In computer security, the independent review and examination of system records and activities in order to test for adequacy of system controls, to ensure compliance with established policy and operational procedures, and to recommend any indicated changes in controls, policy or procedures.在计算机安全中,为测试计算机控制的正确性,为确保按照既定政策和操作步骤执行,为提供在控制政策和步骤中的任何指定的变化而对系统的记录和活动进行的独立的审核和检查。
