| Audit type: | Process audit |
|---|---|
| Audit status: | open |
| Audit coverage: | IT Services |
| Auditor: | Sandra Meier |
|---|---|
| Audit planned date: | August 15, 2024 ◉ |
| Audit execution date: | June 27, 2024 |
Overview
The audit was carried out in accordance with the previously communicated audit plan. The inspection of the server rooms planned for the 2nd day of the audit has to be canceled for reasons of time. A catch-up date was therefore agreed. The audit was carried out taking into account the ISO9001 quality criteria, as the company is aiming for certification.
All of the planned aspects were adequately discussed.
Considered aspects of the regulations
- Organization context and interested parties
- Dealing with risks and opportunities
- Operational processes IT service, process landscape, interfaces and ticket system
- Identification and systematisation of binding obligations
- Assessment of performance and improvement
- Application of operational ticket processes and compliance
- Training and knowledge of the organization
- communication
- Document control
- Order processing
- Work and test equipment
- Evaluation of service providers / contractors
- Production / service provision
- CIP topics
Conclusion
The IT service was audited as part of the internal audit.
Numerous positive findings were made in the course of the internal audit. This particularly applies to the leadership role of the team leader. Their active leadership has positive effects on the implementation of processes and measures, such as B. the handling of the ticket system "Easy Redmine". The employees are actively informed and trained by the managers.
Many specifications and processes from the management systems are actively implemented and are easy to understand.
Individual results
Describe the results by regulations aspect.
Communications
The employees were trained with regard to the changes in the process documentation and how to use the Easy Redmine software (group training on April 10, 2021). The Easy Redmine process overview and individual company processes were presented. The audited employees are familiar with handling Easy Redmine.
The inquiry process was audited as an example.
Based on the message "Contact request for personal data" from May 3, 2021, the process flow was verified in Easy Redmine. The process was easy to understand and corresponded to the specifications of the ticket system documentation in the IT service manual. The necessary steps in the course of processing have been properly carried out.
Other documents viewed:
Proof of training for Rüdiger Strauss from April 10, 2021 (area-related processes / Easy Redmine)
Proof of authorizations Mr. Rüdiger Strauss
SW analysis
List of all strengths and weaknesses observed during the audit.
| Strength | Weakness |
|---|---|
|
|
