ABSTRACT
The following guidelines may provide additional insight before the audit. They are written under the assumption that the scope of the audit is a large number of Unix systems, all of which can’t be fully reviewed in a limited timeframe. These guidelines are meant to assist in determining the systems to review. Many of these guidelines are also practical for non-Unix audits.
