Skip to main content.
Information Technologies Security Program
IT Security Program Home > Information Technologies Security Program Home Page > Monitoring and Controlling System Activities

Monitoring and Controlling System Activities

Monitoring and Controlling System Activities refers to those practices, technologies and/or services used to ensure that the implementation and maintenance of security safeguards and system changes are adequately documented and managed, so that accountability can be established.

Monitoring and controlling system activities is part of the University's comprehensive systems-auditing program that facilitates security controls by providing processes:

  • to assess policy compliance (e.g., security check list),
  • to verify operational assurance (e.g., penetration testing),
  • to maintain individual accountability (e.g., user audit trails, change management approvals), and
  • to support intrusion problem analysis (e.g., user behavior anomalies; repeated failed log-in attempts; reconstruction of events).

Monitoring and controlling system activities can be self-administered by University staff (in the Department of Information Technologies or in other departments responsible for such systems), or they can be independently administered by parties external to the University (for example, the state Auditor of Public Accounts offers a for-fee service of penetration testing for systems). In any case, personnel involved in these activities must have a high-level of expertise in the information technology security field and of auditing practices, and they must be objective.

Industry practices suggest that security safeguards tend to degrade over the operational life-cycle of systems.  The University must make -- and regularly review -- decisions about the timing, frequency and scope of (such as annual independent audit, daily audit log analysis, attention at the system, application or user level) of steps it takes to monitor and control system activities, based on its assessment of the relative risk involved.

[Adapted from materials provided by the Virginia Alliance for Secure Computing
and Networking (VA SCAN -- see http://www.vascan.org )]

University Standards for Monitoring and Controlling System Activities

  • The University monitors and tracks systems, activities and operations, with resulting data made accessible, to ensure compliance and accountability with security policies.
  • The University includes configuration management processes in its system-specific security programs to establish accountability for changes to components.