Audit of Logical Security Controls
Description
Logical controls encompass user authentication, authorization, session management, segregation of duties (SoD), and log monitoring capabilities. Weaknesses in these areas expose payroll data to unauthorized changes, privilege abuse, and potential fraud. Students will operate in a controlled environment emulating FinGroup’s production payroll system. They will extract user entitlement listings, correlate them with HR records to detect orphan accounts or over-provisioned users, and test SoD conflicts such as users having both payroll data entry and approval rights. System logs will be collected, parsed, and analyzed to identify suspicious patterns (e.g., after-hours logins, repeated failed authentications, privilege escalations). The ultimate goal is to validate whether FinGroup’s logical access management processes comply with governance frameworks like COBIT DSS05 and ISO/IEC 27001 Annex A.9 (Access Control), and to generate actionable remediation recommendations.
Files
Steps to reproduce
# Audit of Logical Security Controls — Dataset This repository provides an anonymized and reproducible package for auditing logical security controls in a payroll system. ## Contents - `data/` – User access list (CSV), system logs (JSON) - `scripts/` – Python script to detect Segregation of Duties (SoD) conflicts - `results/` – Sample reconciliation results, SoD matrix, and log review findings - `docs/` – Expanded lab description with Problem, Requirements, Guiding Questions, and Expected Outcomes ## Usage 1. Run `scripts/sod_check.py` to detect SoD conflicts. 2. Populate `results/access_reconciliation.csv` with findings from HR reconciliation. 3. Review `results/log_review_findings.md` and update with additional anomalies. ## License CC BY 4.0 (data & documentation), MIT (code).
Institutions
- Universidad Cooperativa de Colombia