Another perspective on the security audit process is provided by which divides the audit in six steps: (1) planning - to determine and select effective and efficient methods for performing the audit and obtaining all necessary information; (2) collecting audit data - to determine how much and what type of information to be captured, and how to filter, store, access and review the audit data and logs; (3) performing audit tests - general review on the existing security policies or standards/security configurations/Technical investigation; (4) reporting for audit results – present the current security environment; (5) protecting audit data & tools - safeguard the audit data and tools for the next audit or future use; (6) making enhancements and followup - make corrective actions if required.