9
Please fix the bug in the Security Audit Trail that incorrectly logs security configuration changes that are performed either through Microsoft Maintenance Security Updates or Upgrades. These changes should be logged to the -System- user. We have seen and reported via LCS instances where a change that could not have been made in the UI was tagged to our Security Administrator because he updated the role after the Microsoft Security Update had been applied. Because of this bug, the audit trail cannot be effectively relied upon for reviewing security changes and ensuring that they are properly requested, approved, and executed. This has significant implications for Companies that need to ensure the effectiveness of IT General Controls for SOX purposes.
STATUS DETAILS
Needs Votes