- Risk management
- Risk assessment
Value Added Auditing (440 pages) is a process and risk based manual for ISO management system and risk based audits. The manual can be used to conduct performance, operational, IT, cyber, and supply risk management assessments. The objective of the manual is to enhance: 1. Risk-based, problem solving and 2. Risk-based, decision making. All ISO 9001:2015 and ISO 14001 companies should read this book to understand and implement Risk Based Thinking (RBT) and Risk Based Auditing (RBA).
What This Book Can Do For You?
Value Added Auditing can be used as your ‘how to’ primer or reference for the following assessments:
- ISO 9001, ISO 14001, and other ISO management system assessments that focus on continual improvement, risk assurance, and achieving business objectives. The book is harmonized to ISO 31000.
- Business assurance assessments including attestation, compliance, maturity, capability, and benchmarking.
- Risk assurance assessments ensuring an organization can meet its governance, risk, and compliance (GRC) objectives.
- Assurance and opinion audits based on international standards.
- Internal auditing (Yellow Book/Red Book/Quality) providing independent and objective assurance that an organization can accomplish its business objectives within its risk appetite.
- Supplier auditing that may involve risk forensics, assurance, and analytics.
- Risk based Information Technology (IT) audits including ISO 27001, COBIT, ITIL, HIPAA, PCI, FISMA, and SOX assessments.