ISO Internal Audit – A Plain English Guide: A Step-by-Step Handbook for Internal Auditors in Small Businesses
4/5
()
About this ebook
Let’s be realistic – it is human to make mistakes, so it’s impossible to have a system with no errors; it is, however, possible to have a system that improves itself and learns from its mistakes. Internal audits are a crucial part of such a system. In this book, Dejan Kosutic, an author, and experienced ISO consultant is giving away his practical know-how on ISO 9001, ISO 14001, ISO 27001, ISO 22301, ISO 20000, ISO 22000, OHSAS 18001, ISO 13485, AS9100 and IATF 16949 internal audits.
This book is written primarily for beginners in internal auditing and for people with moderate knowledge about internal audits. On the other hand, if you do have experience with internal audits, but you feel that you still have gaps in your knowledge, you’ll also find this book helpful. So, no matter if you are new or experienced in the field, this book gives you everything you will ever need to learn and more about internal audits.
Inside you will find not just basic information about the internal audit and ISO 19011 but also information on how to create the internal audit checklist, how to write the internal audit report, what are the best technics for finding evidence during the audit, how to perform interviewing during the audit and much more.
Kosutic uses real-life examples and plain English in order to explain everything that is necessary to completely understand how to perform an internal audit for all ISO management standards.
Read more from Dejan Kosutic
Secure & Simple – A Small-Business Guide to Implementing ISO 27001 On Your Own: The Plain English, Step-by-Step Handbook for Information Security Practitioners Rating: 0 out of 5 stars0 ratings
Related to ISO Internal Audit – A Plain English Guide
Titles in the series (6)
ISO 27001 Annex A Controls in Plain English: A Step-by-Step Handbook for Information Security Practitioners in Small Businesses Rating: 0 out of 5 stars0 ratings
Related ebooks
Discover ISO 9001:2015 Through Practical Examples: A Straightforward Way to Adapt a QMS to Your Own Business Rating: 5 out of 5 stars5/5Systems Thinking and ISO 9001:2015 Rating: 4 out of 5 stars4/5A Step By Step Guide: How to Perform Risk Based Internal Auditing for Internal Audit Beginners Rating: 4 out of 5 stars4/5Risk-Based Internal Audit Rating: 5 out of 5 stars5/5Internal Auditing A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsISO 27001 Annex A Controls in Plain English: A Step-by-Step Handbook for Information Security Practitioners in Small Businesses Rating: 0 out of 5 stars0 ratingsIso 9000 Family of Standards: With Extracts from Iso 9001 Audit Trail (First Edition) Rating: 0 out of 5 stars0 ratingsISO 22000 The Ultimate Step-By-Step Guide Rating: 5 out of 5 stars5/5ISO 9001 A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsISO 27001 Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsThe Magic of ISO 9001: How to Make It Fully Materialize Rating: 0 out of 5 stars0 ratingsISO 9000 Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsISO 31000 A Complete Guide Rating: 4 out of 5 stars4/5Manufacturing ISO 9001 A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsISO IEC 27001 Lead Implementer A Clear and Concise Reference Rating: 0 out of 5 stars0 ratingsISO 45001 A Complete Guide - 2020 Edition Rating: 5 out of 5 stars5/5ISO 13485 A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsISO 27001 A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsISO IEC 27001 Lead Auditor Third Edition Rating: 0 out of 5 stars0 ratingsISO 19011 A Complete Guide - 2020 Edition Rating: 4 out of 5 stars4/5ISO 20000 Second Edition Rating: 0 out of 5 stars0 ratingsISO IEC 27001 Lead Implementer A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsISO 9000 A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsISO 20121 A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsISO 9001:2015 Audit Guide and Checklist Rating: 4 out of 5 stars4/5
Business For You
The Richest Man in Babylon: The most inspiring book on wealth ever written Rating: 5 out of 5 stars5/5Crucial Conversations Tools for Talking When Stakes Are High, Second Edition Rating: 4 out of 5 stars4/5Law of Connection: Lesson 10 from The 21 Irrefutable Laws of Leadership Rating: 4 out of 5 stars4/5Becoming Bulletproof: Protect Yourself, Read People, Influence Situations, and Live Fearlessly Rating: 4 out of 5 stars4/5Lying Rating: 4 out of 5 stars4/5Nickel and Dimed: On (Not) Getting By in America Rating: 4 out of 5 stars4/5Crucial Conversations: Tools for Talking When Stakes are High, Third Edition Rating: 4 out of 5 stars4/5Leadership and Self-Deception: Getting out of the Box Rating: 4 out of 5 stars4/5Summary of J.L. Collins's The Simple Path to Wealth Rating: 5 out of 5 stars5/5The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers Rating: 4 out of 5 stars4/5Just Listen: Discover the Secret to Getting Through to Absolutely Anyone Rating: 4 out of 5 stars4/5Collaborating with the Enemy: How to Work with People You Don’t Agree with or Like or Trust Rating: 4 out of 5 stars4/5Company Rules: Or Everything I Know About Business I Learned from the CIA Rating: 4 out of 5 stars4/5Set for Life: An All-Out Approach to Early Financial Freedom Rating: 4 out of 5 stars4/5Robert's Rules Of Order Rating: 5 out of 5 stars5/5The Everything Guide To Being A Paralegal: Winning Secrets to a Successful Career! Rating: 5 out of 5 stars5/5The Five Dysfunctions of a Team: A Leadership Fable, 20th Anniversary Edition Rating: 4 out of 5 stars4/5Your Next Five Moves: Master the Art of Business Strategy Rating: 5 out of 5 stars5/5The Intelligent Investor, Rev. Ed: The Definitive Book on Value Investing Rating: 4 out of 5 stars4/5Tools Of Titans: The Tactics, Routines, and Habits of Billionaires, Icons, and World-Class Performers Rating: 4 out of 5 stars4/5Capitalism and Freedom Rating: 4 out of 5 stars4/5Confessions of an Economic Hit Man, 3rd Edition Rating: 5 out of 5 stars5/5Red Notice: A True Story of High Finance, Murder, and One Man's Fight for Justice Rating: 4 out of 5 stars4/5How to Get Ideas Rating: 5 out of 5 stars5/5Limited Liability Companies For Dummies Rating: 5 out of 5 stars5/5The Book of Beautiful Questions: The Powerful Questions That Will Help You Decide, Create, Connect, and Lead Rating: 4 out of 5 stars4/5Thank You for Being Late: An Optimist's Guide to Thriving in the Age of Accelerations Rating: 4 out of 5 stars4/5
Reviews for ISO Internal Audit – A Plain English Guide
11 ratings2 reviews
- Rating: 5 out of 5 stars5/5Excellent informational book for internal auditors to refresh and deepen their understanding of the internal audit process.
- Rating: 4 out of 5 stars4/5The book was easy to read and understand. It shows the necessary steps to perform an audit. It gave me an idea of how to prepare my own audit program.
I liked the book.
Book preview
ISO Internal Audit – A Plain English Guide - Dejan Kosutic
ISO Internal Audit:
A Plain English Guide
Also by Dejan Kosutic:
Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own
9 Steps to Cybersecurity: The Manager’s Information Security Strategy Manual
Becoming Resilient: The Definitive Guide to ISO 22301 Implementation
ISO 27001 Risk Management in Plain English
ISO 27001 Annex A Controls in Plain English
Preparing for ISO Certification Audit: A Plain English Guide
Managing ISO Documentation: A Plain English Guide
Preparations for the ISO Implementation Project: A Plain English Guide
Dejan Kosutic
ISO Internal Audit:
A Plain English Guide
A Step-by-Step Handbook for
Internal Auditors in Small Business
Advisera Expert Solutions Ltd
Zagreb, Croatia
Copyright ©2017 by Dejan Kosutic
All rights reserved. No part of this book may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without written permission from the author, except for the inclusion of brief quotations in a review.
Limit of Liability / Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representation or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. This book does not contain all information available on the subject. This book has not been created to be specific to any individual’s or organization’s situation or needs. You should consult with a professional where appropriate. The author and publisher shall have no liability or responsibility to any person or entity regarding any loss or damage incurred, or alleged to have been incurred, directly or indirectly, by the information contained in this book.
First published by Advisera Expert Solutions Ltd
Zavizanska 12, 10000 Zagreb
Croatia
European Union
http://advisera.com/
ISBN: 978-953-8155-03-1
First Edition, 2017
ABOUT THE AUTHOR
Dejan Kosutic is the author of numerous articles, video tutorials, documentation templates, webinars, and courses about ISO 27001, ISO 22301 and other ISO standards. He is the author of the leading ISO 27001 & ISO 22301 Blog, and has helped various organizations including financial institutions, government agencies, and IT companies implement information security management according to these standards. He holds numerous certificates, among them ISO 27001 Lead Auditor and ISO 9001 Lead Auditor.
Click here to see his LinkedIn profile
TABLE OF CONTENTS
ABOUT THE AUTHOR
PREFACE
ACKNOWLEDGMENTS
1 INTRODUCTION
1.1 WHY COMPANIES NEED INTERNAL AUDITS
1.2 ISO 19011 – A STANDARD FOCUSED ON AUDITING
1.3 WHO SHOULD READ THIS BOOK?
1.4 HOW TO READ THIS BOOK
1.5 WHAT THIS BOOK IS NOT
1.6 ADDITIONAL RESOURCES
2 BASIC THINGS ABOUT THE INTERNAL AUDIT
2.1 INTERNAL VS. EXTERNAL AUDIT
2.2 THE MAIN PURPOSE OF THE INTERNAL AUDIT
2.3 INTERNAL AUDIT REQUIREMENTS IN ISO STANDARDS
2.4 SKILLS, COMPETENCES, AND QUALIFICATIONS FOR INTERNAL AUDITOR
2.5 AUDIT FINDINGS: NONCONFORMITIES AND OBSERVATIONS
2.6 MAJOR AND MINOR NONCONFORMITIES
2.7 INTERNAL AUDIT VS. RISK ASSESSMENT
2.8 INTERNAL AUDIT VS. GAP ANALYSIS
3 ORGANIZING AN INTERNAL AUDIT
3.1 OPTIONS FOR PERFORMING THE INTERNAL AUDIT AND TOP MANAGEMENT ROLE
3.2 THREE KEY DOCUMENTS FOR ORGANIZING THE INTERNAL AUDIT
3.3 INTERNAL AUDIT PROCEDURE
3.4 ANNUAL AUDIT PROGRAM
3.5 AUDIT PLAN FOR AN INDIVIDUAL AUDIT
3.6 SUCCESS FACTORS
4 STEPS IN THE INTERNAL AUDIT PROCESS
4.1 SEVEN STEPS FOR PERFORMING THE INTERNAL AUDIT
4.2 PERFORMING DOCUMENT REVIEW
4.3 CREATION OF THE INTERNAL AUDIT CHECKLIST
4.4 WRITING THE INTERNAL AUDIT REPORT
4.5 INITIATING CORRECTIVE ACTIONS
4.6 CORRECTIVE ACTION FOLLOW-UP
4.7 SUCCESS FACTORS
5 PERFORMING THE MAIN PART OF THE AUDIT
5.1 MAKING ASSUMPTIONS: THE BIGGEST AUDITOR MISTAKE
5.2 PURPOSE OF THE OPENING MEETING
5.3 TECHNIQUES FOR FINDING EVIDENCE DURING THE