What is the focus of a security audit in an organization?

The focus of a security audit in an organization is primarily to confirm that information is accessed solely for organizational purposes. This process involves a thorough examination of access controls, user permissions, and data handling practices to ensure that sensitive information is managed appropriately and accessed only by authorized individuals.

By verifying that access is limited to legitimate organizational needs, organizations can protect sensitive data from unauthorized access, misuse, or breaches. A security audit thus plays a critical role in maintaining data integrity, confidentiality, and compliance with regulatory requirements.

Other options like ensuring compliance with financial regulations, preventing theft of physical records, and establishing new data collection methods may be relevant to the broader context of organizational security but do not specifically reflect the primary aim of a security audit, which is about safeguarding access to information.