This sample audit report presents the results of an application access audit performed within a company’s IT environment.

The scope of the project included a review of accounts which resided within ten critical applications that were chosen by the company. These systems were reviewed at the application level, database level and operating system level in order to identify user access risks that could impact information technology (IT), business and clinical application environments. Specifically, this assessment was conducted in order to provide a validation of specific user-level accounts, privileged accounts, shared accounts and generic accounts that have access to each system.