What is Audit?

Related guides (for members)

Related definitions


Auditing is the process of testing security policies, processes, and procedures. Typically an IT auditor will ask tailored questions. The goal is to ensure that the defined security policies are being adhered to and find room for improvement. During an audit, it is common that the auditor also requests samples to use as a proof that processes are in place and the right procedures are used.

Technical Audit

A technical audit is the process of information gathering and analysis of company assets. Typical areas that are checked are compliance with security policies and discover known vulnerabilities.

Security tools

  • Lynis (audit tool and security scanner)
  • Nix-Auditor (system auditing tools)
  • Tiger (local security scanner)
  • YASAT (local security scanner)
  • Zeus (AWS auditing and hardening tool)