Security Auditing is the formal examination and review of
actions taken by system users. This process is necessary to
determine the effectiveness of existing security controls, watch
for system misuse or abuse by users, verify compliance with current
security policies, capture evidence of the commission of a crime
(computer or non-computer related), validate that documented
procedures are followed, and the detection of anomalies or
intrusions. Effective auditing requires that the correct data to be
recorded and that is undergoes periodic review.
