Administration Guide › User Accounts › Tasks Associated with Roles › Auditor Tasks
Auditor Tasks
Internal Auditors can perform tasks such as the following:
- Search for and select a query and view query results
- For a selected query result row, run an event/alert output process that is configured in CA IT PAM
- View current reports
- Schedule reports
- View the scheduled report job list
- View the generated report list
- View and annotate generated reports
- Set filters and profiles
You can assign the low-privileged role of Auditor when you create user accounts for third-party personal. For example, when a scheduled alert runs an event/alert output process at the query level, the alert sends a URL to CA Enterprise Log Manager that is appended to the description. For the third-party personnel to be able to browse to CA Enterprise Log Manager, they need user accounts.
Note: Analysts and Administrators can perform all Auditor tasks and their role-specific tasks.
External Auditors who are given temporary access to the CA Enterprise Log Manager for the period of the site audit can verify compliance to standards in areas such as the following:
- Verify that logs are collected from the expected sources.
- Verify that procedures are in place for preventing data loss. For example, verify that data is backed up frequently enough that nothing is missed.
- Verified that logs are being regularly reviewed to detect security breaches.
- Verify that logs are properly stored in a secure archive.
- Verify that the age of the archived data meets the standards for log retention.
- Verify that the content of the logs includes content mandated for retention.
More information:
How to Schedule a Report Job
View a Generated Report
Annotate a Generated Report
View a Report
Example: Run an Event/Alert Output Process with Selected Query Results
Example: Send an Alert that Runs an IT PAM Process Per Query
