Introduction
Compliance program regulatory documents, especially data protection laws, define detection, logging, and auditing requirements. An example of such a program is the German Bundesdatenschutzgesetz (BDSG), where you would find the section "to prevent unauthorized usage of data processing systems" in paragraph 9 (http://www.lw-flyerdruck.de/userfiles/541/File/Dateivorgaben/INFO1_Januar_2011.pdf). An implication of this requirement could be to detect these unauthorized usages. Microsoft System Center 2012 Operations Manager (SCOM) has the ability to track and log unauthorized events in Microsoft Active Directory.
Another requirement could be the logging of data access for each individual user. In the Payment Card Industry Data Security Standard (PCI DSS), requirement 10 states:
"10.1 Implement audit trails to link all access to system components to each individual user"
You can find additional details on PCI DSS at https://www.pcisecuritystandards.org/documents...