2. Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled

Notes (1): An audit may be an internal audit (first party) or an external audit (second party or third party), and it may be a combined audit (combining two or more disciplines).

Notes (2): "Audit evidence” and “audit criteria” are defined in ISO 19011.

(Source: ISO 22301:2012 – Societal Security – Business Continuity Management Systems - Requirements) - clause 3.2

3. Audit is a systematic examination to determine whether activities and related results conform to planned arrangements and whether these arrangements are implemented effectively and are suitable for achieving the organization's policy and objectives

(Source: ISO19011: 2002 Guidelines for quality and/or environmental management systems auditing, clause 3.1)

4. Audit is a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled

(Source: ISO19011: 2002 Guidelines for quality and/or environmental management systems auditing, clause 3.1)

5. The process by which procedures and/or documentation are measured against pre-agreed standards.

(Source: Business Continuity Institute - BCI)

6. The process by which procedures and/or documentation are measured against pre-agreed standards.

(Source: Australia. A Practitioner's Guide to Business Continuity Management HB292 - 2006 )

Related Links

• Information Systems Audit and Control Association (ISACA)
• Institute of Internal Auditors (IIA)
• The American Institute of Certified Public Accountants (AICPA)