There are hundreds of different tools out there. For example: When I do a network audit I use three different companies audit tools. They all claim to do the same thing, but I have found each has it strengths and weakness.
So I run all three to get the information I really need and disregard where they over lap or do not provide any new information. I have not found a single be all do all tool. So you will have to try several for the project that you may be working on.
Once you have identify the system you need to audit, let me know I can point you to a couple that you can try. Most provide a 15 to 30 day free trial. You will know on the first one or two audits if the tool is right for the job at hand.
Here are a couple of network audit tools that I use.
GFI: Network Security Scanner (Affordable)
Shavlik: HFNETCHKPro: Security & Patch Management (Free for small businesses)
Sunbelt Network Security Inspector (Very Expensive, but not only ID's the issues, but provides supporting detailed documentation on how to fix the issues)
If systems are automated with self documentation, company policy mandates it, and the SDLC a lots time for it, then it can stay up to date. To get a company to get to that point really takes a lot of time and growth.