olemus
ISO 7498, ISO/IEC 2382:
süsteemi andmike ja toimingute
sõltumatu läbivaatus ja uurimine
- süsteemi turvameetmete adekvaatsuse kontrolliks
- kehtivate poliitikale ja tööprotseduuridele vastavuseks
- turvarikete avastamiseks
- võimalike järelduvate meetme-, poliitika- ja protseduurimuudatuste soovitamiseks
=
independent review and examination of data processing system records and activities to test for adequacy of system controls, to ensure compliance with established security policy and operational procedures, to detect breaches in security, and to recommend any indicated changes in control, security policy, and procedures

ülevaateid
https://en.wikipedia.org/wiki/Information_security_audit

https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/ISRevision/guideline-isrevision_pdf.pdf?__blob=publicationFile

https://www.iso27000.es/assets/files/ISO27k%20Guideline%20on%20ISMS%20audit%20v2.pdf

http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53Ar4.pdf

http://csrc.nist.gov/publications/drafts/nistir-8011/nistir_8011_ipd-draft_vol1_overview.pdf

https://www.protiviti.com/sites/default/files/united_states/insights/4th-annual-it-audit-benchmarking-survey-isaca-protiviti.pdf

vt ka
- turvarevisjon