Doaa - thank you for the reply. Note that the Tech Talks do not fully cover all the details of the audit process, but are intended as overviews for the most part. Draft audit results are ALWAYS reviewed with auditee for validation and understanding and then revised as/if needed before they are set to final - that has been the process for years. The Tech Talk cites additional resources to get more details.
Listen carefully at 5:39. After the audit, the auditor will reports to ISACA. ISACA will communicate the result and action to the auditee. This communication does not necessarily mean validation. It is just informing the auditee about the result and the action. The auditor, the quality team and the internal ISACA CMMI SMEs discuss the audit result and take action without validation with the auditee!! Is this fair? Is this objective?
Doaa - thank you for the reply. Note that the Tech Talks do not fully cover the details of the audit process. Draft audit results are ALWAYS reviewed with auditee for validation - that has been the case for years.
