After you ask to examine some audit records, the contractor's system administrator informs you that there is a process to follow before accessing them. The logs are hashed using SHA-512 algorithms, and the system administrator has to run an algorithm to recalculate the hashes for the audit records to verify their integrity before running a decryption algorithm to decrypt the data. Since this might take some time, you tour the facility while interviewing personnel with audit and accountability roles. You see an employee holding the door for another without using their physical access card. While interviewing the contractor's employees, you find that they can access all audit logging tools and tweak the settings according to their needs or requirements. Upon examining the contractor's access control policy, you realize they have not defined the measures to protect audit logging tools. Considering CMMC AU.L2-3.3.8 – Audit Protection and best practices, which of the following is the MOST concerning finding regarding the employees' access to audit logging tools?