The term auditing has multiple meanings within the domain of information security. For example, a security audit is a term used to describe the process of evaluating the security posture of an organization through penetration testing (pen testing), formal review of security policies, systems and networks. At an individual system level, auditing refers to the logging of some or all of the actions of users and/or applications. It is passive security in that it only detects violations of security policy, but does not enforce it. It performs a similar role to that of network and host-based intrusion detection systems (IDS).