Auditing is the process of validating that an environment complies with its design. For what reason(s) is auditing an important process for a Windows or any OS environment? Research some auditing baselines that would apply to a Windows environment. What is the primary determination that a security professional would look at to determine if the OS environment is reaching the baseline (think about the entire process)? If the environment is not reaching the baseline, what would you suggest to management? If the environment is reaching the baseline, would you suggest further action or are would you be satisfied with the current results?