My CodePlex site contains a new product called Security Blueprints. I have created this for one of our customers and made some enhancements to it. They allowed me to publish this as open source project (thank you for that!). I hope the solution can help you as it helps them and I hope you like the idea behind it. The current version is a V1 product. There are a lot of ideas for the next version, that I will soon start to work on.
Security blueprints ‘document’ all security settings in your site collections. It comes with a timerjob that repeats this task every time the job runs. It only creates a new report (a blueprint) after something in the settings (or structure) has changed. This allows you to monitor the security setup and should make troubleshooting security issues easier. Our customer that came up with the idea of the blueprints, works with an increasing number of site collections that all have the same basic structure and security setup. During the lifecycle of these site collections, people start modifying structure and security settings. The blueprints helped us in a number of cases to identify the cause of the problem. The blueprint of the ‘master’ site collection is regarded as the documentation of the security setup. By comparing this blueprint with the current report of the site collection, we were able to quickly identify the problem.
If you have any suggestions for improvement, or you would like to write a XSLT stylesheet to make the reports more readable, feel free to contact me.