Most technologies allow you to basically audit a single instance at a time; generally you can audit a database server or Unix application server in isolation from other servers or technologies on the network.
However, Active Directory is an enterprise wide technology with multiple levels of structure in the form of Forests, Trees, Domains, Organizational Units and Sites. At each of these levels there are specific controls and risks that an IT auditor must understand and assess.
This calls for an audit methodology that takes into account AD’s structure. In this webinar I will share my audit methodology that ensures you collect the appropriate evidence and test the correct controls at each level of Active Directory and accurately interpret the scope of your findings.