NIST 800-171 R-3.3.9
Limit Management of Audit Functionality
Official citation: 3.3.9
Class: core · Severity: medium
Statement of the obligation — verify against source
3.3.9
What it means
Limit who can manage the audit-logging function to a small subset of privileged users. Administrators who are themselves subject to auditing could undermine log reliability by disabling logging or altering records, so separate audit-related privileges from other privileges and grant them to only a few people.
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.