Log All Access and Changes | CCC

Skip to main content

CCC.Core.C04: Log All Access and Changes

Control ID:CCC.Core.C04

Title:Log All Access and Changes

Objective:Ensure that all access attempts are logged to maintain a detailed audit trail for security and compliance purposes.

Control Family:

Logging & Monitoring

Guideline Mappings

Reference ID	Entry ID	Strength	Remarks
NIST-CSF	DE.AE-3	0	-
CCM	LOG-08	5	Log Records (Generate audit records containing relevant security information)
NIST_800_53	AU-2	0	-
NIST_800_53	AU-3	0	-
NIST_800_53	AU-12	0	-

Assessment Requirements

ID	Description	Applicability
CCC.Core.C04.TR01	When administrative access or configuration change is attempted on the service or a child resource, the service MUST log the client identity, time, and result of the attempt.	tlp-clear tlp-green tlp-amber tlp-red
CCC.Core.C04.TR02	When any attempt is made to modify data on the service or a child resource, the service MUST log the client identity, time, and result of the attempt.	tlp-amber tlp-red
CCC.Core.C04.TR03	When any attempt is made to read data on the service or a child resource, the service MUST log the client identity, time, and result of the attempt.	tlp-red