Auditing

• A large company e.g. Tesco has branches all over the UK and it uses its ICT systems to manage cutomer records and all its financial dealings. The company's Data Officer would have written a security policy to protect the data held by the company.To ensure the confidentiality of customer records they may make use of user accounts and logs.

Auditing (i.e. keeping logs), keeps a record of who has done what on the network.

Auditing keeps records of:

• usernames
• the times they logged on and off
• details of programs they used
• details of files acccessed
• details of changes made
• details of from which machine

Tip: Remember Who, What and When !

In addition to managing user accounts by allocation of access levels and passwords to users, auditing is used to identify abuses of the systems by authorised staff and also to investigate instances of unauthorised access (i.e. by hackers).