Advancing Virtual Audits: Creating Partners and Audit Tools
Shauna Wilson, President, Amazon Consulting, Inc., Corvallis, OR, USA
Keywords: Virtual Auditing, Remote Auditing,
A pandemic moved many to conduct audits remotely for the first time. Words have been spoken and written about the return to on site audits. But is that the future of auditing? Technology advances have provided new electronic tools that will enhance auditing to be more flexible and instantaneous, improve efficiencies and overall performance. Now, I am not suggesting 100% remote auditing, but have we really considered all the tools we have in our possession to examine processes? It should not just be an either-or decision (onsite or remote), but an audit plan that captures the whole supply chain within an organizations’ quality system using the best audit methods to verify conformance and validate performance.
The ISO9001:2015 standard lead quality to take internal auditing to the next level by the removal of a single management representative and referred the QMS to a management team. This also impacts the internal audit, now a management plan incorporating all functions in the organization, not just a quality department. When the quality manager facilitates a management plan to review the quality system in a holistic sense, other aspects will join, including the organizations supply chain and process performance.
What are the electronic tools that can be used for auditing? We watch others incorporate robots, mobile devices, and drones to show houses for sale, emergency services investigate crime scenes or disaster areas, and health services conduct operations remotely. Why aren’t electronic tools at the forefront for quality system audits? If quality is to board the train, quality needs to begin training auditors and other professionals how to collect objective data using electronic tools. Reading LinkedIn messages from auditors that were forced to conduct audits remotely during the pandemic and shared how they conducted the audit said a lot about how far behind the profession of quality is in this methodology. Would we allow auditing to take place if auditors did not attend the lead auditor training?
We all live in a world of cyber security risk, and it is important to add appropriate protections to avoid internet hacking, ransomware, and other cyber-attacks when using electronic tools. There are simple steps to protect data and devices from attack including adding firewalls, running anti-virus protections, and maintaining back-up systems.
This presentation explores how to develop an audit plan based on risk, assess your audit for potential Information Communication Technology ICT tools and review necessary cyber security protections.
• Define Information Communication Technology ICT
• Layout and describe an ICT Tool Audit Trail
• Develop and audit plan, based on risk and incorporating ICT Tools
• Review Virtual Audit Security Measures
• Examine Auditor Capabilities and Needs