The audit log files _MUST_ not contain access control lists (ACLs). This rule ensures that audit information and audit files are configured to be readable and writable only by system administrators, thereby preventing unauthorized access, modification, and deletion of files.