Glossary

Filter:
# A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All
A
A1
AC
ACD
ACK
ACL
ACU
A-D
Ada
ADC
ADH
ADM
ADP
AE
AES
AFJ
AFR
AI
AIG
AIN
AIS
AJ
AK
AKM
ALC
ALE
ALU
AMA
AMI
AMS
ANI
AOS
AP
APC
APD
APL
App
APU
AR
Arg
ARQ
ARS
ASU
AV
AVP
Audit
  • To conduct an independent review and examination of system records and activities in order to test for adequacy of system controls, to ensure compliance with established policy and operational procedures, and to recommend any indicated changes in controls, policy or procedures. (DODD 5200. 28;)
  • When an attack team hired by the firm attempts to penetrate the system in order to identify security weaknesses. 2. When an auditor seeks to find problems in the way an organization is implementing security.
  • To conduct the independent review and examination of system records and activities in order to test for adequacy of system controls, to ensure compliance with established policy and operational procedures, and to recommend any indicated changes in controls, policy, or procedures. a. Internal Security Audit. An audit conducted by personnel responsible to the management of the organization being audited. b. External Security Audit. An audit conducted by an organization independent of the one being audited. (OPNAVINST 5239. 1A;; AR 380-380;; FIPS PUB 39;) 3. The independent examination of records and activities to ensure compliance with established controls, policy, and operational procedures. *The independent review and examination of records and activities in order to test for adequacy of system controls, to ensure compliance with established controls, to ensure compliance with established policy and operational procedures, and to recommend any indicated changes in controls, policy, or procedures NOTE: An audit may be conducted by personnel responsible to the management of the organization being audited (internal) or by an organization independent of the one being audited (external) (NSA, National INFOSEC Glossary, 10/88)