Telefoon: 085-0046560
Mail: info@mathison.nl
Bezoekadres: Cypresbaan 7-9
2908 LT Capelle aan den IJssel
integrated audit
An integrated audit, for example, consists of an ISO 27001/NEN 7510 audit with an ISAE 3000 or ISAE 3402 assurance audit. Outsourcing organisations are increasingly requesting ISO certification and assurance statements from suppliers for risk management reasons. These audits allow you, as a service organisation, to report to your customers on your reliability via an independent external auditor, as well as on your management system and potential for improvement.
Advantages to Integrating audits
The assurance statements and ISO certificates are complementary. Combining these audits offers advantages:
Complete picture through additional statements: By combining both audits, you can get a complete picture about risk management.
- Complete picture through complementary statements: By combining both audits, you can obtain a complete picture of risk management.
- An ISO certification audit focuses on assessing the management system; it is a forward-looking audit (such as with ISO 27001 certification). The auditor examines, among other things, compliance with stakeholder requirements, laws and regulations, and the agreements made within the scope of the services provided.
- An audit that comprehensively examines demonstrable compliance with the stated requirements (Assurance) “looks back” (over the selected reporting period) and provides assurance regarding the agreed-upon agreements; whether the control objectives that address client risks have been met.
A single point of contact for the audit team: You have synergistic benefits because we have (a team of) auditors who can perform these investigations simultaneously, giving you a single point of contact for your complete compliance question.
Less audit pressure: Combining audits is advantageous because an organisation can be audited at one time, reducing audit pressure. A schedule is prepared for both audits, efficiently scheduling employees to be interviewed. In short by bundling the audits you offer a complete picture about risk management over the chosen period of time and the controlling and improving ability. Through bundling the audits, you can bundle more targeted audit timing.
Contact us
Do you have any more questions about integrated audits or did your customers ask for an assurance statement? Or would you like to exchange thoughts on your processes? we are more then happy to help.
Compliance management within integrated audits
Quality assurance assurance examinations
We comply with the quality requirements of supervisory bodies for the execution of our work and the preparation of our files. Only auditors affiliated with the International Federation of Accountants (IFAC) are permitted to issue an ISAE statement. NOREA Guidelines 3000 and 3402 stipulate requirements for the quality and execution of the engagement, the content of the assurance report, and the manner in which the opinion is formulated.
A file review is conducted on the audits performed by a colleague who is not part of the audit team. We comply with the requirements of the professional organization NOREA.
Partnerships with certification bodies
We collaborate with accredited certification bodies (CBs) for ISO 27001 or NEN 7510 certifications. Upon successful completion of an audit, you will receive an accredited certificate. The accreditation body monitors the quality of the audits performed.