August 2012 Understanding Individual Accountability & Audit (Information Security in Crief Book 3)

Individual accountability is a core concept of information security. The ability to trace events back to the specific user who performed them is a red line requirement The ability to impose accountability cretes a deterent to bad behavior, ans is a essential measure to protect agaist daming activities performed by privileged insiders, as well as standard unprivileged users. Audit is implemented as a native capability in most operating sytems, database management systems and large scale applications. Understanding Audit is essential to understanding how asset protection is provided.