In this video, I'm going to talk about the best method of internal auditing that will work best for your organisation and provide the greatest return on investment from your audit process.
Risk Based Internal Auditing
Firstly, you need to start with the end in mind, what's the purpose of internal auditing? What do you want to gain from it? You want to get improvement. If it's just purely about certification, you're not going to gain anything from it.
Our suggestion is that we need to understand how we can drive these improvements in our organisation through our internal audit program.
Benefits
When looking at the internal audit schedule, this is traditionally a process of auditing all of our procedures in the organisation.
However, what benefit do we really get from that? Because most businesses, they comply with their procedures, they meet the requirements.
We really need to have a risk-based internal audit schedule: What are the problems that we suffer from in our organisation? Where are the areas where risk brings us errors?
Method
We must understand our business processes in detail in order to really effectively write an internal audit schedule. Once you have all your business processes and understand the risks of those processes, you want to rate them, so you understand where the low risk processes are, medium risk processes and high-risk processes.
If we do that, then we can start to schedule audits in a way that will best benefit our organisation, not a certification body but our business.
By doing this, we look at an internal audit schedule spread over a three year cycle.
You may want to consider:
Low risk processes being audited once in that three year cycle, if at all
Medium risk processes every 18 months
High risk processes every 3 / 6 / 9 months
The high risk processes are the ones which can cause us the greatest harm if we don't put the best control in place.
If we do that, we can have a much more effective internal audit schedule. And we can work with our teams to drive that and improve that based on error that we have in our business.
If you like this video, please subscribe to our YouTube Channel to keep up to date with other videos we create.