1.7 KiB
Title: Internal Audit Plan Template Document ID: [REG-AUDIT-PLAN-001] Version: 0.1 Draft Status: Draft Owner: CISO (Paul Jenkins) Approver: CISO (Paul Jenkins) Classification: Internal Effective date: [DD Month YYYY] Review date: [DD Month YYYY]
Internal Audit Plan Template
Purpose
This template provides the structure for planning internal ISMS audits across the audit cycle.
Scope
This plan applies to internal audit activities covering governance, controls, processes, evidence, and improvement actions within the ISMS scope.
Data Fields / Expected Columns
The audit plan should record at least:
- audit reference
- audit topic or scope
- audit criteria
- planned period
- assigned auditor
- auditee or owner
- status
- report due date
- follow-up required
- notes
Ownership
This plan should be owned by [Role]. Audit leads should maintain planned dates, status, and follow-up information.
Update Frequency
The plan should be updated when audits are scheduled, rescheduled, completed, or when follow-up activity changes status.
Retention
Audit planning records should be retained with related audit outputs in line with retention and audit traceability requirements.
Template Table
| Audit Reference | Audit Topic / Scope | Audit Criteria | Planned Period | Assigned Auditor | Auditee / Owner | Status | Report Due Date | Follow-up Required | Notes |
|---|---|---|---|---|---|---|---|---|---|
| [AUD-001] | [Topic / area] | [Policy / standard / clause] | [Month / Quarter] | [Name / Role] | [Role / Team] | [Planned / In Progress / Complete] | [DD Month YYYY] | [Yes / No] | [Notes] |
Related Documents
- Internal Audit Procedure
- Corrective Action Procedure
- Management Review Procedure
- ISMS Manual