We have several appliances performing specialized tasks in our environment. I've been asked to perform an audit of these appliances. Since most of these appliances run a version of Linux/Unix I've decided to audit in a two phase process. First looking at the OS/Kernel and then the application.
My question is there an auditing framework for these appliances that ensure that critical areas are not overlooked because of a lack of experience?