A configuration audit specifically assesses configurations against established security baselines and policies, ensuring that systems are compliant with the required security settings. This would detect deviations in access control policies and configurations from the standard across servers. A performance audit, while it assesses the efficiency and effectiveness of an organization's processes, would not focus solely on security settings and policies. A financial audit is concerned with the financial accounts and transactions of an organization, and while an operational audit evaluates the operational aspects of an organization, it does not concentrate on access control policies and system configurations to the extent necessary for the given task.