What should a bank do before enabling the audit feature on their system?

• A. Determine the impact of enabling the audit feature.
• B. Enable auditing immediately without testing.
• C. Disable all network access before auditing.
• D. Encrypt all logs with no policy.

Answer: (A)

Before turning on audit logging, you must assess the potential effects of enabling it. This involves understanding how auditing will change system performance, storage needs, and reliability, as well as ensuring the logging scope fits regulatory requirements and internal policies. You need to decide what events to capture, how long to keep logs, where they’re stored, who can access them, and how to protect them from tampering. This planning helps avoid surprises like slower systems, overwhelmed storage, or logs that don’t meet investigative or compliance needs. It also allows you to test in a controlled environment to confirm that enabling auditing doesn’t introduce new failures and that monitoring remains effective. While encryption and access controls are important, they should be guided by a formal policy; simply encrypting logs without governance won’t address retention, coverage, or accountability.