Page 23 - COP 2016-2017
P. 23
PDAid’s six recent audits:
Audit type Deviations Observations
2017 June 17 Periodic audit 0 4
2016 April 14 Re-certification audit 0 2
2015 August 27 Periodic audit 0 2
2014 September 18 Periodic audit 0 4
2013 March 6 Re-certification audit 0 3
2012 September 17 Periodic audit 0 1
PDAid considers its system all-embracing and robust, which is
supported by the evaluations and conclusions drawn by DNV-GL.
The Norwegian business assurance agency, DNV-GL, sent PDAid a
Management Report after their periodic audit in June 2017. The
report specifies the management conclusion beyond focus areas.
Conclusions pertain to PDAid’s performance within the auditing
period, including commendable initiatives and observations. The
column “Observations” refers to conditions to which DNV-GL
suggests further improvement. PDAid has implemented the
vast majority of these observations, although the company is
not obligated to do so.
Based on the periodic audit in June 2017, Lead Auditor Jens H.
Oestergaard noted several creditable initiatives:
Jens Oestergaard mentions that PDAid’s two “IT attacks in 2017
were handled well, and solid improvements have been made”,
referring to attacks on the IT structure and major initiatives that
have been taken, including the outcome of the first Deloitte
“hacker” report, revealing potential breaches. The Lead Auditor
continues: “the methodology and scheme for CSR risk assessment
have been adapted to include the risk assessments according to the
new standards”. Furthermore, he considered the GAP analysis in
relation to the new versions of ISO 9001 and ISO 14001 to be
adequate and having reached appropriate conclusions.
| 23
