Register now or log in to join your professional community.
The internal auditor role may be staffed by a experienced employee from throughout the organization.
The purpose of the internal audit is to confirm that the company’s documentation meets agreed policies and procedure requirements with respect to organization's objectives, applicable regulations and industry best practices.
Hence typically the internal auditor must serve as:
An independent and unbiased organizational change catalyst
An interface between different groups or business units
An advisor/consultant to the auditee group/s with reasonable level of inquisitiveness.
A reporter of matter of fact but not essentially a fault finder or a policeman with boots on the ground attitude.
As the auditor serves in this role, he/she must be careful to bring an objective, professional perspective to the job.
Internal auditors are chosen based on their understanding on ISO 27001 standard and capability to get them trained further on the auditing process. It is not mandatory for the auditor have expert knowledge in the ISMS, however the person should be able to audit against ISO 27001 standard to identify non-compliance sto the standard and he/she can identify areas for improvement.
You need choose Internal Auditors from each department who is having over all process knowledge in their own department and then need to provide internal auditor training to them that will enable them to perform as a Internal Auditor.
