Auditing

Help an organization balance resources expended against the most likely areas of weaknesses.
Audit Type Reason
New System Installation Security Audits Ensure conformance to existing policies and a standard system configuration.
Regular Automated System Audit Checks Reveal a "visitation" by an intruder or illicit activity by insiders.
Random Security Audit Checks
  • Test for conformance to security policies and standards (by finding illicit activity) ,
  • Check for the existence of a specific class of problems (e.g., the presence of a vulnerability reported by a vendor).
Nightly Audits of Critical Files
  • Assess the integrity of critical files (e.g., the password file)
  • Integrity of databases (e.g., payroll or sales and marketing information).
User Account Activity Audits Detect dormant, invalid, misused accounts.
Periodic audits and vulnerability assessments Determine overall state of your security infrastructure.