An FCKMS role that is responsible for establishing and reviewing an audit log, assuring that the log is reviewed periodically and after any security-compromise-relevant event, and providing audit reports to FCKMS managers.
NIST SP 800-152
See Audit administrator.
NIST SP 800-152 under Auditor
A member of the organization who inspects reports and risk assessments from one or more analyzers as well as organization-specific criteria to ensure that an app meets the security requirements of the organization.
NIST SP 800-163 under Auditor