The Unix Audit

UNIX is among the most popular operating systems in use today. Yet few people realize that within UNIX there is a powerful diagnostic "tool kit" that can be used to carry out a comprehensive audit on virtually every aspect of the system.

The UNIX Audit is your guide to mastering these tools. With a step-by-step strategy for designing and implementing your own customized audit procedure, here is a complete guide to using UNIX commands and shell programs to measure and evaluate:

• System Securty
• System Software
• Disaster Recovery
• System Use
• The UNIX File System
• Remote Access Facilities
• Backup Procedures
• System Performance

Complete with detailed instructions on how to publish a professional audit report, this is a "must read" for every system administrator, manager, or consultant who oversees the operations of a UNIX system. If you're concerned with insuring your system's productivity, the The UNIX Audit and find out how your system measures up.

1. Audit Basics
• Why Audit?
• UNIX in Particular
• The Right Approach
• Audit Preplanning
• Not All Audits Are the Same
• The Right Audit at the Right Time
• Audit Roles
• System Owner
• Applications Users
• MIS Users
• Auditor
• The Bigger Audit Picture
2. Audit Plan Deliverable
• Design the Report First
• Executive Report Details
• Audit Abstracts
• Action Items
• Management Report Details
• Methodology
• Findings
• Conclusions
3. Prerequisites
• UNIX File Structure
• UNIX Commands
• Commands Organized by Use
• Alphabetical Reference
4. Audit Baseline
• Creating a Baseline
• Overview of the Creation Process
• Resource Administration Files
• Application Usage
• Production History
• Details of Baseline Creation
• System Resource Files
• Recording Information
• Application Usage
• Software
• Data
• Configuration Information
• Recording Information
• Production History
• System Logs
• Procedures
• Recording Information
• Saving the Baseline
5. Audit Previews
• The Management Meeting
• User Interviews
• Application Users
• Technical Users
• System Users
• Document Review
• Original Purchase and Installation
• Subsequent Documentation
• Conducting the Right Audit
• Audit Response
• Assessing Audit Resources
• Prior Audit History
• Personnel
• Status Meeting
• Examination Directives
6. Capture and Examine
• The Tools
• Programs
• Files
• Procedures
• File System Examination
• Security
• Resources
• Usage
7. System Responses
• Signs
• Causes and remedies
• UNIX Accounting
• UNIX Accounting Reports
• System Activity Reports (SARs)
• Inadequate Hardware Resources
• Compromising Software
• Hidden Interrupts
• Poor Resource Planning
8. Delivering the Audit
• The Reports
• The Executive Report
• The Management Report
• Verbal Reports
• Different Audits
• Upgrade audits
• Emergency audits
• Methodology of the Emergency Audit
• Phase 1
• Phase 2 If There Was a Previous Audit
• Phase 2 If There Was No Previous Audit
• Typical Outcomes
• Cost and Benefits
• Likely Next Steps
• If the Resources Are Different
• Proceed with Caution
9. Forms for the Management Report
• Request for Proposal Audit Form
• System Proposal Audit Form
• Vendor Quotation Audit Form
• Product Receipt and Warranty Audit Form
• Software License and Support Audit Form
• Hardware Maintenance and Support Audit Form
• Application User Interview Audit Form
• Technical User Interview Addendum
• System User Interview Addendum

1. Program Listings
2. TLIST Contents
3. Reports Generated by Shell Programs
4. Example of Sizing Template
5. Audit-Type Decision Flowchart

Totally meaningless.