I am scheduled to conduct an audit on a defense services organization. With the nature of defense being such that almost all information is proprietary and cannot be passed on as uncontrolled copies to third parties unless those documents and as might be aware some processes will and can only be shown to me in person. In such instances as these, and I am envisaging at least another two similar audits of this nature, how can I be confident of the effectiveness of the outcome of an audit as this. I also have another where I've to submit to a surveillance audit via remote means.
Assign topic to the user
In such instances as these, and I am envisaging at least another two similar audits of this nature, how can I be confident of the effectiveness of the outcome of an audit as this
Answer:
An effective audit is an audit that meets its objectives. As a good start, work with your client on the definition of the audit objectives. That way you can focus your time and attention in a very specific set of topics. You can use this picture to set the stage of the audit:
Start with the audit objectives. Then, it's backwards. What audit findings should be collected and what audit sample size? And, therefore, what evidence needs to be audited? What areas of the organization and what topics? Hence, what documentation do you need to audit? How long will it take to read it? Allocate time for this reading during the audit.
I also have another where I've to submit to a surveillance audit via remote means.
Next June 25th Advisera will present a webinar on remote internal audits. With this pandemic event I already performed some internal remote audits myself. You can do the interviews with videoconferencing applications; you can review digital documents and records through share screening and with permission take screen shots to document evidences. You can audit operations with an auditee or a surrogate auditor using a smartphone or a tablet. You can interview operators, you can ask to zoom and review hard copies of documents and records, you can take a panoramic view of locations.
I invite you to read this article – What are the benefits and barriers when performing remote audits? - https://advisera.com/articles/what-are-benefits-and-barriers-when-performing-remote-audits/
Perhaps these Accreditation and Certification Bodies requirements may be useful to pick some ideas:
- IAF Informative Document For Management of Extraordinary Events or Circumstances Affecting ABs, CABs and Certified Organizations - https://www.iaf.nu/upFiles/IAFID32011_Management_of_Extraordinary_Events_or_Circumstances.pdf
- IAF Mandatory Document for the use of Information and Communication Technology (ICT) for Auditing/Assessment Purposes - https://www.iaf.nu/upFiles/IAF%20MD4%20Issue%202%2003072018.pdf
- Principles on Remote Assessment -https://www.iaf.nu/upFiles/IAFID12PrinciplesRemoteAssessment22122015.pdf
Comment as guest or Sign in
May 27, 2020