Audit

As audit (Latin audire, hear, audit, he / she / it hears; translated as hearing ) are generally referred to investigation procedures designed to evaluate processes with regard to the fulfillment of requirements and guidelines. This often takes place in the context of quality management. The audits are conducted by a specially trained auditor.

Within the quality management two types of audits are distinguished: In the area of ​​static quality management audits have test character, as they provide evidence of contractual agreements moderate. They are therefore performed only once for each review cycle. In the dynamic quality assurance ( or quality management) audits comes to an extended meaning: They are used to detect trends and give the initiators of changes important feedback on the effectiveness of the measures taken. The strength of the accompanying audits increases with the repetition rate at which the identical questionnaire to the identical affected group will be submitted to the identical theme. Specifications makes the " DIN EN ISO 19011, Guidelines for auditing management systems ".

In this sense the term was originally applied in Human Resources. Today, in almost all areas of companies or organizations from time to time audits performed (see Internal Audit ): finance, information management, data protection, production processes, customer management, quality management, environment, management and running a business / organization (see Management Audit ) job satisfaction, reconciliation of work and family life etc.

Depending on the area being analyzed in an audit of the actual state or determined to compare the original objectives with the objectives actually achieved. Whenever some audit also serve to detect common problems or a need for improvement, so that they can be eliminated. After possible corrective actions / improvements have been introduced, they must be proven. This is done by means of documents, images, etc.

Management systems

When setting, certification and maintenance of management systems audits play an important role.

The audit types are distinguished by different criteria. Distinction according to the audit subject:

  • Financial audit ( financial accounting works after accounting principles ( accuracy, precision, regularity ) check )
  • Compliance Audit ( verification of compliance with a set of rules questions )
  • Performance Audit (also called Rechtsmäßigkeitsprüfung; objective and systematic review of the achievement of objectives / effectiveness and whether you need the necessary resources were used economically and efficiently )
  • System Audit ( considered the management system )
  • Process Audit ( considered individual processes )
  • Process Audit (Synonym for process audit or examination of procedures)
  • Product Audit (the product considered based on customer expectations )
  • Project audit ( considered the progress of a project)
  • Media Audit ( verifying conformity of media activities )

Distinction according to the status of the auditor:

  • Internal Audit ( 1st party, the auditor is an employee of the organization in which the audit is carried out )
  • Supplier Audit ( 2nd Party, usually from the management agent of a customer at the supplier)
  • Certification audit ( 3rd Party, by an independent auditor of a certification authority, such as by DQS or TUV Cert, SGS Institut Fresenius, Bureau Veritas or ULD ( on data protection matters ) )

Audits in connection with the certification of management systems:

  • Called pre-audit to determine the certification ability, even friendly audit
  • Certification audit with examination of the documents and the fulfillment of the rules to be certified on the basis of a questionnaire
  • Surveillance audit ( is usually carried out annually ) to monitor the further development of the management system
  • Repeat audit or recertification is performed in most management systems every three years

Software

In information technology, the term audit for various internal checks in software projects is used:

  • A regular or random testing of project components to ensure compliance internally defined rules ( using special templates to conform to the overall project, suitability for implementing the requirements of the module etc. )
  • Systematically examining the source code, for example, improper implementations, quality ( quality of ) the source code formatting or completeness of the documentation ( code audit )
  • The systematic search for potential vulnerabilities in programs or IT infrastructure ( Security Audit )
  • Checking whether a company for the software used has a sufficient number of licenses
  • Called measures for vulnerability and risk analysis of IT systems, security audit

Higher Education

In the Austrian higher education system is provided that state universities and colleges have to submit their internal quality management process to an audit, see: Agency for Quality Assurance and Accreditation Austria # audit.

Comptroller Managementsystem
87415
de