Value Added Auditing™ is the first 400-page (8″ x 10″ trim) process and risk based manual for conducting operational, IT, cyber, and supply management assessments. Please read: Value Added Auditing: Your Best Assessment Tool.
Value Added Auditing cost is $89.00 plus S/H $6.00 in US. Offshore shipping costs are handled individually. To order: GregH@CERMAcademy.com
The objective of the manual is to enhance 1. Risk-based problem solving and 2. Risk-based decision making. Value Added Auditing can be used as a ‘how to’ primer or reference for the following assessments:
- ISO 9001, ISO 14001, and other ISO management system assessments that focus on continual improvement and achieving business objectives. The book is harmonized to ISO 19011:2011.
- Internal 9001:2015 process and risk audits (first – party).
- Second party 9001:2015 audits of suppliers.
- Standard manual for third party 9001:2015 audits.
- Internal auditing (Yellow Book/Red Book/Quality) providing independent and objective assurance that an organization can accomplish its business objective
- Business assurance assessments including compliance, maturity, capability, and benchmarking.
- Supplier auditing that may involve forensics, assurance, and analytics.
- Risk based Information Technology (IT) audits including ISO 27001, COBIT, ITIL, HIPAA, PCI, FISMA, and SOX assessments.
- Assurance and opinion audits based on international standards.
- Risk assurance assessments ensuring an organization can meet its governance, risk, and compliance (GRC) objectives.
- Critical Infrastructure Protection (CIP) assessments including risk assessments, vulnerability, NERC CIP compliance, cyber security, resilience and CIP assessments addressing Presidential Policy Directive (PPD-21) – Critical Infrastructure Security and Resilience.
- Agreed Upon Procedure (AUP) engagements including reporting findings based on reviewing specific procedures.
Value Added Auditing is the primary text for the Risk Assurance element of the Certified Enterprise Risk Manager® certificate program. Visit www.CERMAcademy.com.
US Department of Homeland Security (DHS) certified Value Added Auditing as a ‘Qualified Anti-Terrorist Technology’ under the Safety Act as a critical elements of Critical Infrastructure Protection: Forensics, Assurance, Analytics®.
CHAPTERS
Part I: Value Added Auditing Fundamentals
Chapter 1 – Today’s Competitive Marketplace
Chapter 2 – Governance and Auditing
Chapter 3 – Value Added Auditing 101
Chapter 4 – Enterprise Risk Management 101
Chapter 5 – Process Management 101
Part II: Managing Value Added Auditing
Chapter 6 – Managing the Value Added Audit
Part III: Planning the Value Added Audit
Chapter 7 – Step 1: Understand Audit and Business Objectives
Chapter 8 – Step 2: Notify/Visit Auditee
Chapter 9 – Step 3: Understand Auditee’s System, Process and Product Documentation
Chapter 10 – Step 4: Develop Audit Plan
Chapter 11 – Step 5: Develop Audit Survey
Part IV: Conducting the Value Added Audits
Chapter 12 – Step 1: Assess Organizational Maturity
Chapter 13 – Step 2: Assess Process Capabilities
Chapter 14 – Step 3: Assess System/Process Risks
Chapter 15 – Step 4: Evaluate Control Effectiveness
Chapter 16 – Step 5: Assess Evidence
Chapter 17 – Step 6: Issue Opinion
Chapter 18 – Step 7: Conduct Exit Meeting
Part V: Reporting Value Added Audit Results
Chapter 19 – Step 1: Communicate Audit Results
Chapter 20 – Step 2: Decide Audit Report Format
Chapter 21 – Step 3: Correct – Prevent – Predict – Preempt
Chapter 22 – Step 4: Maintain Audit File
WHO IS THE AUTHOR?
Greg Hutchins Is the principal engineer with Quality + Engineering. He has written a number of best selling ISO 9001, supply management, and quality books as shown on the right.
Greg coined, trademarked, and evangelized the expression Future of Quality: Risk® for almost 20 years. A little more background may also help:
- Founder of 800Compete.com, CERMAcademy.com, WorkingIt.com, and other startups
- Principal Engineer with Quality + Engineering, a Critical Infrastructure Protection: Forensics, Assurance, Analytics® engineering firm.
- Risk engineer and consultant for global companies.
- Developer of Future of Quality: Risk slide deck that went viral on Linkedin.
- 9001, ISO 14001, and ISO 27001 management systems consultant.
- Lead instructor and consultant for one of the first North American certification bodies.
- Author of best selling ISO 9001 (translated into more than 8 languages).
- Author of Value Added Auditing™ – the first risk-based, quality-auditing and assurance book.
- Author of multiple risk-based, auditing books, which have been approved by national authorities.
- Author of 100′s of quality and risk articles for ASQ, PMI, IEEE, IIE, QD, and many other journals.
- Developer of Certified Enterprise Risk Manager® and other risk certificates.
- Founder of CERM Risk Insights™ emagazine with a circulation that is doubling each year.