The most successful audits are those involving sound planning and in which the auditee and the auditors have a constructive working environment.
Our objective here is to have your continued support and involvement at every stage, so that you, understand what we are doing and why. Although every audit is unique, the audit process is similar for most engagement, and normally contains 5 stages:
- Planning & information intake
- Preliminary review & research
- Interview / Execution
The focus of a technical audit, typically can be broken down into 5 pillars:
- Product / Projects
- Software and infrastructure
- Process (maturity)
The specific focus area for an audit, is determined in combination with the audit requestor
Stage 1: Planning & information intake
In the planning phase, the auditor makes an effort to understand what kinds of documentation are needed, collects documents (e.g.from previous audits) and gathers preliminary insights from questionnaires. During the planning phase, the auditor also begins to plan the scope of the audit and to determine what the objective of the audit is.
Scheduling an Open Meeting / InterviewSenior management and key staff are then invited to an open interview. A time frame for the audit is determined, and any timing issues such as scheduled absense are discussed and handled. Department heads may be asked to inform staff regarding possible interviews with the auditor if needed.
Stage 2: Preliminary review & research
The auditor begins to evaluate the way a company operates and takes into account the organisation's internal processes. If any of these processes do not allow the auditor to perform the audit as well as he had planned, he may adapt to accommodate for the differences between his assumptions and the way the organisation actually operates.Requesting Documents and gathering insights
In order to speed up the process and limit the time needed on the on-site interviews, often more information is requested after the planning phase. This is usually done to deepen the insights already gained or to better prepare the interviews.Preparing an Audit Plan
The auditor studies the received insights and information and plans out how the audit interviews will be best conducted.
Stage 3: Interview / Execution
Depending on the scale of the audit, the auditor will begin to interview employees in different areas of the organisation to understand its general practices and processes. The auditor also identifies the areas that are setup properly or less effective for the current stage the company is in.Conducting research
The auditor takes information gathered from the interview and uses it to finalise the audit plan. Research is then conducted by several technical checks, running some scans or otherwise validating interview input.
Stage 4: Reporting
All of the work done during the first three phases is accumulated in the production and delivery of the audit report. In addition to identifying areas in need of improvement, the audit report also includes recommendations and highlights of the status quo.
Stage 5: Debrief
The auditor solicits a response from management that indicates whether it agrees or disagrees with problems in the report, a description of management's action plan to address the problems and a projected completion date. At the closing meeting or debrief, all parties involved discuss the report and management responses. If there are any remaining issues, they're resolved at this point.That's it!
For this stage of the deal, this is what the audit entails. After this, the actual journey is just about to start. If in any situation, reflection is needed or support on implementing the advice given, please don’t hesitate to reach out to us!