Audit Logging Policy (AU)

This Audit Logging Policy establishes requirements for capturing, storing, and reviewing system activities to ensure the integrity, confidentiality, and availability of information in compliance with the Cybersecurity Maturity Model Certification (CMMC) requirements. The policy applies to all systems, networks, and devices handling Federal Contract Information (FCI) or Controlled Unclassified Information (CUI). It mandates logging of key events, secure storage of logs, and regular reviews to detect and respond to potential security incidents, ensuring compliance and robust organizational cybersecurity practices.