IT Answers » Audit Policy

Audit Question on Periodic System Review

Toosunneo — Thu, 16 Sep 2010 18:41:47 +0000

Hello, I am auditing a client and would like to understand if there is any risk with the following scenario. We are auditing the periodic review of system privilege for payroll/HR system.

The review is only done by one individual. This individual is the system owner and the system administrator. I am trying to understand if there is any potential SoD risk here with this review.

The potential risk that I can think of is that this user could create fictitious accounts and use that account to process fraudulent payroll activity. Since this user has access to setup new accounts or make unuauthorized access changes, should the review be also performed by another user that is not a system administrator? I would appreciate any insights on this. Thank you.

audit a policy on domain for local users

Mcitp2008 — Wed, 16 Jun 2010 10:23:40 +0000

hy plz tell me how i can audit a policy on local or domain users plz give me answer in very easy form

Audit policy change Eventid 644

Ditchdog — Tue, 05 May 2009 08:27:52 +0000

Hi i noticed the username doing the change is always the computer account even if it is changed by a user account. How could we se which user account did it?