This article will give you an overview of best practices for using Experta when performing an internal audit of a company.
To get the maximum benefits from Experta, it is recommended that you try out the features in the sequence they are listed below:
2) Find exactly what to audit for each clause of the standard
3) Find the most popular questions per each topic
5) Find everything Experta has answered you
1) Learn about auditing
In order to prepare for an audit, learn how to do it through the Guided learning feature – its purpose is to teach you the details of a particular topic.
For example, you can learn about the details of:
- internal audit
- where to start with a standard
- preparing for a certification
- etc.
To start Guided learning, click the menu item from the main menu:
… and then click the Guided learning you are interested in:
You will notice that the guided learning will automatically start, taking you through all the important questions related to the topic you have chosen.
2) Find exactly what to audit for each clause of the standard
To know what the standard requires, and how to audit against each clause, use the Explore by clause feature – its purpose is to make it easier for you to find these questions about each clause.
For example, for each clause you’ll find the following questions:
- What is clause xyz?
- How to document clause xyz?
- What evidence the auditor will look for regarding clause xyz?
To start Explore by clause, click the menu item from the main menu:
… and then click the clause you are interested in:
You will notice that the relevant set of questions will be automatically displayed – simply click any of these questions and Experta will answer you instantly.
3) Find the most popular questions per each topic
To learn what the most common doubts people in companies have (and where they typically make most of the mistakes), use the Explore by topic feature – its purpose is to show the most common questions for any given topic.
To start the Explore by clause feature, click the menu item from the main menu:
… and then click the topic you’re interested in:
You’ll notice that Experta will show you the 3 most popular questions from that topic – simply click any of these questions and Experta will answer you right away.
4) Ask questions on your own
Once you explore all the questions that Experta is suggesting, it is time to start asking your own questions. (The questions below are presented for ISO 27001, but feel free to ask similar questions for other standards.)
Here are some ideas on what to ask…
Organizing internal audit
To start organizing an internal audit, here are a couple of questions you can ask:
- When should we start the internal audit? https://experta.com/shared-post/ba575af4-121e-4a2d-95e5-c50e669233e2
- How often do we need to perform internal audit? https://experta.com/shared-post/06e5cd5f-acd2-4223-a948-da9304ef6498
- How do we start with the internal audit? https://experta.com/shared-post/46fdb83f-14ba-46ff-9701-affff86a5507
- What is the difference between internal and external audits? https://experta.com/shared-post/b5bbfbc0-9245-456e-b05f-76ea3390b6c2
Preparing for an audit
To get everything ready for an audit, you can ask the following:
- What does an Internal audit program include? https://experta.com/shared-post/8d557278-1d5b-4926-83ee-2597a77c9143
- What does an Internal audit plan include? https://experta.com/shared-post/35251650-4554-4881-beb2-5680ee6b5931
- What does an Internal audit checklist include? https://experta.com/shared-post/a10a6567-7d06-4f4f-94c5-585257490aca
- What will the certification auditor ask regarding the internal audit? https://experta.com/shared-post/e0f657cf-3ae5-4800-aa68-b89bb42c269b
- What is the structure of ISO 27001, what are the main clauses? https://experta.com/shared-post/d4f70ddb-c462-4898-8762-1b4521013ac6
- List Annex A controls https://experta.com/shared-post/3ce562bf-ea5d-43b9-ad7a-df058fc078e7
Looking for evidence during the audit
Once you start the audit, these questions will help you ask for evidence during the audit:
- What type of evidence must an internal auditor collect? https://experta.com/shared-post/71863355-9128-41d3-9666-11a26e13e80d
- What are remote audit techniques? https://experta.com/shared-post/1dfc2586-c0fe-4394-bb81-9fd36838aae0
- What kind of records are needed according to ISO 27001? https://experta.com/shared-post/666a0834-dc5d-4fc8-ae43-ab61eec92918
- What will the certification auditor look for regarding control A.5.18 Access rights? https://experta.com/shared-post/c294b5b7-b5cb-49b6-ada0-3566cdac93ca
Presenting the results of the audit
Once you complete the audit, you can get help on how to report the results:
- What does an Internal audit report include? https://experta.com/shared-post/f1971f01-1108-43e5-82b1-b16d273fe58e
- How to write a nonconformity during an internal audit? https://experta.com/shared-post/b23fd330-37ae-4a4c-a717-659492703186
- Who should the internal auditor report to? https://experta.com/shared-post/51b3d2db-2d29-474b-bc99-5285f148c37d
5) Find everything Experta has answered you
If you want to see all the answers Experta has provided you, use the Saved conversations feature – its purpose is to archive all your correspondence with Experta.
To open Saved conversations, click the menu item from the main menu:
… and then click the conversation you want to see:
You’ll notice that Experta will show you the whole conversation on the main screen – you can simply continue that conversation, or click another saved conversation to be displayed.