Skip to content
Log in

Audit objectives

Definition

The questions the audit is designed to answer, stated in terms of control criteria. For example: do access management controls satisfy the requirements of ISO 27001 Annex A.5.15? Objectives determine which evidence is relevant and what a finding means.

Related terms

Audit criteria
The standards, policies, or requirements against which audit evidence is compared. Common criteria include ISO/IEC 27001, NIST SP 800-53, PCI-DSS, and the...
Audit plan
The document that translates scope and objectives into a structured programme of fieldwork: what will be tested, how, by whom, on what...
Audit scope
The documented boundaries of an audit: which systems, processes, organizational units, locations, and time periods are included. Scope is agreed between auditor...
Auditee
The organization or organizational unit being audited. In planning, the auditee provides key inputs: system inventory, risk register, previous audit findings, control...
Scope creep
The unintended expansion of a penetration test beyond the agreed boundaries, either because testers follow a vulnerability chain into an out-of-scope system...

Explained in

  • Audit Planning and Scope DefinitionThe questions the audit is designed to answer, stated in terms of control criteria. For example: do access management controls satisfy the requirements of ISO...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account