A CA Top Secret auditor has the authority to audit:
The auditor attaches the AUDIT attribute to the user's ACID.
The auditor updates the AUDIT record with the resource or resource prefix (up to 64 characters) and optional access levels to be audited.
The auditor includes the ACTION(AUDIT) keyword on the PERMIT command function.
The auditor can audit critical resources on a permanent basis and produce reports or monitor audit results online, as well as spot-check user activity by periodically auditing key personnel.
Auditors can coordinate their audit activity with the security administrator. The security administrator is doing concurrent audits to monitor effectiveness of the security implementation.
To avoid generating large numbers of unnecessary audit records, select audit criteria and revise this criteria as audit requirements change.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|