Telefoon: 085-0046560
Mail: info@mathison.nl
Bezoekadres: Cypresbaan 7-9
2908 LT Capelle aan den IJssel
integrated audit
We are seeing more and more integrated ISO 27001 / NEN7510 audits with an ISAE3000 or ISAE3402 assurance audit. Outsourcing organisations are requesting more and more frequently both an ISO certificate and an assurance statement from their suppliers. Through these audits, you as a service organisation can report to your customers about your reliability through an independent external auditor and you can report about your management system and improvement capability.
Advantages to Integrating audits
The statements are complementary to one another. Combining these audits has advantages:
Complete picture through additional statements: By combining both audits, you can get a complete picture about risk management.
- An ISO certification audit is focused on testing the management system; it is a forward-looking audit (like, for example, an ISO27001 certification). Among other things, the auditor looks at compliance with stakeholder requirements, laws and regulations and agreements entered into from the services offered.
- An audit that looks extensively at demonstrable compliance (Assurance) ‘looks back’ (over the chosen reporting period) and provides assurance on the agreed arrangements; whether control objectives have been met that address clients’ risks.
A single point of contact for the audit team: You have synergistic benefits because we have (a team of) auditors who can perform these investigations simultaneously, giving you a single point of contact for your complete compliance question.
Less audit pressure: Combining audits is advantageous because an organisation can be audited at one time, reducing audit pressure. A schedule is prepared for both audits, efficiently scheduling employees to be interviewed. In short by bundling the audits you offer a complete picture about risk management over the chosen period of time and the controlling and improving ability. Through bundling the audits, you can bundle more targeted audit timing.
Contact us
Do you have any more questions about integrated audits or did your customers ask for an assurance statement? Or would you like to exchange thoughts on your processes? we are more then happy to help.
Quality management within integrated audits
Quality assurance assurance examinations
We comply with the quality requirements of the regulators for the execution of work and filing. Only auditors affiliated with the International Federation of Accountants (IFAC) are allowed to issue an ISAE statement. NOREA Guidelines 3000 and 3402 set requirements for the quality and execution of the assignment, the content of the assurance report and the way in which the judgement is formulated.
The audits performed are subject to a file review by a colleague that is not part of the audit team to ensure being impartial. We comply with the requirements of the professional organisation NOREA.
Partnerships with certification bodies
We work together with accredited certification bodies (CIs) for ISO 27001, or NEN 7510 certifications. You will obtain a certificate under accreditation upon positive completion of an examination. The accreditation body supervises the quality of the audits performed.