In: Accounting
Assuming that your group is a team of IT auditors who have just got an assignment to audit information logging of servers of a company. You have known that logs are important for information systems operation and security because logs can be used to detect unauthorized access, identify unfavorable trend, and provide data for determining the root cause of system failures. Your supervisor asked you to (1) find out what system activities are to be logged according to commonly used policies or standards. (Hint: Use the internet to search for commonly used policies of standards. Then, list the system activities in you answer. The source of the list should be included in your answer.) (2) verify whether the company maintains all those necessary logs defined in (1). (Hint: Describe the audit procedure(s) you will use to accomplish this task) (3) find out what are necessary elements of system log, such as user id. (4) examine whether the system logs actually include necessary elements (Hint: Describe the audit procedure(s) you will use to accomplish this task) (5) verify whether these logs are regularly reviewed (Hint: Describe the audit procedure(s) you will use to accomplish this task)
Internal audit typically has three phases; planning, testing & reporting. Every audit begins with the definition of scope of audit. Once the scope is defined, the audit plan is laid out with the inputs and data requirements, analysis & sampling of input data based on deviations and material observations, the audit initially begins with the sample data and is then extended based on the audit findings.
Logging provides a record of events related to IT systems and processes. Every recorded log is an independent entry with information of the event like time stamp, user id, ip address and approval level etc.
The organization generates audit trails and logs to reconstruct the following events:
An organization records the audit trail with following elements:
Audit Planning
Audit Testing
Audit Standard Practices & Procedures