; text_text_shadow_vertical_length_tablet=&#8221;0px&#8221; text_text_shadow_blur_strength_tablet=&#8221;1px&#8221; link_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; link_text_shadow_vertical_length_tablet=&#8221;0px&#8221; link_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ul_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ul_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ul_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ol_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ol_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ol_text_shadow_blur_strength_tablet=&#8221;1px&#8221; quote_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; quote_text_shadow_vertical_length_tablet=&#8221;0px&#8221; [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/\" \/>\n<meta property=\"og:site_name\" content=\"DIB SCC CyberAssist\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-03T13:34:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-01-29T17:47:26+00:00\" \/>\n<meta name=\"author\" content=\"markcarr\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"markcarr\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/\",\"url\":\"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/\",\"name\":\"AU.L2-3.3.1 System Auditing - DIB SCC CyberAssist\",\"isPartOf\":{\"@id\":\"https:\/\/ndisac.org\/dibscc\/#website\"},\"datePublished\":\"2020-04-03T13:34:50+00:00\",\"dateModified\":\"2025-01-29T17:47:26+00:00\",\"author\":{\"@id\":\"https:\/\/ndisac.org\/dibscc\/#\/schema\/person\/930af72cb910c130c27675e47ba8e9a0\"},\"breadcrumb\":{\"@id\":\"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/ndisac.org\/dibscc\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AU.L2-3.3.1 System Auditing\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ndisac.org\/dibscc\/#website\",\"url\":\"https:\/\/ndisac.org\/dibscc\/\",\"name\":\"DIB SCC CyberAssist\",\"description\":\"Cybersecurity Resources for DIB companies and suppliers\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ndisac.org\/dibscc\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/ndisac.org\/dibscc\/#\/schema\/person\/930af72cb910c130c27675e47ba8e9a0\",\"name\":\"markcarr\",\"url\":\"https:\/\/ndisac.org\/dibscc\/author\/markcarr\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"AU.L2-3.3.1 System Auditing - DIB SCC CyberAssist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/","og_locale":"en_US","og_type":"article","og_title":"AU.L2-3.3.1 System Auditing - DIB SCC CyberAssist","og_description":"[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;3.22&#8243;][et_pb_row _builder_version=&#8221;3.25&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.0.47&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.2&#8243; vertical_offset_tablet=&#8221;0&#8243; horizontal_offset_tablet=&#8221;0&#8243; hover_enabled=&#8221;0&#8243; z_index_tablet=&#8221;0&#8243; text_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; text_text_shadow_vertical_length_tablet=&#8221;0px&#8221; text_text_shadow_blur_strength_tablet=&#8221;1px&#8221; link_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; link_text_shadow_vertical_length_tablet=&#8221;0px&#8221; link_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ul_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ul_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ul_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ol_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ol_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ol_text_shadow_blur_strength_tablet=&#8221;1px&#8221; quote_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; quote_text_shadow_vertical_length_tablet=&#8221;0px&#8221; [&hellip;]","og_url":"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/","og_site_name":"DIB SCC CyberAssist","article_published_time":"2020-04-03T13:34:50+00:00","article_modified_time":"2025-01-29T17:47:26+00:00","author":"markcarr","twitter_card":"summary_large_image","twitter_misc":{"Written by":"markcarr","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/","url":"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/","name":"AU.L2-3.3.1 System Auditing - DIB SCC CyberAssist","isPartOf":{"@id":"https:\/\/ndisac.org\/dibscc\/#website"},"datePublished":"2020-04-03T13:34:50+00:00","dateModified":"2025-01-29T17:47:26+00:00","author":{"@id":"https:\/\/ndisac.org\/dibscc\/#\/schema\/person\/930af72cb910c130c27675e47ba8e9a0"},"breadcrumb":{"@id":"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/ndisac.org\/dibscc\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/au-l2-3-3-1\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ndisac.org\/dibscc\/"},{"@type":"ListItem","position":2,"name":"AU.L2-3.3.1 System Auditing"}]},{"@type":"WebSite","@id":"https:\/\/ndisac.org\/dibscc\/#website","url":"https:\/\/ndisac.org\/dibscc\/","name":"DIB SCC CyberAssist","description":"Cybersecurity Resources for DIB companies and suppliers","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ndisac.org\/dibscc\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/ndisac.org\/dibscc\/#\/schema\/person\/930af72cb910c130c27675e47ba8e9a0","name":"markcarr","url":"https:\/\/ndisac.org\/dibscc\/author\/markcarr\/"}]}},"rttpg_featured_image_url":null,"rttpg_author":{"display_name":"markcarr","author_link":"https:\/\/ndisac.org\/dibscc\/author\/markcarr\/"},"rttpg_comment":0,"rttpg_category":" <a href=\"https:\/\/ndisac.org\/dibscc\/category\/cyberassist\/cybersecurity-maturity-model-certification\/level-2\/\" rel=\"tag\">Level 2<\/a>","rttpg_excerpt":"[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;3.22&#8243;][et_pb_row _builder_version=&#8221;3.25&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.0.47&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.2&#8243; vertical_offset_tablet=&#8221;0&#8243; horizontal_offset_tablet=&#8221;0&#8243; hover_enabled=&#8221;0&#8243; z_index_tablet=&#8221;0&#8243; text_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; text_text_shadow_vertical_length_tablet=&#8221;0px&#8221; text_text_shadow_blur_strength_tablet=&#8221;1px&#8221; link_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; link_text_shadow_vertical_length_tablet=&#8221;0px&#8221; link_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ul_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ul_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ul_text_shadow_blur_strength_tablet=&#8221;1px&#8221; ol_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; ol_text_shadow_vertical_length_tablet=&#8221;0px&#8221; ol_text_shadow_blur_strength_tablet=&#8221;1px&#8221; quote_text_shadow_horizontal_length_tablet=&#8221;0px&#8221; quote_text_shadow_vertical_length_tablet=&#8221;0px&#8221; [&hellip;]","_links":{"self":[{"href":"https:\/\/ndisac.org\/dibscc\/wp-json\/wp\/v2\/posts\/5344"}],"collection":[{"href":"https:\/\/ndisac.org\/dibscc\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ndisac.org\/dibscc\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ndisac.org\/dibscc\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/ndisac.org\/dibscc\/wp-json\/wp\/v2\/comments?post=5344"}],"version-history":[{"count":9,"href":"https:\/\/ndisac.org\/dibscc\/wp-json\/wp\/v2\/posts\/5344\/revisions"}],"predecessor-version":[{"id":15120,"href":"https:\/\/ndisac.org\/dibscc\/wp-json\/wp\/v2\/posts\/5344\/revisions\/15120"}],"wp:attachment":[{"href":"https:\/\/ndisac.org\/dibscc\/wp-json\/wp\/v2\/media?parent=5344"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ndisac.org\/dibscc\/wp-json\/wp\/v2\/categories?post=5344"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ndisac.org\/dibscc\/wp-json\/wp\/v2\/tags?post=5344"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}