Audit

Auditing can tell you where you stand!

Audit or revision is a method to identify discrepancies and possibilities. In the field of records management we audit IT systems, archives, security, governance and processes.

We can also audit the handling of personal data and other significant tasks and processes that pertain to the use of business critical information.

We measure against internal requirements and international standards in the ISO 30300 and ISO 27000 series, and conduct our audits in a manner that ensures value for everyone involved.

On the basis of hundreds of audits using ISO 30301 og ISO 15489, we can also develop maturity models, which can give valuable insights into the current status of the records management of your company or organisation.

Audit continuum model for records management

The audit continuum model below visualizes how an audit can be planned and incorporated into an annual wheel, and gives an overview of the areas that might be relevant to audit.

Audit continuum ENG
Examples of audits

  • In order to develop a new strategy, a company is in need of an overview of the processes that relate to records management, archiving and the handling of personal data.

  • A municipality needs a new digital strategy and requires an audit of its ESDH and document handling.

  • A company wants to develop a strategy for its historical archive and needs an overview of the challenges and possibilities in regards to the management and classification of personal data.

  • An organization has large amounts of physical and digital records and documents, which needs to be sorted. Auditing helps map out the current status.

  • A company is experiencing difficulties finding patent documentation - an example of a burning platform. Through an audit of the document and archival practices of the company's development division, the weaknesses and possibilities for improvement can be identified.

  • A company is planning to sell one of its product lines and as a part of the due diligence process, the relevant business critical information needs to be mapped out.

  • An organization is interested in learning if their records management is at a suitable level. The organisation is audited using ISO 15489 and placed in a model of maturity, which spans a peer group consisting of the average audit findings from 19 anonymized organisations.