Which term describes a broad inquiry into an ongoing security violation?

When you need a broad, ongoing fact-finding review of a security issue, you’re performing an administrative inquiry. This type of process is meant to gather evidence, assess what’s happening, and determine what actions are needed, without jumping to formal disciplinary decisions. It often involves collecting data from logs, systems, and interviews, and it stays focused on understanding the incident as it unfolds to support containment, mitigation, and corrective steps. Adjudication, by contrast, is the formal decision-making phase that determines guilt or responsibility and may lead to penalties after facts have been established. Access refers to permission to use or view resources, not to investigating an incident. Adversary is the term for the attacker, not the investigative process. So for a broad, ongoing inquiry into a security violation, an administrative inquiry is the best fit.