8.10: Retain Audit Logs
Control is new to this version of the control set.
Control Statement
Retain audit logs across enterprise assets for a minimum of 90 days.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]