Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

In your company, how do you pick or choose internal auditors (ISO/ IMS) from other departments?

user-image
Question added by HEMANT KUMAR , Safety Manager , SLMG BEVRAGES PVT LTD
Date Posted: 2016/07/04
Biswaranjan Samal
by Biswaranjan Samal , Manager , Wipro

The internal auditor role may be staffed by a experienced employee from throughout the organization. 

The purpose of the internal audit is to confirm that the company’s documentation meets agreed policies and procedure requirements with respect to organization's objectives, applicable regulations and industry best practices.

Hence typically the internal auditor must serve as:

An independent and unbiased organizational change catalyst

An interface between different groups or business units

An advisor/consultant to the auditee group/s with reasonable level of inquisitiveness.

A reporter of matter of fact but not essentially a fault finder or a policeman with boots on the ground attitude.

As the auditor serves in this role, he/she must be careful to bring an objective, professional perspective to the job. 

 

Ajesh John
by Ajesh John , Information Security Manager , Infosys Ltd

Internal auditors are chosen based on their understanding on ISO 27001 standard and capability to get them trained further on the auditing process. It is not mandatory for the auditor have expert knowledge in the ISMS, however the person should be able to audit against ISO 27001 standard to identify non-compliance sto the standard and he/she can identify areas for improvement. 

suresh kantamneni
by suresh kantamneni , Head - IT Infrastructure / IMS Delivery , IT Infrastructure

You need choose Internal Auditors from each department who is having over all process knowledge in their own department  and then need to provide internal auditor training to them that will enable them to perform as a Internal Auditor.

More Questions Like This