Auditor  Definition(s):  Person with competence to conduct an audit.  Source: ASIS, ISO 9001 2000

Audit Trail  Definition(s): A chronological record that reconstructs and examines the sequence of activities surrounding or leading to a specific operation, procedure, or event in a security relevant transaction from

Audit  Definition(s): Formal inspection and verification to check whether a standard or set of guidelines is being followed, records are accurate, or efficiency and effectiveness targets are being met. Scope

Acceptable Risk  Definition(s): The level of residual risk that has been determined to be a reasonable level of potential loss/disruption for a specific IT System.  Source: NIST 800-16 A level