Other unauthorized copies of reports could be printed

Sensitive data may be read by operators

Data cannot be altered without authorization

output would be lost in case of system failure

Reliability

Availability

Integrity

Confidentiality

Maintain internal and external consistency

Prevent unauthorized users from making modifications

Prevent paths that could lead to inappropriate disclosure

Prevent authorized users from making improper modifications

Often traced to individuals responsible for observing and recording the data

Never traced to individuals responsible for observing and recording the data

Sometimes traced to individuals responsible for observing and recording the data

Always traced to individuals responsible for observing and recording the data

Is there separation of duties between security personnel who administer the access control function and those who administer the audit trail?

Are incidental monitored and tracked until resolved?

Is access to online logs strictly controlled?

Does the audit trail provide a trace of user actions?

Layering

Data mining

Data hiding

Abstraction

Preset locks

Door delays

Cable trap

Slot locks