Auditing and Monitoring

Consider the following example. A prestigious hospital in the UK must ensure that it aligns with all the regulations. You are part of the team responsible for ensuring compliance with the Data Protection Act (2018). One of the requirements is to ensure that patients’ records are kept confidential and protected against unauthorised processing, access, loss, or destruction. Consequently, the management provided the staff with substantial relevant training to raise awareness and equip them with all the necessary tools to ensure compliance. Does this mean that the hospital is now in compliance with the requirements of the Data Protection Act (2018), especially when handling patient records?

Policy violations come in various forms. Some staff might copy patient-related data using a USB flash memory for easy access. Others might dispose of confidential paper records without using the allocated paper shredders. Some might be taking photos of the computer screen to share it via unauthorised channels to make work “more efficient.” The examples are countless, and most of the “workarounds” might lead to violations of the applicable laws, which can lead to lawsuits against the hospital. We must ensure that everyone is doing their best to observe all laws and regulations to the best of their abilities.

We need some systematic and objective way to evaluate the hospital’s standing, i.e., auditing. We must regularly audit the processes and controls to ensure the hospital abides by all the related regulations and laws. Without auditing, there is no way to know what needs to be fixed.

In other words, when we ask questions such as: How can we know whether a company complies with the applicable laws and industry standards? How can we assess the effectiveness the risk management and internal controls? How can we detect fraudulent activities or misuse of resources? The answer lies in auditing.

What is Auditing?

In simple terms, auditing is like a check-up for a company or organisation. It involves carefully examining the company’s processes, internal controls, and financial statements to ensure everything runs smoothly according to the policies and laws. Auditors look for problems, such as errors, inefficiencies, or shady activities, and suggest ways to fix them. This helps the company improve its operations and builds trust with the people involved or affected by the organisation’s activities.

In more formal terms, auditing is a systematic, independent, and objective process of gathering and evaluating evidence to determine if an organisation, its policies, processes, controls, or financial statements comply with applicable laws, regulations, and industry standards.

What is Monitoring?

As per the title of this room, the focus is on auditing and monitoring. Before moving to the next task, let’s briefly explain monitoring. In information systems, monitoring is about continually checking a computer’s or network’s performance and behaviour. It involves watching over various components such as applications, storage, and networking to make sure they’re working well together. Monitoring also looks for unusual behaviour and checks if anything violates established rules or policies.

In this room, we will cover auditing and monitoring in more detail and visit related concepts such as logging.

Learning Objectives

Learn the following topics and differentiate between them:

• Auditing
• Monitoring
• Logging
• SIEM

Room Prerequisites

This room has no rigid prerequisites; however, to carry out the tasks on the attached VMs, some knowledge of MS Windows and Linux is necessary. We recommend satisfying the following requirements:

• Basic knowledge of MS Windows.
• Basic knowledge of Linux.
• Knowledge of IAAA, Risk Management, and related concepts is encouraged but unnecessary.