Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

Audit report

  Quote
Guest
Guest user Created:   Jul 29, 2021 Last commented:   Jul 29, 2021

Audit report

say you completed an audit, submitted the audit report to top management for review. Now that management has read the report, they disagree with some of the findings. What is the best or common practice to address such feedback in relation to the report that has already been finalized?

0 0

Assign topic to the user

ISO 27001 INTERNAL AUDIT REPORT

Document the findings of an internal audit.

ISO 27001 INTERNAL AUDIT REPORT

Document the findings of an internal audit.

Expert
Rhand Leal Jul 29, 2021

The common practice is to gather robust evidence to support the findings (i.e., concrete evidence of the observed facts and that defined requirements and/or plans are not being fulfilled) and keep constant communication with top management during the audit process (e.g., meet with them at the end of each audit day). Keeping information flowing is the best way to prevent top management from being surprised by the results of an audit.

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 29, 2021

Jul 29, 2021