Wikia

The IT Law Wiki

Audit

Talk0
29,261pages on
this wiki

Definitions Edit

General Edit

An audit is

a detailed examination conducted by people external to the business unit to assess controls, measure performance and compliance, identify gaps, and make recommendations.[1]

Security Edit

An audit is an

[i]ndependent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies or procedures.[2]

Overview Edit

Most common forms of audits are compliance, operational, or vulnerability. An audit may be carried out by internal or external groups.

Integrated, dynamic auditing systems not only record information, but also act to restrict use or to alert security personnel when possible safeguard violations occur — not just violations from intruders but also from insiders. One feature might alert security personnel if users are accessing certain files after hours or if a user (or possible intruder) repeatedly but unsuccessfully attempts to access a certain computer]. The security officer might then closely monitor the user actions to determine what further actions should be taken (simply denying access might alert an intruder to use a more reliable or more covert method, confounding the security staff). Some sophisticated systems use expert systems that “learn” users’ behavior.

References Edit

  1. Newfoundland-Labrador, Office of the Chief Information Officer, Information Management and Information Protection Glossary of Terms (full-text).
  2. CNSSI 4009, at 4; NIST Special Publication 800-32.

See also Edit

Around Wikia's network

Random Wiki