diff --git a/doc/03-cli.md b/doc/03-cli.md
index 7b5718ebc..617564fcc 100644
--- a/doc/03-cli.md
+++ b/doc/03-cli.md
@@ -1043,6 +1043,8 @@ for possible security issues. It checks for and
 lists security vulnerability advisories according to the
 [Packagist.org api](https://packagist.org/apidoc#list-security-advisories).
 
+The audit command returns the amount of vulnerabilities found. `0` if successful, and up to `255` otherwise.
+
 ```shell
 php composer.phar audit
 ```
diff --git a/tests/Composer/Test/Command/AuditCommandTest.php b/tests/Composer/Test/Command/AuditCommandTest.php
new file mode 100644
index 000000000..1b820b479
--- /dev/null
+++ b/tests/Composer/Test/Command/AuditCommandTest.php
@@ -0,0 +1,28 @@
+<?php declare(strict_types=1);
+
+/*
+ * This file is part of Composer.
+ *
+ * (c) Nils Adermann <naderman@naderman.de>
+ *     Jordi Boggiano <j.boggiano@seld.be>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Composer\Test\Command;
+
+use Composer\Test\TestCase;
+
+class AuditCommandTest extends TestCase
+{
+    public function testSuccessfulResponseCodeWhenNoPackagesAreRequired(): void
+    {
+        $this->initTempComposer();
+
+        $appTester = $this->getApplicationTester();
+        $appTester->run(['command' => 'audit']);
+
+        $appTester->assertCommandIsSuccessful();
+    }
+}