<\/p>\n
Audit scope specifies exactly what code an auditor will review <\/strong>and what falls outside the engagement.<\/p>\n Before any audit begins, auditors and clients agree on scope. This prevents misunderstandings, ensures auditors focus on the code that matters, and allows for accurate time estimates. Changing scope mid-audit typically requires additional time and may necessitate a re-audit.<\/p>\n A typical scope definition includes:<\/p>\n Codebases should be near-production ready before scoping. Incomplete code leads to scope creep, wasted audit time on code that will change, and delays.<\/p>\n Ackee Blockchain audit reports<\/a> include a scope section documenting the commit hash, reviewed files, and any subsequent fix reviews on later commits. This clearly defines what was covered. See the section<\/a> in the summary of Ackee’s audit of Aave.<\/p>\n","protected":false},"excerpt":{"rendered":" Audit scope specifies exactly what code an auditor will review and what falls outside the engagement. Before any audit begins, auditors and clients agree on scope. This prevents misunderstandings, ensures auditors focus on the code that matters, and allows for accurate time estimates. Changing scope mid-audit typically requires additional time and may necessitate a re-audit. A typical scope definition includes: Commit hash:…<\/p>\n","protected":false},"author":30,"featured_media":0,"parent":0,"template":"","glossary-cat":[38],"class_list":["post-154","glossary","type-glossary","status-publish","hentry","glossary-cat-audit-scope"],"aioseo_notices":[],"aioseo_head":"\n\t\t\n\t\n\t\n\t\n\t\n\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n