Audit logs SHALL be maintained for at least the minimum duration dictated by OMB M-21-31 (Appendix C).

Why This Matters

Audit logs provide a critical record of user and system activities within your Microsoft 365 environment. Without retaining these logs for the minimum duration required by OMB M-21-31 (Appendix C), your organization risks losing visibility into security incidents, hindering forensic investigations, and failing to meet federal compliance requirements. IT administrators must enforce proper log retention to ensure audit trails remain available for the mandated period.

What Aether365 Checks

Aether365 verifies that audit log retention policies in your Microsoft 365 organization are configured to maintain logs for at least the minimum duration specified by OMB M-21-31 (Appendix C). This check appears in your Aether365 dashboard under the microsoft-365 checks section.