There is a significant gap between the stated objectives of organizational security found in corporate security policy and the audit configuration of event logs present on IT systems. Audit configuration has always been a bottom-up process. As a result, the design and implementation of audit configurations is often constrained by the audit management interface that often models operating system structures rather than real world behavior. This paper argues for a top-down approach in the establishment of IT audit policies and practices. We propose that management should develop an organization wide audit policy that will set mandatory audit directives and ensures that the audit configuration reflects the needs of the organization as defined in the security policy.
CITATION STYLE
Ahmad, A., & Ruighaver, T. (2002). A top-down approach towards translating organizational security policy directives to system audit configuration. In IFIP Advances in Information and Communication Technology (Vol. 86, pp. 55–65). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-0-387-35586-3_4
Mendeley helps you to discover research relevant for your work.