STIGViewer Trial workspace — loading your subscription…

NIST 800-171 v2

110 security requirements available

3.3.7Derived Requirement

Audit and Accountability

Security Requirement

Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records

Discussion

Internal system clocks are used to generate time stamps, which include date and time. Time is expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC. The granularity of time measurements refers to the degree of synchronization between system clocks and reference clocks, for example, clocks synchronizing within hundreds of milliseconds or within tens of milliseconds. Organizations may define different time granularities for different system components. Time service can also be critical to other security capabilities such as access control and identification and authentication, depending on the nature of the mechanisms used to support those capabilities. This requirement provides uniformity of time stamps for systems with multiple system clocks and systems connected over a network. See [IETF 5905].

Framework
NIST SP 800-171 Rev 2
Family
Audit and Accountability
Requirement Type
derived

Related Frameworks

11 paths across 2 frameworks
NIST 800-532 mappings
AU-8
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI9 mappings
CCI-000159
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000161
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001492
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001888
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001889
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001890
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001891
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001892
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002046
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

79 STIGs reach this control through 10 CCIs via 800-53 control AU-8. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Server

16 STIGs
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-061 of 283 findings match
Show 8 more STIGs in this category →
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-131 of 375 findings match

Operating System — Mainframe

1 STIG
Mainframe Product Security Requirements Guide
V3R42025-09-101 of 194 findings match

Network Device

30 STIGs
AAA Services Security Requirements Guide
V2R22024-12-043 of 77 findings match
Network Device Management Security Requirements Guide
V5R42025-09-103 of 105 findings match
Network Device Management Security Requirements Guide
V5R32025-02-113 of 104 findings match
SEL-2740S NDM Security Technical Implementation Guide
V1R12019-05-062 of 13 findings match
Show 22 more STIGs in this category →
Cisco ACI NDM Security Technical Implementation Guide
V1R22025-12-111 of 26 findings match
Cisco ASA NDM Security Technical Implementation Guide
V2R42025-12-081 of 47 findings match
Cisco ISE NDM Security Technical Implementation Guide
V2R32025-12-111 of 53 findings match
RUCKUS ICX NDM Security Technical Implementation Guide
V1R12025-05-281 of 25 findings match

Database

11 STIGs

Web / Application Server

6 STIGs

Virtualization / Container

11 STIGs
Container Platform Security Requirements Guide
V2R42025-09-103 of 188 findings match
Virtual Machine Manager Security Requirements Guide
V2R32025-09-103 of 198 findings match
Show 3 more STIGs in this category →

Cloud / Identity Service

1 STIG

Endpoint Security Management

3 STIGs