3.3.8 Protect audit information and audit logging tools from unauthorized access, modification, and deletion.

Audit information includes all information (e.g., audit records, audit log settings, and audit reports) needed to successfully audit system activity. Audit logging tools are those programs and devices used to conduct audit and logging activities. This requirement focuses on the technical protection of audit information and limits the ability to access and execute audit logging tools to authorized individuals. Physical protection of audit information is addressed by media protection and physical and environmental protection requirements.

Actionable Items: This can be best maintained by using 3rd party security and auditing software. This software must be properly monitored and maintained. Access to this should be reserved for security admins only. Regular reviews and reports can be generated for review and tracking of your system.