Simply complete annual risk assessments of various departments and the processes they use, determine which of those processes should be included in the current year’s audit and their significance levels.
Define accredited certification standards and governing regulations. Determine related criteria and associated departments for these standards and regulations. Create questionnaires for audit activites, and let auditrunner handle the rest. For instance, when you decide to execute an ISO 27001 audit on IT department, the question set is sent to the auditor as an “audit task”. When the auditor executes his/her activity on this task, the audit report is generated automatically.
Execute process audits with the standard flow. Attach findings from field work to worksheets. Build consensus on findings and get action plans from audited departments. Send opening and closing meeting minutes to the attendees. Prepare executive summary and distribute it along with the automatically generated audit report.
Audit reports in line with your corporate template and compliant with international internal audit standards are generated and distributed automatically. Create, distribute & archive different types of reports for different types of activities, such as investigation, consultancy, analysis and so on. Assign reading tasks for reports. Determine deadlines and check reading status for these tasks.