A cyber security audit covers a range of areas to assess an organization’s overall cybersecurity posture. The key things that are covered by a cyber security audit include evaluating an organisation’s policies and procedures relating to information security, data management, and access control. 

This can include reviewing the network infrastructure, firewalls, routers, and switches to ensure that they are configured securely. An audit may also review the security measures on individual devices such as laptops, mobile devices, and desktops, identify potential vulnerabilities in the organization’s IT infrastructure, and recommend remedial action. Other areas that may be covered include reviewing the organization’s plan for responding to cyber attacks, evaluating how access to sensitive data is managed and controlled, ensuring that an organization has effective backup and recovery procedures in place, assessing the level of cybersecurity awareness and training among employees, evaluating physical security measures, and ensuring that the organization is compliant with relevant regulations. Overall, a cyber security audit provides a comprehensive assessment of an organisation’s cybersecurity defences and helps to identify potential risks and vulnerabilities.