Auditing is a test procedure that looks at and logs all security-relevant events, comparable to a permanently maintained log for a logbook. With auditing, all user activities such as access to files or the use of resources are logged and can thus be traced back at any time.
With auditing, companies fulfill the legal requirements and can keep a record of which action was performed at which time by which user. The audit entries serve to preserve evidence of system usage, they can be used to reconstruct error cases and, above all, to analyze security-critical access.
An audit can be performed online or offline. In the first case, events are viewed and evaluated in real time, for example using a network management system. In the offline audit, on the other hand, the logged data or data taken from an existing log file is analyzed.
A software audit is an internal or external review of a software program. The purpose is to check the quality, progress or compliance with plans, standards and guidelines. Therefore, software audits are performed for compliance with license agreements and industry standards, as well as for quality assurance and to meet legal requirements.