Security audits should occur on a routine basis according to the policy set in place by the organization. Internal auditing typically occurs more frequently than external or third-party auditing.
- Internal.Security auditing should be an ongoing task of the security team. There are dozens of software vendors that simplify the process of aggregating log data. The challenge is knowing what to look for once you have collected the data.
- External.External security auditing should be performed on a set schedule. This could be aligned with financial reporting each quarter or some other business-driven reason.
- Third-party.Third-party auditing can be performed on a regular schedule in addition to external auditing. The goal of third-party auditing can either be to provide check-sand balances for the internal and external audits, or to perform a more in-depth auditing procedure.