Article

What is a Security Audit?

This article defines security audits and their importance.

Level
Beginner
Provided By
Topics
Security

Overview

Security audits are often used to determine compliance with regulations that specify how organizations must deal with information.

Security audits are often used to determine compliance with regulations such as the Health Insurance Portability and Accountability Act, the Sarbanes-Oxley Act, and the California Security Breach Information Act that specify how organizations must deal with information.

These audits are one of three main types of security diagnostics, vulnerability assessments, and penetration testing. Security audits measure an information system’s performance against a list of criteria. A vulnerability assessment is a comprehensive study of an information system, seeking potential security weaknesses. Penetration testing is a covert approach in which a security expert tests to see if a system can withstand a specific attack. Each approach has inherent strengths and using two or more in conjunction may be the most effective approach.

Do you have feedback on this resource?

Thank you for your feedback as we strive to curate and publish resources to help social impact organizations succeed with data.

Send us a note

Explore More

Related Resources