Roles and Policy audits
A former coworker runs a monthly check against the security policy tile and all the roles that are available in our system. He did this by taking screenshots of each of the policy/role and visually compares to ensure that none of the values have been changed (example: changing the password history from 7 to 4 or none) to validate that nothing has been altered.
The issue with this approach is that it's a snapshot in time and if someone was to change a value in the middle of the month and change it back before the audit takes place, then it would appear as if nothing has changed over the month. Is there somewhere that we could go to view the changes in a more real-time fashion? With the settings API available, I can schedule something to run periodically to analyze what has changed over time, but unless I run it almost constantly, I don't think this is the right way to go about auditing changes to the system.
I was hoping someone could provide some best practice advice on how one should approach this subject.
Thanks and regards,