Who is this article for?

IT Administrators wanting to learn more about Internal Audit integrations with security technologies.

No special access or permissions are required.

Internal Audit is not tested for compatibility with any specific third party products, but we understand you may still want to implement them within your organisation.

This article gives an overview of various security technologies and related issues to consider when exploring them as options.

Identity and Access Management/Identity Governance (IAM/IdM and IGA)

Early versions of Internal Audit provided Windows Authentication and username/password (Forms-based Authentication/FBA) as options for authenticating users.

Since v5, we also provide compatibility with SAML2, which might enable you to leverage your own corporate IAM/IdM infrastructure.

Additionally, if your system allows for multi-factor authentication, this can be carried through to the Internal Audit application.

Although we do not test with specific solutions in mind, we have seen Ideagen Audit working with Entra ID, Okta, PingFederate, and Shibboleth.

If you have questions about implementing SSO then please open a support ticket.

Security Information and Event Management

The application does not hook into any particular SIEM tools.

Each application service logs to its own log file, and user data changes are logged within the application database.

If you have any queries about logging to query these information sources, open a support ticket with specific questions.

Antivirus applications and firewalls

We do not test for compatibility with particular tools, but by virtue of having a large and varied customer base, we see the application working with numerous products.

Key points are:

• Configuring the application service endpoints for on-demand scanning can cause problems:
  • Connection can be slowed.
  • Some tools can unpredictably close connections to the file service during uploads and downloads.
• Some scanners can view ClickOnce downloads as suspicious behaviour (i.e. suddenly requesting a large number of files) and close the connection midway through.
• Some on-demand antivirus scanners cause disruption of the file attachment download and open function because they keep a lock on the file and prevent the host application (e.g. Word, Excel) from opening it.

In all these cases, it is important to whitelist the problematic behaviour.

Encryption types

Data in flight

Communication between the desktop client and back end service is encrypted using TLS, via Microsoft WCF's message encryption.

You can find more information in your guide to converting the main service to https.

Data at rest

Within the Internal Audit system, data resides in two locations:

• Client cache - This local database caches infrequently changing data (e.g. the content of dropdown lists) in order to maximise performance. 
  In addition, if you make use of the offline working functionality, it will store any offline data you choose (e.g. audit data, attachments).  The application does not have its own encryption mechanism; it is assumed that PC hard drives would be encrypted.
• Database - In the database, user passwords are hashed.

For further encrypting data:

• SQL Server TDE can be used.  This is a feature of SQL Server and is transparent to the Internal Audit application
• Storage volumes can be encrypted.

Because both of these are features of the platform, we cannot provide guidance or support in their use.

Further reading

• Troubleshooting SSO (SAML) login failing with white dialog box