October, 2018 Newsletter Articles

Guidelines for Recruitment

Oct 1, 2018 in Newsletter | Comments Off on Guidelines for Recruitment

ISO 30405:2016, “Human resource management – Guidelines for recruitment” Recruitment is a major part of human resource management, including the necessary activities an organization undertakes to attract, source, assess, and employ people. The impact of recruitment on organizational performance was noted in a survey conducted of 4,288 executives from 102 countries by the World Federation of People Management Association. It found that organizations ranked in the top 20% in terms of ability to deliver on recruiting,...

Read More

Internal Auditor Code of Conduct

Oct 1, 2018 in Newsletter | Comments Off on Internal Auditor Code of Conduct

Purpose To communicate the integrity, objectivity, confidentiality, and competence expected of internal auditors, as well as, to provide a means for them to pledge their commitment to these principles. Integrity  The integrity of internal auditors establishes trust and provides the basis for relying on their judgment. As an internal auditor, I pledge to: 1. Perform my audit assignments with honesty, accuracy, fairness, and discretion. 2. Not engage in activities that might discredit the audit program or our organization. 3. Report audit...

Read More

Risk-Based Auditing

Oct 1, 2018 in Newsletter | Comments Off on Risk-Based Auditing

ISO 19011:2018, Guidelines for Auditing Management Systems, includes a new audit principle, the “Risk-based approach: an audit approach that considers risks and opportunities.” The risk-based approach should substantively influence the planning, conducting, and reporting of audits to ensure that audits are focused on matters that are significant for the audit client, and for achieving the audit program objectives. This article highlights the references to risk throughout the ISO 19011:2018 standard. Risk Definition Risk is...

Read More

Audit Program Risks

Oct 1, 2018 in Newsletter | Comments Off on Audit Program Risks

According to ISO 19011:2018, Guidelines for auditing management systems, a main difference compared to ISO 19011:2011, is the expansion of the guidance on managing an audit program, including audit program risk. An “audit program” is defined in clause 3.4 as the arrangements for a set of one or more audits planned for a specific timeframe and directed towards a specific purpose. According to clause 5.1, the extent of an audit program should be based on the size and nature of the auditee, as well as, on the nature,...

Read More

ISO 20000-1:2018

Oct 1, 2018 in Newsletter | Comments Off on ISO 20000-1:2018

The third edition of ISO 20000-1, Information technology – Service management – Part 1: Service management system requirements, has been published. ISO 20000-1:2018 specifies requirements for an organization to establish, implement, maintain, and continually improve a service management system (SMS). The specified requirements include the planning, design, transition, delivery, and improvement of services to meet the service requirements and deliver value. ISO 20000-1:2018 can be used by: a) a customer seeking services and...

Read More