What is audit?
The ISO 9001 international management standard says that the purpose of an internal audit is to assess the effectiveness of your organisation’s quality management system and overall performance.
Internal audit demonstrates compliance with your ‘planned arrangements’. Your organisation will likely conduct internal audits for one or more of the following reasons:
- to ensure compliance to the requirements of internal, international and industry standards and regulations, and customer requirements;
- to determine the effectiveness of the implemented system in meeting specified objectives (quality, environmental, financial);
- to explore opportunities for improvement;
- to meet statutory and regulatory requirements;
- to provide feedback to senior management.
Why is internal audit important?
Internal audit serves as an important undertaking to analyse a company’s operating processes and helps to maintain a system of internal controls, detect and prevent organisation irregularities and non-conformities and provide assurance that key controls are being met. It provides insight into an organisation’s policies and procedures and helps it to retain its strategic success.
Key reasons for internal audit:
- Objective insight
- Evaluation of process and risk management
- Improvement in efficiency of operational processes
- Review of documentation compliance
- Compliance with related business law and regulations
- Organisation improvement
- Organisation governance.
When should internal audit be undertaken?
International management standards such as ISO 9001 and ISO 14001 require internal audits to be scheduled at planned intervals. The standards do not give specific frequency nor do they stipulate required areas. It is the organisation’s responsibility to define the audit schedule.
One of the most important principles of the ISO 9001 standard applies to auditing: simply ‘say what you do, do what you say’.
At Trident Assurance Services (TAS) we are currently advising organisations across the UK regarding internal audit. Please send us an email on email@example.com or call 0118 324 9444. We would be delighted to hear from you and provide qualified advice.
We are running GDPR briefings for businesses to give you the fundamentals and practicalities of data protection and GDPR. Contact us to book a briefing.