Master Assessment Datasheet
The organization being inspected/assessed documents and implements a process to enforce logical access restrictions associated with changes to the information system. The information system must maintain an audit trail of logical access to the information system pertaining to information system changes.
The organization conducting the inspection/assessment obtains and examines the documented process as well as the logical access audit trail to ensure the organization being inspected/assessed enforces logical access restrictions associated with changes to the information system as documented in the configuration management policy.
DISA Compelling Evidence
1) configuration management policy (ref logical access restrictions)