Remote Audit with ISOLTX-GRCA

REMOTE AUDITS WITH CREST ADVISORY AFRICA (CAA)

Consequent to the COVID-19 pandemic outbreak that the world is facing, we consider that being healthy and working safely is the primary goal. Nonetheless, this doesn’t mean that compliance to standards cannot be maintained.

CAA’s Solution

To adjust to this situation, CAA has developed software, ISOLTX-GRC-A™, together with one of the Leading universities in South Africa and Subject Matter Experts (SME) with more than 250 years of combined knowledge and operational experience, for the following reasons:

  1. To assist organisations with the implementation of any ISO standard, or combination of ISO standards.  
  2. To provide organisations the ability to give combined assurance to Top Management with regard to their Return on Investment (RoI) 
  3. To serve as a repository for any type of evidence such as documents, CCTV Footage, Audio, Video etc.  
  4. To enable remote audits and thus ensure the safety of auditors and staff involved in the audit, but at the same time ensure the client is maintaining its Management System or Systems
7geQfMawCxqmresNIDu9WQltqkncu8oNSgENJlgl6mswOthyczmKVDJlcf52kdVO6FUVZ7tFnBY1KpecfNa0ZIJzi62 9Acle220pmD7dDy0zIx7OMyjxTyPCOHkt0o 2UsK60ovNjAqWS2Rdw

Figure 1: ISOLTX-GRC-A™- Drive Performance & Certainty

What Is Remote Audit?

Remote audit is the audit process done by auditor/s remotely from a location other than the physical location of the client. Basically, our auditors will be connecting with clients via technology communication means such as GoToMeeting, Webex, Skype, Zoom etc. In addition, livestreaming via phone apps (Facetime or WhatsApp) paired with headsets will also be options to facilitate the audit process. 

The auditor will have access to the client’s ISOLTX-GRC-A™, which is cloud based.  The software is username and password protected and keeps a full audit trail of anyone logging into it.oZhw8TW9EGo0EJvD9jkgpAJv2azkKp 7LXwV6UbSyriKrOVM2 i3Qpc4L8Ro6g8w5ixmBxfjJ js7x72BGK9bUuBy7b8eJFL

Not only can ISOLTX-GRC-A™ be used for external or third-party audits, but it is the perfect tool for continuous internal audits and informs the users and Top Management continuously of the maturity of the ISO or combination of ISO’s through dynamic dashboards.

Figure 2: ISOLTX-GRC-A™ Dynamic Dashboard

Why Should You Consider Remote Audit?

Considering the uncertainty caused by the pandemic, remote audit, through ISOLTX-GRC-A™, will enable you to:

  1. Keep up the regular schedule of audit
  2. Do audits with reduced costs (no travel & accommodation costs)
  3. Use technology to involve your team in the audit process

(All interviews, meetings, conversations etc. can be saved as evidence on ISOLTX-GRC-A™)

  1. Leverage the same network of professionals, auditors and experts 

How to Initiate the implementation of ISOLTX-GRC-A™  and a Remote Audit?

All you have to do is to send a request to isoltx@crestadvisoryafrica.com and let us know that you are interested in the ISOLTX-GRC-A™ software and that you want to be audited through this approach. CAA will then consult with you on the way forward.

REMOTE AUDIT PROCESS

Pre-Audit Activities – Planning

CAA and the client shall plan/define prior to the remote audit the following:

  1. The list of activities, areas, information, and personnel to be involved in the remote audit
  2. A plan on how to review the information that cannot be shared remotely (e.g. confidential information). CAA will define how this will be dealt with (e.g. follow up audit)
  3. A good internet/Wi-Fi connection will be necessary
  4. The interface for hosting the audit (e.g. Go-To-Meeting, Zoom, etc.)
  5. Granting security and/or profile access to the auditor
  6. Testing interface compatibility between the auditor and the client
  7. Considering the use of webcams, cameras, etc.
  8. Time zone management to coordinate reasonable and mutually agreeable convening time

Audit Activities – Audit process

Auditor(s) will be connected with the client via viable pre-agreed connection means with voice and video. Audit team will review the evidences used to support the management system being audited and will conduct required interviews with the personnel involved in the certification audit scope. When applicable, site tours may be requested. 

Post Audit Activities – Review of audit findings and CAA decision

Post audit activities for remote audits are identical to those of regular on-site audits. Audit report will be drafted by auditor specifying the methods used for remote audit. Once corrective actions (if any) are taken and validated, CAA will communicate the certification decision.  

Rules to Follow While Conducting the Remote Audit

  • The audit should be facilitated in a quiet environment whenever possible to avoid interference and background noise (i.e., speakerphones).
  • Both parties should make their best effort to confirm what was heard, stated, and read throughout the audit
  • The records required for the remote audit are the same as the records required when the audit is conducted on-site and should already be loaded on the ISOLTX-GRC-A™.  This then serves as a centralised repository of all evidence
  • Should an item not be able to be reviewed or complete determination not be able to be made, a record should be made. 
  • The auditor shall not video-record any communication during the audit unless agreed to by both parties.
  • All remote audits shall be concluded with a summary, review of the events, issues of concerns, clarification of issues, non-conformities and expectations.  This will all also be loaded onto ISOLTX-GRC-A™.
  • Both parties need to take appropriate measures to safeguard data confidentiality in any format.  ISOLTX-GRC-A™ can be set-up to prevent access to certain information when creating the user rights and the type of users.

If the CAA audit team concludes that the audit objectives cannot be achieved at any time during the remote audit, the remote audit activity will be terminated, and an on-site audit will have to be planned.

STEPS TO A REMOTE AUDIT

A close up of a piece of paperDescription automatically generated

Leave a Reply

Your email address will not be published. Required fields are marked *

Table of Contents

About the Author

Nico Snyman
Founder and CEO at Crest Advisory Africa (Pty) Ltd Nico Snyman is the Founder and Chief Executive Officer (CEO) of Crest Advisory Africa (Pty) Ltd since June 2014, based in Johannesburg, South Africa. Nico has an MBA, specializing in Total Quality Management (TQM) and is an internationally Certified Management System Auditor with PECB. Nico is also a PECB-certified Senior Lead Auditor for 19 ISO standards. With over 35 years of experience in various disciplines, Nico has a vast subject matter expertise (SME) base across various industries, from government, corporate, regulators, banks, mines, medical schemes, etc. He served as a Brigadier in the South African Police Service (SAPS), an Executive on the biggest global project between 2007 and 2011, the Gautrain Project, and as an Executive, was instrumental to the establishment of the Bombela Operating Company (BOC) between 2009 and 2013.