LAN AuditProgram.docVIP

LAN AUDIT PROGRAM 2/8/95 Audit Administration Stuff 1. Determine scope and objectives of audit. 2.Notify auditees of audit. 3.Obtain additional input and concerns from auditees. 4.Obtain a general overview and understanding of the area being audited. 5.Develop audit program. Authentication/Authorization (to Workstation,Server, and Applications) Section B 1. Map the authorization structure of the LAN. Obtain listing of all users and group assignments. Obtain listing of all groups and alias assignments. Obtain listing of group accesses. Obtain list of alias to directory/path flow. Obtain directory listing. 2.Document the technical process of allowing access to the LAN relative to users, groups, and alias. 3. Obtain list of all users with Administrator authority. Review this list for reasonableness. 4. Obtain list of all users with privileges. Review this list for reasonableness. 5. Obtain and review security policies for the LAN. 6.Review process for obtaining a new LAN ID and access to LAN resources. Is there a formal policy for this process? Is policy followed? 7.Document the procedures to establish IDs for vendors and temporary employees. Evaluate the needs for this access and review the procedures to remove them from the system upon completion of their task. 8.Document the procedures regarding inactive users and terminated employees. 9.Review existence of LAN audit trails and violation logs. 10.Determine if audit trails are adequate and if they are reviewed on a regular basis. 11. Determine if violation logs are reviewed on a regular basis. 12.Determine what type of console log is on the servers and who has access. 13.Review logon ID and password parameters. Include: Logon ID expirations Password expirations Minimum PW length Password history Password encryption (in file and across network) Logon timeout Password required 14.Determine if all user IDs are accounted for. 15. Determine i