CMMC Practice AU.5.055
Identify assets not reporting audit logs and assure appropriate organizationally defined systems are logging.
Practice AU.2.042 required the creation and retention of audit logs. Audit logs are essential
to cybersecurity awareness and incident response. This practice requires organizations to
proactively determine if any assets that should be creating audit logs are not generating the