AU.L2-3.3.8 — Protect audit information and logging tools
Protect audit information and audit logging tools from unauthorized access, modification, and deletion.
Verbatim NIST SP 800-171 Rev 2 requirement text (3.3.8).
How it's scored
1 point deducted from your SPRS score if unmet.
An open gap here may sit on a POA&M at conditional Level 2 certification (32 CFR 170.21), provided your total score is at least 88 of 110 — and it must close within 180 days of the conditional status date.
What an assessor checks: the 6 assessment objectives
NIST SP 800-171A determination statements, verbatim. A CMMC Level 2 assessor marks AU.L2-3.3.8 MET only when every applicable objective is satisfied — and examines evidence, not assertions.
| Objective | Determination statement |
|---|---|
| 3.3.8[a] | audit information is protected from unauthorized access. |
| 3.3.8[b] | audit information is protected from unauthorized modification. |
| 3.3.8[c] | audit information is protected from unauthorized deletion. |
| 3.3.8[d] | audit logging tools are protected from unauthorized access. |
| 3.3.8[e] | audit logging tools are protected from unauthorized modification. |
| 3.3.8[f] | audit logging tools are protected from unauthorized deletion. |
Where do you stand on AU.L2-3.3.8?
The free Muster Score walks all 110 requirements — including every objective above — and computes your exact SPRS score in your browser. No signup, no upload, and your answers never leave your device.
Get your free Muster Score →Requirement and objective text: NIST SP 800-171 Rev 2 / SP 800-171A (verbatim). Scoring: DoD Assessment Methodology v1.2.1; POA&M eligibility: 32 CFR 170.21. Muster is independent and not affiliated with the U.S. Department of Defense or the Cyber AB; this page is compliance information, not legal advice or a certification.