Guidelines for Recruitment
ISO 30405:2016, “Human resource management – Guidelines for recruitment” Recruitment is a major part of human resource management, including the necessary activities an organization undertakes to attract, source, assess, and employ people. The impact of recruitment on organizational performance was noted in a survey conducted of 4,288 executives from 102 countries by the World Federation of People Management Association. It found that organizations ranked in the top 20% in terms of ability to deliver on recruiting,...
Read MoreInternal Auditor Code of Conduct
Purpose To communicate the integrity, objectivity, confidentiality, and competence expected of internal auditors, as well as, to provide a means for them to pledge their commitment to these principles. Integrity The integrity of internal auditors establishes trust and provides the basis for relying on their judgment. As an internal auditor, I pledge to: 1. Perform my audit assignments with honesty, accuracy, fairness, and discretion. 2. Not engage in activities that might discredit the audit program or our organization. 3. Report audit...
Read MoreRisk-Based Auditing
ISO 19011:2018, Guidelines for Auditing Management Systems, includes a new audit principle, the “Risk-based approach: an audit approach that considers risks and opportunities.” The risk-based approach should substantively influence the planning, conducting, and reporting of audits to ensure that audits are focused on matters that are significant for the audit client, and for achieving the audit program objectives. This article highlights the references to risk throughout the ISO 19011:2018 standard. Risk Definition Risk is...
Read MoreAudit Program Risks
According to ISO 19011:2018, Guidelines for auditing management systems, a main difference compared to ISO 19011:2011, is the expansion of the guidance on managing an audit program, including audit program risk. An “audit program” is defined in clause 3.4 as the arrangements for a set of one or more audits planned for a specific timeframe and directed towards a specific purpose. According to clause 5.1, the extent of an audit program should be based on the size and nature of the auditee, as well as, on the nature,...
Read MoreISO 20000-1:2018
The third edition of ISO 20000-1, Information technology – Service management – Part 1: Service management system requirements, has been published. ISO 20000-1:2018 specifies requirements for an organization to establish, implement, maintain, and continually improve a service management system (SMS). The specified requirements include the planning, design, transition, delivery, and improvement of services to meet the service requirements and deliver value. ISO 20000-1:2018 can be used by: a) a customer seeking services and...
Read More