What is one requirement for audit trails as stated by NISPOM?

The correct response highlights that audit trails must include changes in user authentication. This requirement is critical as it enables organizations to track who accessed data or systems, when they did so, and any alterations made to user credentials. By capturing this information, organizations can maintain a robust security posture, ensuring accountability and enabling the investigation of potential insider threats. Having a detailed record of user authentication changes can help identify suspicious behavior, providing an essential tool for mitigating security risks.

Additionally, keeping accurate and comprehensive audit trails supports compliance with various regulations and standards, such as those outlined in the National Industrial Security Program Operating Manual (NISPOM). This compliance is vital for organizations dealing with sensitive information, as it helps protect against unauthorized access and potential data breaches.