Auditing Related to Information Security Compliance
All legislated information security compliance requires the ability to perform audits on access to protected information, applications and systems. For most organizations, this means manually (or quasi-manually) collecting information contained in audit logs across a wide range of applications and systems, then attempting to correlate the security events contained in those log files in order to re-create the forensic trail of an incident or transaction. FairWarning® greatly automates the tedious part of this process, while providing the auditor the flexibility to research the incident based on common sense, intuition and the information context of the incident investigation.
HIPAA privacy audits are frequently conducted in response to a patient or employee incident. The auditor may begin research into the incident based on a patient name; however, the research can quickly transition into examining the details of a specific employee's access to protected health information. This information might reside in multiple systems and access could have taken place over time. With FairWarning the collection and correlation processes are automated. The auditor can then query the results with varied criteria and search elements.
Auditing in conjunction with Sarbanes Oxley takes on different forms. For example, common security incidents that are audited include: i) escalation of privileges for critical systems ii) the creation of new users in critical systems, or iii) the inspection of transactions to critical systems such as payroll, ERP and CRM systems. These audits may be regularly scheduled or in some cases; they may be monitored on a near real time basis.
In all cases, FairWarning's flexibility in centralizing and processing the audit logs, correlating security events across systems, searching on specific date ranges and even monitoring for the occurrence of specific events (see monitoring) provide essential compliance auditing capabilities.
###
