The organization conducts internal audits in accordance with its internal audit procedure. The aim is to check:
Documented information on the execution and results of audits must be kept.
Organisation carries out data security auditing regularly. Auditing is used to identify e.g. problems and development needs in data systems and system providers activity.
Important auditing partners should be listed on Other stakeholders -list.