Auditing and accountability checks within a PIA are to ascertain what safeguards and security controls are needed, and when, from the following perspectives:
- Insider and third-party auditing addresses which organizations and/or agencies provide oversight
- Forensics
- Technical detection of information (or information system) misuse (for example, a host auditing tool detects database access and a large query not emanating from the application server)
- Security awareness, training processes, and supporting policies for those with direct or indirect access to the PII
- Modifications to information-sharing processes, organizations with whom information is shared, and approval of any changes to policy (for example, if the ...