Hayes 2003 (†912)Hayes, Bill. "Conducting a Security Audit: An Introductory Overview," Symantec Connect (25 May 2003).
- security audit : A computer security audit is a systematic, measurable technical assessment of how the organization's security policy is employed at a specific site. . . .The security audit should seek to measure security policy compliance and recommend solutions to deficiencies in compliance. The policy should also be subject to scrutiny. Is it a living document, accurately reflecting how the organization protects IT assets on a daily basis? Does the policy reflect industry standards for the type of IT resources in use throughout the organization? (†2736)