The NTFS Change Auditor provides System Administrators with an option to identify, track and maintain a history of changes to NTFS permissions. It sources data from the Event Logs and reports on changes - What, Where, How and by Whom. It helps identify major security breakdowns by informing the admin about changes in access levels, ownership, access attempts, File System changes, all with the old and new values in real time.