Auditoría Principios y Generalidades
General Principles and Overview of Internal Auditing
Definition and Classification of Audits
- Internal auditing is defined as a systematic, independent, and documented process aimed at obtaining and evaluating evidence objectively to determine compliance with audit criteria.
- Audits are classified based on the requester:
- First-party (internal audits by the organization),
- Second-party (audits conducted by one organization on another, such as clients auditing suppliers),
- Third-party (accredited entities conducting certification audits).
Types of Audits
- There are three main types of audits:
- Process Audit: Assesses the effectiveness of a specific process.
- System Audit: Evaluates all elements against requirements, such as ISO standards.
- Product Audit: Verifies that products or services meet customer specifications.
Criteria and Frequency of Audits
- The criteria for audits include compliance, conformity, and performance. The frequency is determined by:
- Importance of the process,
- Performance outcomes,
- Results from previous audits.
Objectives and Management of Audit Programs
- The audit aims to examine compliance with requirements, identify issues, risks, opportunities for improvement, and assess overall performance.
- Managing an audit program involves defining objectives, communicating plans, developing teams, monitoring progress, reviewing results, and improving processes.
Execution Process of Audits
- The audit execution begins with program approval followed by document review. Key steps include:
- Planning the audit,
- Conducting opening meetings,
- Performing interviews and field observations,
- Reporting findings in a closing meeting.
Evidence Collection During Audits
- Evidence collection includes:
- Identifying information sources,
- Sampling methods,
- Gathering audit evidence,
- Evaluating criteria against findings leading to conclusions.