Create a 11 pages page paper that discusses security audit and compliance. This review provides a theoretical framework for the study by giving a better understanding of the topic.From the literature review, several factors have identified that influence the creation of information security culture and practices in an organization. Some of the evaluated factors include. organizational culture, corporate citizenship, legal and regulatory framework, corporate governance, culture, security controls and technology.The review showed that human factors and behaviors and technical factors always play a significant role in the implementation of security measures in any particular organization. They greatly determine the success of information security in an organization by influencing the creation of information security culture in an organization.The article evaluates the factors that support and inhibit the creation of an information security culture within an organization. To achieve this, the study looks at the literature review of the factors that affect the creation of an information security culture in the health care sector.Information security has become a crucial matter in today’s information age. this is because most information systems are currently facing increased privacy and security issues. The increase is mainly attributed to advancement in technology, human behavior and the loose strings inherent in existing policies and regulations. As a result, most organizations in both the private and public realm must enforce stringent measures aimed at enhancing information security (Appari & Johnson, 2010). Over the years, studies have been done and several processes and strategies to enhance information security have been proposed and are currently used in most organizations. Among the main strategies is to have an information security framework that involves the use of policies and regulations regarding the use of information, information systems and resources in the organization (Appari & Johnson, 2010).