Internal Audit

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Revision as of 20:14, 10 April 2023 by Moh heng (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
1. Internal Audit is an ongoing internal independent and objective appraisal of the organization’s operational activity following the BCMS requirement.
BL-A-5 click to know more


Notes: During an internal audit, internal auditors will evaluate and monitor an organization’s risk management, reporting, and control practices and suggest improvements.

Related Terms: Audit. First Party Audit, Second Party Audit, Third Party Audit

Similar Term: Internal Audit; Auditor; Reviewer; Lead Auditor; External Auditors





Click to know more about expert level training

(Source: Business Continuity Management Institute - BCM Institute)

A Manager’s Guide to Auditing & Reviewing Your Business Continuity Management Program

2. Information required to be controlled and maintained by an organization and the medium on which it is contained.

Note: In many cases, particularly in smaller organizations, independence can be demonstrated by the freedom from responsibility for the activity being audited.

(Source: ISO 22301:2012 – Societal Security – Business Continuity Management Systems - Requirements) - clause 3.22

3. Audit conducted by, or on behalf of, the organization itself for management review and another internal purpose, which might form the basis for an organization’s self-declaration on conformity.

(Source: AE/HSC/NCEMA 7000:2012)

4. Internal Audit is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

(Source: AS/NZS 5050.3 Australian and New Zealand Standards for business continuity management.

Part 3: Business continuity management audit and assurance standard)

5. Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

(Source: http://www.theiia.org Institute of Internal Auditors)

6. Internal Audit is a systematic investigation of the intent, implementation and effectiveness of selected aspects of an organisation's systems or one or more of its departments.

(Source: hhtp://elsmar.com)