What is the Purpose of Abriska 19011?

Abriska 19011 was designed to enable organisations to define a process and approach to conducting risk-based audit management and tracking all related findings and actions that result from management system audits. As the name indicates, the software has been designed around the guidance within ISO 19011, the International Standard for Undertaking Audits against Management Systems. With Abriska 19011, your organisation can plan multiple audits and schedule these over time to manage the full audit lifecycle.

With each audit undertaken, individual findings can be raised, investigated, analysed and appropriate corrective actions identified. Findings and actions can be related to clauses from the management system standard under review or specific control requirements which have been included within the risk assessment module of Abriska (e.g. the 93 controls from Annex A ISO 27001:2022)

What Type of Organisation is Abriska 19011 Particularly Suited to?

Basically, any organisation that needs to conduct management system audits. Abriska 19011 can be applied to any management system such as quality (ISO 9001), information security (ISO 27001) or business continuity (ISO 22301).  Abriska 19011 is the perfect accompaniment to the suite of Abriska risk assessment modules.

What are its Key Features?

  • Audit multiple management systems within a single interface
  • Plan audits across multiple years, allocating responsibility to individual auditors
  • Track all findings associated with an audit, through a customisable workflow-based system e.g. nonconformities may follow a defined workflow including root cause analysis, corrective actions and follow up audits
  • Integrates with the risk management modules within Abriska (Abriska 22301, 27001 and 31000)
  • Notifications and reporting ensure that audits and findings are completed within a timely manner and provide management with a view of all outstanding issues within the organisation.

What are its Benefits?

  • Consistent and Repeatable – As the ISO 19011 standard provides guidelines for auditing management systems (e.g., ISO 9001, ISO 22301 and ISO 27001), we have designed Abriska 19011 to operate with the requirements, providing your organisation with a compliant tool.
  • Flexibility – The audit and action tracking module of Abriska is designed to allow your organisation to customise the methodology and tailor to the users requirements.
    Abriska 19011 is a highly cost-effective and robust software product which can help in automating the planning, operation, tracking and reporting of management system audits and can be very easily integrated with the Abriska risk management modules.

How Does it Work?

Abriska 19011 enables an organisation to define a process and approach to conducting risk-based audit management and tracking all related findings and actions that result from the audit.

  • Each audit can be assigned to control categories. These strategies can then be reported against and help to plan future audits.
  • Your organisation can schedule audits and, using the customisable workflow system, can track findings and actions raised as a result of audits through to completion.
  • The workflow is constructed from steps that can be arranged in any sequence. Each step can be customised to request a variety of different inputs, prompting users to answer questions or specify the costs associated with a particular action.
  • Analyse nonconformity
  • Root cause analysis
  • Corrective actions
  • Follow up audit

This level of granularity ensures that all data required for a detailed audit is captured.Organisations without an established audit process can take advantage of the pre-configured, best practice settings provided within Abriska.

With Abriska, your organisation can record all types of audits including external audits and their findings. This means whichever standards you are being audited against, you can record these against the audited areas and incorporate the auditors’ feedback into your own internal audits and spot-checking.

Book a Tailored Demo Now
We have been using Abriska to support us in carrying out the risk assessment that underpins our ISO27001 certification for some years now. It helps us to easily group and organise our assets, identify threats and vulnerabilities and determine justifiable risk scores. It centralises all of our risk assessment documentation and offers a range of useful extracts such as a statement of applicability and risk register that take much of the work out of the risk assessment process and allow us to focus on remediation.
Economic Consultancy