#132 – WHAT TO DO IF THERE IS NO AUDIT DOCUMENTATION? – GREG HUTCHINS

Featured

Greg Hutchins pixMost organizations have established operational standards, objectives, metrics and expectations, which are operationalized through procedures and work instructions. If these exist, then the value added auditor can use these as a metric to conduct an audit.

The internal auditor determines whether the business objectives, standards, metrics, processes and work instructions are acceptable to meet audit objectives and then determine if they are being met.

But, what does the internal auditor do if there are no technical, procedures, policies, specifications, standards, or other types of documents? Continue reading

#132 – STRUCTURING ICT MANAGEMENT TO ALIGN IT WITH THE ENTERPRISE: PART 3 CHARTING TO BE – HOWARD M. WIENER

Featured

Howard Wiener PixIn previous posts (Part 2) , I defined a simple hierarchy for portraying the Enterprise and made a case for the importance of understanding and documenting the as-is Enterprise Architecture to a reasonable level of detail.

Continue reading

#132 – MERITS OF RISK MANAGEMENT: COMPLIANCE AS AN INVESTMENT – ANNETTE DAVISON, BOB BURFORD

Featured

AAA&Burford

ABSTRACT

Understanding and implementing sound compliance programs is a fundamental component of corporate governance and risk management. Effective risk management is not limited to understanding an organisation’s regulator-driven compliance requirements. It also includes managing an organisation’s overall operating context risks, within a business outcomes’ framework in order to mitigate these risks and in some cases, turn them into opportunities. With the increasing costs of implementing compliance systems and risk management measures, questions are often asked about their ‘worth’ to an organisation. In this paper, the costs of non-compliance as well as the benefits of good compliance and risk management programs are considered. Continue reading

#132 – 5 LESSONS I LEARNED FROM A SUCCESSFUL ISO 9001:2015 CERTIFICATON AUDIT – LILLIAN ERICKSON

Featured

2016-nl-bl-author-lily-ericksonThe publication of ISO 9001:2015 in September generated much anxiety among companies fearing a bumpy transition to the new and significantly changed international standard. Admittedly, we at MasterControl were not immune to those worries.

Despite having quality experts involved with the ISO changes since they were proposed some years ago, even we did not know how our ISO assessors would apply the new requirements, what evidence they would expect to see, and how to pre-emptively satisfy their expectations. Continue reading

#132 – A, B, AND C’S OF CAREER ADVANCEMENT – JOHN AYERS

Featured

AAAYou may have heard about the Peter Principle (every employee tends to rise to his/her level of incompetency) and Putt’s law (the most competent person tends to sink to the bottom while the least talented person rises to the top). You have not heard of the A, B, C Theory because it is mine. I will explain what it is and you decide if there is any merit in it. Continue reading