Discussion:

Internal system clocks are used to generate time stamps, which include date and time. Time is expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC. The granularity of time measurements refers to the degree of synchronization between system clocks and reference clocks, for example, clocks synchronizing within hundreds of milliseconds or within tens of milliseconds. Organizations may define different time granularities for different system components. Time service can also be critical to other security capabilities such as access control and identification and authentication, depending on the nature of the mechanisms used to support those capabilities. This requirement provides uniformity of time stamps for systems with multiple system clocks and systems connected over a network. See [IETF 5905].

Upon assessment, assessors must determine if-

3.3.7[a] internal system clocks are used to generate time stamps for audit records.
3.3.7[b] an authoritative source with which to compare and synchronize internal system
clocks is specified.
3.3.7[c] internal system clocks used to generate time stamps for audit records are
compared to and synchronized with the specified authoritative time source.

Assessors are instructed to-

Examine: [SELECT FROM: Audit and accountability policy; procedures addressing time stamp generation; system design documentation; system security plan; system configuration settings and associated documentation; system audit logs and records; other relevant documents or records].

Interview: [SELECT FROM: Personnel with information security responsibilities; system or network administrators; system developers].

Test: [SELECT FROM: Mechanisms implementing time stamp generation; mechanisms implementing internal information system clock synchronization].