IX. Control and Audit
The audit trail is a permanent record of every transaction that has taken place in a system. Who, when, where, and what are requirements for an audit trail and are necessary for a secure system. Control of the audit trail determines the success of the system. Audit trails may be required by law or company regulation, and may be used for backup and recovery or an analysis of errors. In data security they can be used for detecting security violation and as a means for security-violation deterrence. Discuss the relationship between operations, management and the audit function.