One of the biggest time wasters I experience during an IT audit is have to ask an administrator to:
a. Run tools/scripts for me in order to access information
b. “Shoulder-surfing” with an admin in order to collect information/screen shots.
It’s a waste of my time, since I know where to go on a network to get what I need, and an even bigger waste of an admin’s time to collect all the stuff for me.
If, of course, they already had it on hand, as a good admin should…..but, I digress.
So, OK, Microsoft, SUN, HP, Red Hat, IBM, etc.: isn’t it about time you created an auditor function/ID? How about an ID that would have administrative READ ONLY access? Look everywhere, touch nothing? And, make the ID uniquely trackable? Like the admin ID should be, but again…..
This would have incredible value in the business world, for in-house auditors, as well as us external folks. How about it?