[ubuntu-hardened] What method should I use to validate the packages installed on my server?

[Jason Franklin]

Greetings:

I have another question!

A company I consult for is transitioning to using Ubuntu Server from
AIX.

What method can I recommend that will allow an administrator to validate
the list of packages that are installed on a particular box?

By this, I mean the following:

1. Packages aren't installed without being approved beforehand. How
could I formalize this process?

2. Given a list of official Ubuntu packages that are approved, how can I
show that there are no UNapproved official packages on a given box?

Are there tools or methods that help with this?

Many thanks in advance!

-- 
Jason Franklin