Skip to main content

Search

Filter by

Search our content by date or relevance.

Course code
PT220
Course code
Duration

Minimum of 14 hours

Category Auditing
Level Practitioner
Scheme(s)
Information security

ISO/IEC 27001:2022 Internal Auditor (Information Security Management Systems)

This course aims to provide learners with the knowledge and skills required to perform an internal audit of part of an information security management system based on ISO/IEC 27001 (or equivalent) and report on the effective implementation and maintenance of the management system in accordance with ISO 19011. 

Working together to shape the future of auditing

Published:

Jennie Clark CQP MCQI, Director of Elliem Consulting and Vice Chair of CQI’s new Audit Special Interest Group, says the recently formed group will work to enhance the status of auditors.

Author: Jennie Clark, Director of Elliem Consulting.
  • Auditing
  • Formed in May 2021, the CQI’s Audit Special Interest Group (SIG) has had an exceptionally busy and productive first six months. The level of interest at the time of the launch was high and it’s grown exponentially since then. I have been delighted to be part of that journey.

    The initial workshop allowed us to help shape and define the purpose of and mission for the SIG and soon after that we held elections for the roles of Interim Chair, Interim Vice Chair and Interim Secretary and I was delighted to be elected as Interim Vice Chair. I’ve really enjoyed the challenges the role has given me, and working with William Rankin, who is the Interim Chair of the SIG, has been energising and encouraging – our discussions are always a tonic, particularly if it’s been a tough day.

    Those of us attending the early meetings were asked to define what we wanted the SIG to achieve, and my input was a wish to change the focus and image of audit to one of positivity and a tool seen as driving forward improvement. Other points included:

    • seeking to learn from others collaboratively, sharing knowledge, skills and good practice with other audit professionals
    • being a reliable information source for audit groups globally, with the creation of a social platform where auditors/quality consultants can belong to, share their experiences, and learn from each other without fear or bias, despite their locations or organisations (IAA, CQI/IRCA, ASQ, and so on)
    • the promotion of understanding and practice of management system standards (MSS) and auditing
    • enhancing the status of auditors across disciplines as a result of the value they add to businesses through their work
    • improvement in the effectiveness of auditing techniques, and ensuring these are up to date.

    Our workshops have had global attendance and generated some really useful debate and thought leadership. Remote audit was quickly identified as our ‘go to’ topic for the initial focus of the SIG, and the launch of our survey on 29 July brought in more than 150 valued responses from a wide range of auditors operating in different countries, sectors and disciplines. Feedback from the survey, which sought to evaluate thinking on a range of issues, will help shape future work undertaken by the SIG and provided a really sound insight for the SIG to work with going forward. As I mentioned earlier, I was delighted to be able to present a summary of the outcomes at our World Quality Week event on 8 November.

    In late October, the SIG launched its own page on LinkedIn and this has allowed the work of the group to be shared on a wider platform. I’m one of the managers of the LinkedIn page and it’s been really rewarding to see the membership grow and with it the range and depth of topics that are being contributed. With more than 150 people now linked up to the SIG through this route, we have seen yet more global engagement and some really good debate being sparked – providing yet more food for thought for the future.

    Timed to coincide with World Quality Week, we ran our first webinar on 8 November, showcasing thoughts from around the globe with a central theme of remote audit. SIG Chair William Rankin chaired the event and contributions from SIG members put a very personal perspective on the topic. We hosted a second webinar in December, bringing to the table more input on remote audit, and considering how audit can provide businesses with insight on risk.

    I knew the SIG was needed, but I’ve been blown away by the energy that has come from the members and the really global nature of that membership. The work to date has been incredible and seeing over 300 people sign up for our first webinar gave me the thumbs up for the work we are doing. The group has a huge sense of purpose and vibrancy and I’m really looking forward to the work ahead. We live in changing times and it’s vital that audit keeps pace with the world in which we live and work, wherever that is. The SIG has so much to offer and an incredible enthusiasm to really drive forward change and thinking, and I am proud to be the current Interim Vice Chair.

    Join the audit SIG today.

    Quality 4.0: The employer’s perspective

    Published:

    Quality 4.0 has been a talking point within the quality profession for some time now, so it was a good topic to focus on at the CQI’s last corporate partner event.

    Author: Ian Howe
    Head Of Commercial Development, CQI
  • Auditing
  • Quality assurance
  • The discussion centred on the first phase of our Quality 4.0 research programme and its results. These results include a working definition of Quality 4.0 and eight principles to help quality professionals respond positively and effectively to digital transformation. It was insightful to hear employer views and experiences on a range of subjects including big data, technology, context, assurance, improvement and leadership.

    Big data 

    The group looked at what organisations have adopted, or need to adopt, to deal with big data. This includes data governance, architecture, engineering and analytics, and how business is now using this as a strategic asset.  

    • Data management – everyone agreed on the need to aggregate and compare data captured from a variety of business units, but the main learning is: keep it simple. Different projects are using data differently, so it’s important to get processes right before overlaying technology
    • Data language – supplier visibility and lean systems will allow organisations to develop a common data language and align toolsets throughout the supply chain
    • Data governance – investment is moving towards data governance, so organisations can produce quality forecasts. Quality could then become a tool that supports predictions as well as reporting

    Our corporates recognise that they need to manage data architecture with tools and techniques to optimise data, and focus on areas where people can make decisions. A cross-functional integrated approach will help to achieve this and avoid unconscious bias.

    Technology 

    Technology is a continuously developing asset and many different technologies are driving the need for Quality 4.0. Artificial intelligence, machine learning, robotics and blockchain are all major drivers. Employers acknowledge that while managing quality doesn’t tend to involve much use of technology, more experimentation is starting to take place including:

    • Drone inspections
    • Visual inspection automation
    • Digital rehearsal
    • AI algorithms to deliver assurance outcomes

    Context 

    Our corporate group also looked at the potential challenges of implementing Quality 4.0 and the knowledge they can take from their own organisations and other sectors. Some key points were noted:

    • Boundaries – these are blurring within organisations and the supply chain 
    • Interchangeability – is powerful for customers, but will need to be managed closely  . Flexibility and choice, however, could result in mistakes and impact negatively on the end result
    • Traditional regulation approaches – have to align with a smarter, quicker industry, without losing confidence. The regulatory environment is still very compliance focused, and performance-based regulation is lagging behind
    • Managing Quality 4.0 relationships – organisations are finding that to apply Quality 4.0 they need to navigate between regulators, customers and suppliers, whose understanding of, and appetite for, digital transformation varies  

    Assurance

    Another point raised is the desire to move away from traditional assurance methods, and investigate data and technology options that offer value and won’t become obsolete in a few years. Distributed ledger technology is an example of this. However, the design of data and analytics infrastructures must be flexible, so that audit fatigue is not replaced by fatigue from management and assurance system interfaces.

    Improvement 

    Big data and analytics will influence improvement so it becomes proactive (what could go wrong) rather than reactive (what has gone wrong). Real-time information and technology should give leaders and decision makers the performance information they need more efficiently, helping them to act quickly.

    New quality partners are entering the profession, organisations that are experts in predictive analytics are proving their worth, and digital planning is showing itself to be an extremely powerful tool. Everyone understands that improvement can’t be led by one profession. To maximise opportunities, organisations must have a fully integrated approach.

    Leadership and people 

    There’s a huge opportunity for the quality profession to lead organisational strategy in Quality 4.0, but that opportunity could become a threat if we don’t embrace change and progression. If Quality 3.0 was seen as having challenges, this attitude could make applying Quality 4.0 more difficult.

    However, the following will help us prepare to meet challenges:

    • Developing quality leadership skills around fluency in big data and technology
    • Making cultural and leadership changes
    • Supporting a shift from compliance and correction to risk prevention and performance improvement
    • Increasing diversity within the quality profession
    • Training quality professionals in new hard and soft skills  

    What does Quality 4.0 mean for the quality profession? 

    By embracing change and technology, the quality profession can play a big part in the way organisations harness change and progress. The CQI will continue to produce tools and assets to help keep our members and the profession informed about key developments around this crucial subject.  

    Find out more about Quality 4.0.

    Boosting manufacturing recovery with LPAs

    Published: 9 Jul 2021

    At EASE Inc, Chief Executive Eric Stoop says that layered process audits hold the key to greater product quality and a faster manufacturing recovery.

    Driving clinical improvement in the NHS through audit management

    Published: 9 Jul 2021

    Improvement, Innovation and Effectiveness Lead Tracey Brailsford at Derbyshire Community Health Services NHS Foundation Trust explains how a cloud-based system is helping senior leadership and frontline staff learn from performance and continually improve services for patients. 

    Continuing risk-based audits during a pandemic

    Published: 8 Jul 2021

    Gordon McNeil, IRCA Principal Auditor, has conducted audits globally in a variety of industries, including nuclear, defence, aerospace and civil aviation. He shares his experience and advice on how remote audits can continue to be conducted during the Covid-19 pandemic.