What is Audit?
Auditing is the process of testing security policies, processes, and procedures. Typically an IT auditor will ask tailored questions. The goal is to ensure that the defined security policies are being adhered to and find room for improvement. During an audit, it is common that the auditor also requests samples to use as a proof that processes are in place and the right procedures are used.
A technical audit is the process of information gathering and analysis of company assets. Typical areas that are checked are compliance with security policies and discover known vulnerabilities.