Register now or log in to join your professional community.
Ahmad's comments above are very practical. The only area I would concentrate on in more details is why a process audit is to be conducted e.g. finding out whether compliance is being achieved in practice (operating effectiveness), or is the process achieving the desired objective as cost effectively as possible (design effectiveness). If the latter of these two, the auditor will also be looking to understand how documented process would, if practised, mitigate the inherent risk mapped to the concerned business objective. Is it effective? What supporting evidence is there of this effectiveness (e.g. KPIs, etc)? Could the process design be improved to make it more effective and less costly?