security audit [English]
- RT: security
n. ~ Computing · A systematic assessment of policies and procedures intended to protect a system from unauthorized access, malicious alteration or destruction of information, or other harm, as well as compliance with those policies and procedures.
- Wikipedia (†387 s.v. information technology security audit): A manual or systematic measurable technical assessment of a system or application.
- Hayes 2003 (†912 ): A computer security audit is a systematic, measurable technical assessment of how the organization's security policy is employed at a specific site. . . .The security audit should seek to measure security policy compliance and recommend solutions to deficiencies in compliance. The policy should also be subject to scrutiny. Is it a living document, accurately reflecting how the organization protects IT assets on a daily basis? Does the policy reflect industry standards for the type of IT resources in use throughout the organization? (†2736)
- NIST 2011B (†415 p. 21): Systematic evaluation of a cloud system by measuring how well it conforms to a set of established security criteria. (†523)
- Techopedia (†411 s.v. "information security audit"): An organizational review to ensure that the correct and most up-to-date processes and infrastructure are being applied. An audit also includes a series of tests that guarantee that information security meets all expectations and requirements within an organization. (†2737)