December, 2007 Newsletter Articles

Audits and Cheat Sheets

Dec 8, 2007 in Newsletter | 0 comments

A “cheat sheet” is a concise set of notes used for quick reference. In the academic world, cheat sheets are so named because they may be used by students without the instructor’s knowledge to cheat on a test. However, in some educational settings, where rote memorization is not as important, the use of cheat sheets on exams may be sanctioned and even recommended by the instructor (and therefore not really cheating, despite the name). In the business world, so called “cheat sheets” are popular in any setting where...

Read More

Are e-Audits in Your Future?

Dec 8, 2007 in Newsletter | 0 comments

With the increasing use of electronic media for the operation and control of management systems, auditors need to consider new ways to efficiently and effectively verify conformity to audit criteria. For multi-site organizations, this could include remote access to electronic documents and records to save travel time and dollars. And, the remote access can be carried out without taking the time of anyone at the remote location. As a result, some organizations are already conducting remote audits using collaboration tools like MS SharePoint....

Read More

ISO 28000 for Supply Chain Security

Dec 8, 2007 in Newsletter | 0 comments

The ISO 28000 series of standards on supply chain security management systems have been upgraded from their status as Publicly Available Specifications to that of full International Standards. They are expected to help reduce risks to people and cargo by addressing potential security issues such as terrorism, fraud, and piracy. The ISO 28000 standards specify the requirements for a security management system to ensure safety in the supply chain. They can be applied by organizations of all sizes involved in manufacturing, service, storage, or...

Read More

Incident and Problem Management

Dec 8, 2007 in Newsletter | 0 comments

According to ISO 20000-1:2005, incident management and problem management are separate processes, although they are closely linked. Incident management deals with the restoration of service to users, whereas problem management is concerned with identifying and removing the causes of incidents. The objective of incident management is to restore the agreed to service to the business as soon as possible or to respond to service requests. The objective of problem management is to minimize disruption to the business by proactive identification and...

Read More

Audit Checklist with Answers

Dec 8, 2007 in Newsletter | 0 comments

A checklist is used to compensate for the weakness of our human memory when we want to ensure consistency and completeness in carrying out a task. For example, we use checklists to remind us of important actions or to even plan a trip to the grocery store. As auditors, we use checklists to remind us of the audit criteria against which we are to compare the audit evidence. In other words, we compare evidence (statements, observations, documents, and records) to the applicable requirements (customer, organization, standard, and legal). To guide...

Read More