- Are the records protected against intentional or accidental modification or deletion?
- Is an electronic audit trail completely outside the control and access of the system administrator (except for the read only access of the audit trail file)?
- Is it impossible to disable the audit trail function without being detected?
- Is the system date and/or metadata protected from accidental and/or intentional modification or deletion?
- Is the distribution of, access to, and use of the operating system and maintenance documentation controlled?