Discover the process and procedures around Security Auditing
This is hard one. I do my research already second day, but still did not managed to create my own picture of “what is Security Auditing?”
Confusion starts with Wikipedia, because there are two articles about the topic, both marked as no complete.
Maybe someone wants to fix it?
Piece, what I found helpful and useful is this 10 step guide “if a security auditor isn’t in the budget”: http://www.itsecurity.com/features/it-security-audit-010407/