Performing Security Audits
A security audit examines an organization’s practices and operations to determine whether they conform to the organization’s policies or applicable laws. An organization can perform an internal audit to examine its practices, or external auditors can come in to examine the organization’s practices. The audit documents the organization’s policies, processes, controls, testing, and results.
EXAM TIP Security audits help an organization identify vulnerabilities in its processes and procedures. After a security audit, it’s important to implement fixes to ensure that these vulnerabilities are mitigated.
Audits can be performed ...
Get SSCP Systems Security Certified Practitioner All-in-One Exam Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.