Events of potential security relevance are generated. Examples
include audit records made by financial systems and used to identify
fraudulent use, sign-in sheets used to identify who has entered and/or left
an area and at what times, and computer-generated audit records that track
logins, program executions, file accesses, and other resource uses.
Complexity: Generating audit records is not difficult. Care must be taken to
secure the audit records from illicit observation and disruption and to
prevent audit trails from using excessive time or space.