6. Detailed Document Review

Specifically this is the SHALL requirements of ISO 20121 where it refers to documentation.

See a list of documentation requirements here.

 

The auditors should consider if the information in the documents provided is:

  • — complete (all expected content is contained in the document);
  • — correct (the content conforms to other reliable sources such as standards and regulations);
  • — consistent (the document is consistent in itself and with related documents);
  • — current (the content is up to date);

The documents being reviewed cover the audit scope and provide sufficient information to support the audit objectives;

The use of information and communication technologies, depending on the audit methods, promotes efficient conduct of the audit: specific care is needed for information security due to applicable regulations on protection of data (in particular for information which lies outside the audit scope, but which is also contained in the document).