10.2.2 All actions taken by any individual with root or administrative privileges
10.2.2 Verify all actions taken by any individual with root or administrative privileges are logged.
Accounts with increased privileges, such as the “administrator” or “root” account, have the potential to greatly impact the security or operational functionality of a system. Without a log of the activities performed, an organization is unable to trace any issues resulting from an administrative mistake or misuse of privilege back to the specific action and individual.