Skip to content
Log in

Audit plan

Definition

The document that translates scope and objectives into a structured programme of fieldwork: what will be tested, how, by whom, on what timeline, using which evidence collection methods.

Related terms

Audit criteria
The standards, policies, or requirements against which audit evidence is compared. Common criteria include ISO/IEC 27001, NIST SP 800-53, PCI-DSS, and the...
Audit objectives
The questions the audit is designed to answer, stated in terms of control criteria. For example: do access management controls satisfy the...
Audit scope
The documented boundaries of an audit: which systems, processes, organizational units, locations, and time periods are included. Scope is agreed between auditor...
Auditee
The organization or organizational unit being audited. In planning, the auditee provides key inputs: system inventory, risk register, previous audit findings, control...
Scope creep
The unintended expansion of a penetration test beyond the agreed boundaries, either because testers follow a vulnerability chain into an out-of-scope system...

Explained in

  • Audit Planning and Scope DefinitionThe document that translates scope and objectives into a structured programme of fieldwork: what will be tested, how, by whom, on what timeline, using which ev...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account