diff --git a/defaults/main.yml b/defaults/main.yml
index f5907e9f..412c2ea3 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -156,6 +156,9 @@ max_log_file_action: ROTATE                       # V-38634
 # Set the number of rotated audit logs to keep.  Ubuntu has 5 as the default
 # and this matches the STIG's requirements.
 num_logs: 5                                       # V-38636
+# Set the email address of someone who can receive and respond to notifications
+# about low disk space for log volumes.
+action_mail_acct: root                            # V-38680
 # **IMMINENT DANGER**
 # The STIG says that the system should switch to single user mode when the
 # storage capacity gets very low. This can cause serious service disruptions
diff --git a/doc/source/developer-notes/V-38680.rst b/doc/source/developer-notes/V-38680.rst
new file mode 100644
index 00000000..2fae9bf0
--- /dev/null
+++ b/doc/source/developer-notes/V-38680.rst
@@ -0,0 +1,6 @@
+By default, Ubuntu sets the default recipient for storage capacity issues in
+auditd to the root user. The Ansible task ensures that the default remains set.
+
+Deployers are strongly urged to review V-38446 to ensure they have set the
+``root_forward_email`` variable so that the email system can route these
+critical notifications to a monitored mailbox.
diff --git a/tasks/auditd.yml b/tasks/auditd.yml
index f092b213..c73f5919 100644
--- a/tasks/auditd.yml
+++ b/tasks/auditd.yml
@@ -161,6 +161,18 @@
     - cat2
     - V-38470
 
+- name: V-38680 - Audit system must send email notifications when storage capacity is low
+  lineinfile:
+    dest: /etc/audit/auditd.conf
+    regexp: "^(#)?action_mail_acct"
+    line: "action_mail_acct = {{ action_mail_acct }}"
+  notify:
+    - restart auditd
+  tags:
+    - auditd
+    - cat2
+    - V-38680
+
 - name: V-38495 - Audit log files must be owned by root
   file:
     dest: /var/log/audit/