This document summarizes information about performing a security audit. It discusses examining physical security by checking where systems are located and who can access them. It also recommends verifying that security guards are employed and have been properly vetted. The document outlines that audits can be external, internal, or self-conducted. The main objectives of an audit are to assess the adequacy of security measures, physical security risk management processes, and verification that roles and responsibilities for security are clearly defined.