Final answer:
A system audit is conducted to determine if the security compliance program is effective, assessing the implementation and sufficiency of system controls.
Step-by-step explanation:
System Audit:
An audit conducted to determine if the security compliance program is working is known as a system audit. Explanation: An audit is a systematic examination of records, reports, documents, operations, and practices to ensure that a business is complying with governmental regulations, internal policies, and accepted business practices. In the context of a security compliance program, a system audit is most appropriate.
This type of audit focuses on evaluating the adequacy and effectiveness of a system's controls, including those elated to information security. It assesses whether the security policies are correctly implemented and if they are sufficient to protect against threats to the security of the system. By contrast, a product audit would examine the final product to ensure it meets specified requirements, while a process audit would review the operation processes to ensure they are conducted properly.