Audit of Logical Security Controls

Logical controls encompass user authentication, authorization, session management, segregation of duties (SoD), and log monitoring capabilities. Weaknesses in these areas expose payroll data to unauthorized changes, privilege abuse, and potential fraud. Students will operate in a controlled environment emulating FinGroup’s production payroll system. They will extract user entitlement listings, correlate them with HR records to detect orphan accounts or over-provisioned users, and test SoD conflicts such as users having both payroll data entry and approval rights. System logs will be collected, parsed, and analyzed to identify suspicious patterns (e.g., after-hours logins, repeated failed authentications, privilege escalations). The ultimate goal is to validate whether FinGroup’s logical access management processes comply with governance frameworks like COBIT DSS05 and ISO/IEC 27001 Annex A.9 (Access Control), and to generate actionable remediation recommendations.