CMMCDocs.comHome / Glossary / Audit and Accountability (AU) Family
Audit and Accountability (AU) Family
Also known as: AU family
The AU family covers 9 NIST SP 800-171 requirements governing audit logging, log retention, log review, and protection of audit information.
The Audit and Accountability (AU) family contains 9 NIST SP 800-171 Rev 2 security requirements that govern how the contractor logs, retains, reviews, and protects audit information from in-scope systems.
Key AU requirements include creating and retaining audit records (AU.L2-3.3.1), tying actions to individual users (AU.L2-3.3.2), responding to audit logging failures (AU.L2-3.3.3, AU.L2-3.3.4), correlating records (AU.L2-3.3.5), providing audit reduction tools (AU.L2-3.3.6), protecting audit information (AU.L2-3.3.8), and limiting management of audit functionality (AU.L2-3.3.9).
Most contractors implement the AU family with a SIEM platform (Splunk, Sentinel, Elastic) or an outsourced MDR service. Assessors will ask for sample log entries, retention configuration, and evidence of regular log review.
Stop Googling. Start working.
CMMCDocs has all 110 NIST SP 800-171 Rev 2 requirements built in — with the language, the templates, and the evidence vault you need. Spin up a free demo workspace and click around the way an assessor would.
Get my demo account