Add audit practices

[tellison]

As requested by Mikael, I'm opening an issue to add appropriate levels of audit capture to the EF3SCLs.

Hopefully the value of capturing an audit trail is well-understood by the authors. To my mind these include:

• Security: Audit trails provide a temporal record of who accessed systems and data. This allows projects to identify suspicious activity, such as attempts and successful unauthorized access. In the event of a security incident, audit logs can be used retrospectively to investigate the root cause and determine the resources that may have been compromised. Adoptium uses an open source XDR and SIEM system to monitor our infrastructure for this purpose.

• Compliance: Maintaining records of user activity help demonstrate compliance with policies and certifications by providing a verifiable history of actions.

• Accountability: Users can be held accountable for their activity within the system. This can deter malicious behavior, and encourage responsible use of resources.

• Troubleshooting: Audit logs can be invaluable for troubleshooting system errors or malfunctions. By examining changes to configurations, administrators can identify the sequence of events that led to the issue and pinpoint the root cause.

• Resiliency and Improved Decision Making: Audit data can be combined with application level logging and used to improve system design, optimize resource allocation, and identify areas for improvement. At Adoptium we use data to assess machine workloads, task placements, and scaling requirements to optimise our infrastructure usage.

The EF3SCLs can describe levels ranging from basic access logs to enhanced off-site log analysis.