03.07.03 —
What this control requires
Source: NIST SP 800-171 R3 §03.07.03 (official control text).
Why this matters
This control ensures organizations maintain comprehensive audit logs and protect them from unauthorized access, modification, or deletion. Audit records are the organization's primary evidence trail for security incidents, compliance verification, and forensic investigations. Without protected logs, attackers can cover their tracks, internal threats go undetected, and the organization cannot prove compliance during assessments. Log integrity and availability directly determine whether security events can be reconstructed and whether the organization can demonstrate due diligence in monitoring its systems.
What evidence assessors expect
Assessors typically look for: screenshot, configuration export. FORCE coaches you through the exact implementation steps and captures each artifact in-platform.
Related controls
See your live posture on 03.07.03.
FORCE shows where you stand on this control and walks you through closing it.
Start a free trial tenant →