Linux: 2 Parts of Computer Security Audits
An audit is simply an independent assessment of whatever it is you’re auditing. So in Linux, a computer security audit is an independent assessment of computer security. If someone conducts a computer security audit of your organization, he or she focuses typically on two areas:
Independent verification of whether your organization complies with its existing policies and procedures for computer security. This part is the nontechnical aspect of the security audit.
Independent testing of how effective your security controls (any hardware and software mechanisms you use to secure the system) are. This part is the technical aspect of the security audit.
Why do you need security audits? For the same reason you need financial audits — mainly to verify that everything is being done the way it’s supposed to be done. For public as well as private organizations, management may want to have independent security audits done so as to assure themselves that their security is A-OK.
Irrespective of your organization’s size, you can always perform security audits on your own, either to prepare for independent security audits or simply to know that you’re doing everything correctly.
No matter whether you have independent security audits or a self-assessment, here are some of the benefits you get from security audits:
Periodic risk assessments that consider internal and external threats to systems and data
Periodic testing of the effectiveness of security policies, security controls, and techniques
Identification of any significant deficiencies in your system’s security (so you know what to fix)
In the case of self-assessments, preparation for any annual independent security testing that your organization might have to face