摘要 |
<p>In multiple computer devices connected to a network, operation log information containing an operation type and a file output destination based on a user input/output operation, and acquisition source information indicating a file acquisition source, are recorded. The acquisition source information is managed in association with an access authority for the file acquisition source. If operation log information based on a user output operation exists among the operation log information, a range of access authority for the acquisition source of a file to be output, which is the target of the user output operation, and a destination user capable of accessing the output destination of the file to be output, are identified. An assessment is made of whether the destination user belongs to the range of access authority for the acquisition source of the file to be output, and if the result of the assessment is negative, risk information indicating that the user output operation is an operation outside the range of the access authority is output.</p> |