Final answer:
Performing security audits enables security professionals to review an organization's security records, activities, and related documents.
Therefore, the correct answer is: option D). security audits
Step-by-step explanation:
An information security audit is an audit of the level of information security in an organization. It is an independent review and examination of system records, activities, and related documents.
Performing security audits enables security professionals to review an organization's security records, activities, and related documents. Unlike ethical hacking or penetration tests that actively test defenses, a security audit is a systematic evaluation of an organization's information system to ensure that it meets certain standards and policies.
During security audits, auditors inspect various forms of documentation, procedures, and controls to ascertain the integrity and security of the systems.
Security audits come in two forms, internal and external audits, that involve the following procedures: Internal audits. In these audits, a business uses its own resources and internal audit department. Internal audits are used when an organization wants to validate business systems for policy and procedure compliance.