Our internal audits encompass a mix of document reviews, video checks of your premise, and remote discussions with your staff. We examine relevant documents to determine if your established processes and procedures are adhered to effectively.
Our exhaustive audit plan covers:
- Audit mission statement: Outlining objectives, criteria, and general information.
- Audit plan: Offering a detailed timeline featuring audit times, subjects, methods used, and your designated representatives.
Our comprehensive audit report encompasses:
- Audit specifics: Including duration, resources utilized, employees interviewed, and any interruptions or challenges faced.
- Maturity rating: A five-level assessment (ranging from “incomplete” to “optimized” as per ISO 29190).
- Evidence examination: Displaying the evidence examined and an audit trail for all areas within the ISO standard’s scope.
- Non-conformities: Pinpointing any areas that do not align with the ISO standard, thus supporting your continual improvement efforts.
- Positive findings: Highlighting areas where your organization shows admirable practices and achievements.
- ISMS and Annex A spider diagram: Showcasing your actual versus target score.
- Management Summary: A straightforward, comprehensive summary outlining the relevant results.
- Detailed Audit Framework: An in-depth framework that corresponds to all ISO requirements and controls.
The Audit Framework details notes, recommendations, additional examples, and findings. Information is arranged per chapter, with average values derived for each. It shows the maturity status of your ISMS according to ISO 29190 and underlines areas where your team excelled and where it faced challenges.
These audit plans and reports act as essential documents for your organization, demonstrating to external certification bodies that you’re fulfilling the internal audit requirements as per the ISO standard. The internal audits consist of a combination of document reviews and remote discussions with relevant management and staff members. Through the review of relevant documented information, we assess whether the established processes and procedures are being followed effectively.