Internal Auditing best practices

Internal Auditing best practices

Posted by Sameer Choughule on Feb 3, 2019 8:54 am

Hi, 
I'm Sameer Choughule and I work with one of the largest airport ground services providers in the world. It would be great to post some internal auditing best practices that various organizations implement. These could be on immense value for anyone who visits here, can pick up and try and implement within their own organizations. 
To start with, I would like to post one:
Risk based auditing - Well, on the surface it does sound some that exists since a long time, however, since the introduction of the revised ISO 9001:2015 standards, our team has gradually moved our perspective from pure compliance based auditing to risk based auditing. The intent is still compliance, however, with a concerted focus on identifying possible risks within the operations/business during an audit. Multiple discussions have led to greater insights into how we should document the identified risks during a risk based compliance audit. As of now, if a new risk is identified, we move it to the Risk Register. If an existing one is identified, we verify implemented Control Measures are mature and sustainable. 

Looking forward to some insightful discussions on this and some other auditing best practices. 
Ciao!