function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Brendan CocksBrendan Cocks 

Security Audit Ideas Please?

We are wishing to do a complete audit of our Salesforce system. The audit will look at what each user can access, what they can do once they have access, who can view reports & dashboards, public groups members and sharing settings. I could do this manually, but will take some painstaking time. Is there a solution out there to assist with this type of activity? Has anyone else done somthing similar and if so, how did you complete the exercise?

Appreciate your help in advance

NagaNaga (Salesforce Developers) 
Hi Brendan,

As far as I know you have to audit salesforce manually to know which user can access what.Even the permission that they have to reports and dashboards should be checked manually.

Auditing features include:

Record Modification Fields:

All objects include fields to store the name of the user who created the record and who last modified the record. This provides some basic auditing information.

Login History:

You can review a list of successful and failed login attempts to your organization for the past six months. See Monitoring Login History.

Field History Tracking:

You can also enable auditing for individual fields, which will automatically track any changes in the values of selected fields. Although auditing is available for all custom objects, only some standard objects allow field-level auditing. See Track Field History.

Setup Audit Trail:
Administrators can also view a Setup Audit Trail, which logs when modifications are made to your organization’s configuration.

Please let me know if this helps

Best Regards
Naga kiran