Security has to do with having the right access control and auditing options matching the classification of the data and metadata. Furthermore, it concerns ensuring that only the right people, or machine processes, can see the right data at the right time.
Auditing is the ability to track who did what to some data and when. This can be access logs, registers with list of changes etc. If you are working with sensitive data, you might have some requirements for what you need to keep track of. Make sure that your processes and choice of system can support your need for auditing for your object.
Question to address when focusing on security: