IT security audits may be characterized according to the degree of information the testers and the administrators of the systems in scope have when the tests are carried out. The OSSTMM defines tandem as the audit type where the testers have full knowledge about the systems to be tested prior to the audit and the administrators of the tested systems are fully aware of the security audit. The OSSTMM also refers to this type of test as crystal box.