NIST 800-171 R-3.3.2
Ensure Actions Are Traceable to Users
Official citation: 3.3.2
Class: core · Severity: high
Statement of the obligation — verify against source
3.3.2
What it means
Make sure each logged action can be traced to the specific user responsible, so people can be held accountable. Record enough identifying detail to link events to individuals, drawing on monitoring of account usage, remote access, wireless and mobile connections, boundary communications, configuration changes, physical access, maintenance, and similar activity.
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.