Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL
Help

3 Applied Auditing and Audit Vault > The Audit Data Warehouse - Pg. 59

Chapter 3: Applied Auditing and Audit Vault 59 Auditing for Nonsecurity Reasons In some cases, auditing is set up to detect not only bad things that might occur but to act as an overall system monitor. Auditing can tell us who has accessed what, from where, when, and how. Another benefit of capturing audit data is that we can use this intelligence in considering overall enterprise IT issues such as resource distribution, scalability requirements, and underused and overused resources. This last point is also important to GRC, and many people are starting to understand that auditing offers real value--not only in the event of a security breach but in all cases. TIP Effective auditing is not just about security; it has added value for system and application profiling. You can even use auditing to identify when and if certain business conditions have been reached. For example, you could use audit records to detect and alert you when big financial transactions occur. This would be particularly beneficial when the transaction spans multiple databases or is not part of a single database transaction. With a consolidated auditing system, aggregate counts and group-by queries on the audit trail can show you patterns of interest. For example, you can identify facts and frequencies on the following: Server accesses