|
|
|
|
|
|
by Khaine
3475 days ago
|
|
|
Thats broadly correct, although auditing is usually risk based. The first question should be is there a risk that requires a detective control of audit logging to be in place, if the answer is no (because the system is of low risk or value) then you would be unlikely to continue down the checklist. |
|
|