I am performing internal audit on windows security monitoring process. The client performs periodic review of windows domain administrators to detect if there were any unauthorized access. For one of the review, we found out the individual was reviewing her own activity. My first thought is that this could be an SoD conflict.
I am trying to understand the audit risk with this process. There is no financial systems in scope that sit on Windows OS except for ADP, which is managed by third party vendor. Is there any financial audit risk with this? If the domain admin did attempt to login to windows, would there be any impact to the financial systems or is this just security risk with windows only? Appreciate any insights on this. Thanks. John.
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!