What is the Audit and Accountability Domain of the DODs CMMC?

Audit and Accountability Domain of the DODs CMMC ?

Previously, we discussed a framework of practices and procedures established for contractors that work with the Department of Defense (DoD) in the United States. This new framework is the Cybersecurity Maturity Model Certification (CMMC), constructed as a way for the DoD to ensure that the critical documents, like Controlled Unclassified Information (CUI), used by contractors and sub-contractors remain secured from malicious actors. This information is valuable, which is always the principal driver of a cyberattack.

The framework devised by the DoD with the help of the NIST (The National Institute of Standards and Technology) has 17 domains that contain the best practices for cybersecurity. Each of these domains has practices and procedures that will need to be implemented into a contractor’s network to progress to higher levels of compliance. These levels, one through five, each have increased cybersecurity measures that will take a network from basic protection to advanced protection for the better protection of CUI. We have addressed Access Control, the first domain, making the next on the list Audit and Accountability.

The CMMC definition of Audit and Accountability | Audit and Accountability Domain of the DODs CMMC

The CMMC definitions of these two aspects of cybersecurity are as follows:

  • Audit: An independent review and examination of records and activities to assess the adequacy of the system’s controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures.
  • Accountability: The security goal which generates the requirement for actions of an entity to be traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action.

Image #1: Audit and Accountability (AU) is one of the 17 domains in the D.o.D.’s CMMC. YouAttest provides access reviews to meet many of the controls of this domain. ( Audit and Accountability Domain of the DODs CMMC )

What Does the Audit and Accountability Domain Consists of ? | Audit and Accountability Domain of the DODs CMMC

The Audit and Accountability domain consists of practices and procedures which govern the organization’s creation, protection, and retention of information system audit records and ensures the actions of individual users within the network are traced at the individual user level. The purpose of this is to create an audit log of what has gotten checked for malicious activity. This data can be later reviewed in the event of an issue or the prevention of unlawful or unauthorized system activity. Within the CMMC framework, from levels two through five, the Audit and Accountability domain includes 14 practices. According to the CMMC guide, this domain contains four capabilities:

  1. Define audit requirements
  2. Perform auditing
  3. Identify and protect audit information
  4. Review and manage audit logs

Though the number of practices and procedures necessary for the advancement of a contractor or subcontractor is not as high as other domains, they are no less valuable or intense. The ability to implement this level of cybersecurity with efficiency can be difficult. One solution to this is employing the help of YouAttest, which can help with a majority of these issues. Below are the ways that YouAttest can help.

  • YouAttest is part of an enterprise resource plan to ensure effective identity audits and implement periodic and triggered access reviews.
  • YouAttest can create, collate, and store attestations on key security events, including tracking of key identity groups and role changes.
  • YouAttest user and security event trigger attestations (AU.2.041) can be an essential part of an identity awareness program to monitor privilege escalation events. In addition, YouAttest state-in-time audit analysis can be used to quickly determine changes in identity roles or permissions for all or a subset of users.
  • YouAttest implements two-factor authentication and regular pen test and has a secure infrastructure around its access reports, including firewalls and application firewalls.

If you or your organization has any questions on how YouAttest can help your organization with CMMC compliance, reach out and schedule an appointment with a YouAttest identity audit professional. Our representatives will reach out and provide further elaboration about Audit and Accountability Domain of the DODs CMMC.

YouAttest is an automated identity audit tool for your identity and access control resources.  Cloud based and simple to use – YouAttest provides a quantified platform for your identity audits. YouAttest will join w/ Robert Emrich, Jr, a  CMMC RP, to help review the identity requirements and inform how YouAttest meets the access review requirements in a YouAttest CMMC webinar, scheduled for Sep 22nd

If you find this article about Audit and Accountability Domain of the DODs CMMC informative, please do leave a comment and if you would like more information please feel free to fill up a form here and we will get back to you with more details. This topic Audit and Accountability Domain of the DODs CMMC is vast and we will keep on adding more info to this blog so please bookmark this article and look for updates as we will update it on a regular basis tp keep our readers informed.