Network System oversite

It has been noted in a recent audit the we do not have sufficient oversite of our network administrator activities.  We are a small organization so one IT person is all we have.  Does anyone have suggestions or know of a software that would review master files and operating system changes as a result of updates, patches, or troubleshooting?  We are using Microsoft SBS 2003.

Thanks-

Programs like Tripwire do this, but I suspect that this gives you way too granular and too specific detail.

Sorry if I offend you by challenging your requirements, but is this really needed?  If you can't trust your system / network adminstrator, then why have him or her?  Also, no work environment really has "sufficient oversite", and those that think that they do often just end up creating baloney bureaucratic rules which the IT people laugh at.

Maybe we could help you more if we had a better idea of what type of audit was done, what the auditors found, and what their exact verbage was on what needed to be done.  Right now, there are countless software packages that do various aspects of what you need, and if we were to discuss any of these, chances are that we'd waste time talking about details that are likely not appropriate for what you really need.

It is an audit of our financial statements and procedures provided to our Board every year.

This is the wording of what is needed:  Review of master file and operating system changes as a result of updates, installations, patches, or troubleshooting on a periodic basis by an appropriate individual.

Our org has had many financial audits in the past 5 years that I have been with them.  Not once have they ever challenged me or asked what changes I have made to our servers in regards to patches and updates.  It sounds more to me like they'd like you to document any changes made such as a maintenance log.   

We have a similar thing on our audit.   My suggestions would be

1,  limit the scope of the documentation to only the machines that process business critical information and process cash / financial transactions.  These are most likely what concerns the auditors. 

2, have a written policy that states what your update policy is.  Could be as simple as All automatic Microsoft updates are installed as delivered by Microsoft, and application specific updates per the software vendors schedule.  If the auditors are really concerned it will be noted in the management letter, and then you and your boss can determine the resolution, (Ignore, or Comply)

3.  the Log as Gary suggested for all servers, this can be valuable for you too when trying to reconstruct the chain of events when something is broke.

4.  If you use contractors or vendors, make sure they update the log also.

5.  What is the concern level from your management?  If they are concerned you need to be concerned also.  If they don't see it as an issue to spend resources on, then it isn't that important of an issue to them.

Dave