Auditing and accountability checks within a PIA are to ascertain what safeguards and security controls are needed, and when, from the following perspectives:

• Insider and third-party auditing addresses which organizations and/or agencies provide oversight
• Forensics
• Technical detection of information (or information system) misuse (for example, a host auditing tool detects database access and a large query not emanating from the application server)
• Security awareness, training processes, and supporting policies for those with direct or indirect access to the PII
• Modifications to information-sharing processes, organizations with whom information is shared, and approval of any changes to policy (for example, if the ...