Difference between revisions of "Audit trail"

From LIMSWiki
Jump to navigationJump to search
(Created article stub.)
 
(Updated article stub.)
Line 1: Line 1:
A record of events related to an individual data element including the original information and any changes to the information used to reconstruct a series of related events that have occurred. It may be composed of manual or computerized records of events and information, or both. A critical feature for any [[LIMS]].
An '''audit trail''' is a security-relevant chronological record, set of records, or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event.<ref>{{cite web |url=http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf |title=National Information Assurance (IA) Glossary |publisher=Committee on National Security Systems |pages=4 |date=7 August 1996 |accessdate=07 March 2012 |format=PDF}}</ref><ref>{{cite web |url=http://www.atis.org/glossary/definition.aspx?id=5572 |title=ATIS Telecom Glossary 2012 - audit trail |publisher=ATIS Committee PRQC |date=2012 |accessdate=07 March 2012}}</ref> It may be composed of manual or computerized records of events and information, or both.


The record of events, either individually, or in blocks of temporally connected changes, must be associated with an individual user (or if changes are created automatically by the system, this must be indicated) and an unambiguous record of the date and time the change occurred (e.g., by the use of a time zone or reference to GMT).
An audit trail includes an unambiguous record of events either individually, or in blocks of temporally connected changes associated with an individual user (or if changes are created automatically by the system, this must be indicated) and the date and time the change occurred (e.g., by the use of a time zone or reference to GMT). The process that creates an audit trail often run in privileged mode so it can access and supervise all actions from all users and disallow normal users from accessing the audit trail. Another way of handling this issue is through the use of a role-based security model in the software.<ref>{{cite book |title=Insider computer fraud: an in-depth framework for detecting and defending against insider IT attacks |author=Brancik, Kenneth C. |chapter=Chapter 2: Related Research in Insider Computer Fraud and Information Security Controls |year=2007 |pages=18–19 |publisher=CRC Press |url=http://books.google.com/books?id=lsDngU-RUywC |isbn=1420046594}}</ref>
 
==References==
<references />

Revision as of 18:50, 7 March 2012

An audit trail is a security-relevant chronological record, set of records, or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event.[1][2] It may be composed of manual or computerized records of events and information, or both.

An audit trail includes an unambiguous record of events — either individually, or in blocks of temporally connected changes — associated with an individual user (or if changes are created automatically by the system, this must be indicated) and the date and time the change occurred (e.g., by the use of a time zone or reference to GMT). The process that creates an audit trail often run in privileged mode so it can access and supervise all actions from all users and disallow normal users from accessing the audit trail. Another way of handling this issue is through the use of a role-based security model in the software.[3]

References

  1. "National Information Assurance (IA) Glossary" (PDF). Committee on National Security Systems. 7 August 1996. pp. 4. http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf. Retrieved 07 March 2012. 
  2. "ATIS Telecom Glossary 2012 - audit trail". ATIS Committee PRQC. 2012. http://www.atis.org/glossary/definition.aspx?id=5572. Retrieved 07 March 2012. 
  3. Brancik, Kenneth C. (2007). "Chapter 2: Related Research in Insider Computer Fraud and Information Security Controls". Insider computer fraud: an in-depth framework for detecting and defending against insider IT attacks. CRC Press. pp. 18–19. ISBN 1420046594. http://books.google.com/books?id=lsDngU-RUywC.