An Identity Management System should maintain an Audit Trail of, at the very least, all security events. These include authentication attempts, change request input and authorization, access provisioning and deactivation events, Password Synchronization and reset, profile updates, etc.

Return to IT Security Concepts