Would like a little bit of input here from the third-party auditors or those who have been third-party auditors, if I may....
I'm considering doing away with our current internal audit checklist and just allowing the auditors to develop their own checklists for the audits they do. Currently, we have a long checklist that is rather cumbersome and very detailed. Originally, this was a great tool with the auditor pool we had at the time. It has since served its purpose, IMO, and I feel that we can now evolve and move away from it to allow the auditors to use other tools which are just as effective.
As it is now, the auditors develop their own checklists as they do their desk audits and the questions are very well-thought out and detailed. Often, the responses lead them to look at other inputs to the process they are auditing, which is exactly what they should be doing.
Specifically, I'm interested to find out what the opinion is of those here who are third party auditors and have seen internal audit processes that are successful without the use of a 'prescribed' audit checklist. Unless I'm mistaken, there isn't a requirement for having a controlled document that is an audit checklist.
Any and all input is welcome....
Thanks!
I'm considering doing away with our current internal audit checklist and just allowing the auditors to develop their own checklists for the audits they do. Currently, we have a long checklist that is rather cumbersome and very detailed. Originally, this was a great tool with the auditor pool we had at the time. It has since served its purpose, IMO, and I feel that we can now evolve and move away from it to allow the auditors to use other tools which are just as effective.
As it is now, the auditors develop their own checklists as they do their desk audits and the questions are very well-thought out and detailed. Often, the responses lead them to look at other inputs to the process they are auditing, which is exactly what they should be doing.
Specifically, I'm interested to find out what the opinion is of those here who are third party auditors and have seen internal audit processes that are successful without the use of a 'prescribed' audit checklist. Unless I'm mistaken, there isn't a requirement for having a controlled document that is an audit checklist.
Any and all input is welcome....
Thanks!