What is a one-time evaluation of a security posture referred to as?

A one-time evaluation of a security posture is referred to as an auditing control. This process involves a thorough examination of an organization's security policies, procedures, and controls to ensure they are effective and compliant with established standards. It typically focuses on identifying weaknesses and establishing a baseline of security measures that need to be in place to protect the organization’s assets.

Auditing controls help organizations assess whether their security protocols are functioning as intended and whether they align with best practices or regulatory requirements. This evaluation is not just about finding vulnerabilities but also about understanding the effectiveness of existing security measures.

In contrast, risk assessments are more continuous and involve identifying and analyzing risks. Vulnerability scans focus on the identification of known weaknesses in systems and applications, while incident analysis typically deals with responses to security breaches and understanding what happened after an event occurs. Therefore, the context of a one-time evaluation specifically aligns with the purpose and scope of auditing control.