Audit

What is Audit?

Definitions

Auditing

Auditing is the process of testing security policies, processes, and procedures. Typically an IT auditor will ask tailored questions. The goal is to ensure that the defined security policies are being adhered to and find room for improvement. During an audit, it is common that the auditor also requests samples to use as a proof that processes are in place and the right procedures are used.

Technical Audit

A technical audit is the process of information gathering and analysis of company assets. Typical areas that are checked are compliance with security policies and discover known vulnerabilities.

Tools

    Related guides

    Security tools

    • Lynis (system security scan)
    • Nix-Auditor (system auditing tools)
    • Tiger (local security scanner)
    • YASAT (local security scanner)
    • Zeus (AWS auditing and hardening tool)