cmdReporter meets or exceeds the requirements for each of the below controls for macOS computers.
https://nvd.nist.gov/800-53/Rev4/control/AC-2
AC-2 (4) Account management | automated audit actions
AC-2 (12)(a)(b) Account management | account monitoring / atypical usage
https://nvd.nist.gov/800-53/Rev4/control/AC-6
AC-6 (9) Least privilege | auditing use of privileged functions
https://nvd.nist.gov/800-53/Rev4/control/AU-3
AU-3 (2) Content of audit records | centralized management of planned audit record content
https://nvd.nist.gov/800-53/Rev4/control/AU-4
AU-4 (1) Audit storage capacity | transfer to alternate storage
https://nvd.nist.gov/800-53/Rev4/control/AU-5
AU-5 (2) Response to audit processing failures | real-time alerts
https://nvd.nist.gov/800-53/Rev4/control/AU-7
AU-7 (all) Audit reduction and report generation
https://nvd.nist.gov/800-53/Rev4/control/AU-9
AU-9(2) Audit backup on separate physical systems / components
AU-9(4) Access by subset of privileged users
https://nvd.nist.gov/800-53/Rev4/control/AU-10
AU-10 (1)(b) Provides the means for authorized individuals to determine the identity of the producer of the information.
https://nvd.nist.gov/800-53/Rev4/control/AU-11
AU-11(1) Long-term retrieval capability
Partial: cmdReporter makes meeting AU-11 much easier, but there are still non-macOS steps to take to meet.
https://nvd.nist.gov/800-53/Rev4/control/AU-12
AU-12 (all) Audit generation
https://nvd.nist.gov/800-53/Rev4/control/AC-17
AC-17 (1) The information system monitors and controls remote access methods.
Partial: audits, not controls. macOS natively controls remote access.