Conduct or Facilitate Security Audits
Security audits should occur on a daily basis according to the policy fixed in place by the organization. Internal auditing normally occurs more frequently than external or third-party auditing.
Internal Security auditing should be an ongoing task of the security team. Process of aggregating log data is not very hard process, the challenge is knowing what to look for once when the data is collected.
External security auditing should be performed on a design schedule. This could be aligned with financial reporting each quarter, or some other business-driven reason.
Third party auditing seeks to be able to provide internal and external audit checks and balances by performing a more accurate audit procedure.