A cyber security audit is a formal evaluation of an organisation’s cybersecurity controls, policies, and compliance posture. In Australia, cyber security audits assess alignment with frameworks such as ISO 27001, ACSC Essential Eight, and APRA CPS 234. A cyber security audit reviews access controls, risk management processes, incident response capabilities, and technical safeguards. The objective is to identify gaps, verify control effectiveness, and ensure regulatory compliance. Cyber security audits support board oversight and strengthen governance transparency. Regular audits enhance resilience, reduce regulatory risk, and provide assurance to stakeholders and customers.