How to prepare an audit?
How would you approach preparing for an audit taking place in 8 weeks, what would you prioritise, how would you ensure non-conformities are minimised
Assign topic to the user
I’m assuming your question is about an external audit.
Considering that, for the preparation for an audit you should consider these general steps:
- identification of the audit scope (is it the whole scope or only part of it?)
- review of the ISMS documents related to the audit scope (e.g., policies, procedures, and records), considering the main clauses from the standard (from sections 4 to 10), and controls from Annex A stated as applicable in your Statement of Applicability (SoA).
- review the status of the actions related to the decisions made in the last management review.
- review the status of the raised nonconformities and opportunities for improvement.
Regarding prioritization, you should consider the most relevant risks, and most used controls to identify which points you should check first, or with more attention.
Regarding nonconformities minimization, you should ensure people are aware of their roles, responsibilities, and authorities, and ensure that problems identified in the abovementioned reviews are properly handled (e.g., records are created, policies and procedures are updated, and corrective actions are on date).
These materials will also help you regarding audit:
- What to expect at the ISO certification audit: What the auditor can and cannot do (PDF) https://info.advisera.com/free-download/what-to-expect-at-the-iso-certification-audit?_gl=1*1dvw82w*_ga*MTMyMzMxODY0OS4xNjA2NjAxMDQ0*_ga_4P5GYSBRB2*MTYxMDY2NzE2MC40OC4xLjE2MTA2NzE3MjMuNTg
/>- Preparing for ISO Certification Audit: A Plain English Guide https://advisera.com/books/preparing-for-iso-certification-audit-plain-english-guide/
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- Free online training ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/
Comment as guest or Sign in
Jan 15, 2021