Novell Audit provides the tools you need to audit your organization’s compliance with internal and external policies and regulations; however, the use of secure logging technology such as Novell Audit does not, in itself, provide a complete auditing solution. Auditing is actually a human-driven process and Novell Audit is simply a tool to facilitate that process.
Therefore, a complete auditing strategy requires that you:
After you have implemented your auditing strategy, Novell Audit provides the information you need to assess overall compliance with organizational policies and to respond to policy violations in a timely manner.
For example, in a secure environment, you might have a policy that prohibits assigning user rights using the Security Equals attribute because it makes it difficult to track and manage user rights. To audit this policy, you first configure Novell Audit to log the Change Security Equals event.
To facilitate a timely response to policy violations, you configure a Notification Filter to send a message to your mailbox any time the Change Security Equals event occurs. You also have the Notification Filter route the event to the CVR channel, which is configured to automatically reset the Security Equals attribute on User objects to a null value.
You can monitor your organization’s compliance with this policy by using iManager or Novell Audit Report to query the data store for Change Security Equals events. You then review the query results to determine when violations occurred and who was responsible.