Modern organizations (e.g., hospitals, social networks, government agencies)
rely heavily on audit to detect and punish insiders who inappropriately access
and disclose confidential information. Recent work on audit games models the
strategic interaction between an auditor with a single audit resource and
auditees as a Stackelberg game, augmenting associated well-studied security
games with a configurable punishment parameter. We significantly generalize
this audit game model to account for multiple audit resources where each
resource is restricted to audit a subset of all potential violations, thus
enabling application to practical auditing scenarios. We provide an FPTAS that
computes an approximately optimal solution to the resulting non-convex
optimization problem. The main technical novelty is in the design and
correctness proof of an optimization transformation that enables the
construction of this FPTAS. In addition, we experimentally demonstrate that
this transformation significantly speeds up computation of solutions for a
class of audit games and security games