6 Responses

  1. Rich Hall
    Rich Hall at |

    This article gives me validation to what we do here at The Boeing Company in Internal Audit. Great article!

  2. Josie B
    Josie B at |

    Good article!

  3. Cristian P
    Cristian P at |

    Dear Sir,
    Question: should the external auditor ( from certification body) take evidences (documented information like organization objectives, quality manual, etc) with him?

    1. Boncho Antonov
      Boncho Antonov at |

      IMHO this is a very bad practice. In many cases, there is no logic. For example, the auditor wants you to send him by E-mail The Statement of Applicability (ISO/IEC 27001). And in some cases such a practice can also be qualified as a crime. But most importantly, the auditing process, when it comes to management systems, does not require the auditor to take and store evidence. Such a practice of taking evidences conflicts with the first principle of auditing – integrity – and with the principle of confidenciality …

  4. Kenneth W. Place
    Kenneth W. Place at |

    Good article and GREAT book by Craig. ISO 9001:2015 in plain English is a recommendation to any company dealing with an ISO based standard!

  5. izaruku christopher
    izaruku christopher at |

    am satisfied with the article


Leave a Reply