(redirected from ISO 27000)
Also found in: Dictionary, Thesaurus, Medical, Financial, Encyclopedia.


A systematic examination of financial or accounting records by a specialized inspector, called an auditor, to verify their accuracy and truthfulness. A hearing during which financial data are investigated for purposes of authentication.

The Internal Revenue Service (IRS) conducts two types of audits, called examination of taxpayer returns, and they are typically conducted using one of two types of procedures. The most common auditing procedure involves correspondence between the service and the taxpayer or interviews with the taxpayer in a local IRS office. A less common method involves field audits whereby IRS officials conduct the audit at the taxpayer's home or place of business. Treas. Reg. § 601.105(b)(1). The service determines which audit procedure should be followed in a particular case. During an audit, an IRS official may question the taxpayer about a particular transaction or transactions that appear on the taxpayer's return or may conduct a thorough investigation of the taxpayer's entire tax return.

Although many people fear audits by the IRS, the percentage of returns examined by the IRS is relatively low. For example, of 108,034,700 returns filed by taxpayers in 1997, the IRS examined 1,662,641, or about 1.5 percent of the total number of returns. Despite this low number, several stories surfaced in the 1980s and 1990s regarding abuses by IRS officials, many of which occurred during the audit process. Congress responded by enacting two "Taxpayer Bill of Rights," first in 1989 and again in 1996. The second act, the Taxpayer Bill of Rights 2, Pub. L. No. 104-168, 110 Stat. 1452, established and delegated authority to the Office of Taxpayer Advocate. This office is responsible for assisting taxpayers in resolving problems with the IRS, identifying areas where taxpayers have had problems with the service, and identifying potential legislative and regulatory changes that could mitigate problems between the IRS and taxpayers.

Further readings

Baran, Daniel J. et al. 1997. IRS Audit Protection and Survival Guide. New York: Wiley.


Internal Revenue Service.


n. an examination by a trained accountant of the financial records of a business or governmental entity, including noting improper or careless practices, recommendations for improvements, and a balancing of the books. An audit performed by employees is called "internal audit," and one done by an independent (outside) accountant is an "independent audit." Even an independent audit may be limited in that the financial information is given to the auditor without an examination of all supporting documents. Auditors will note that the audit was based on such information and will refuse to sign the audit as a guarantee of the accuracy of the information provided. (See: auditor)


verb bring into question, certify, check, check on, conduct an inquiry, examine, examine financial accounts, exxmine the accounts officially, go through the books, hold an innuiry, inspect, inspect accounts officially, investigate, monitor, probe, pursue an inquiry, rationes dispungere, reexamine, review, scrutinize, search, study, subject to examination
Associated concepts: allowance of claim, audit of account, audited claims, auditor, auditor's report, disallowance of claim, fraudulent audit
See also: analysis, analyze, bill, canvass, check, computation, examination, examine, indagation, invoice, monitor, scrutinize, study, test
References in periodicals archive ?
ISG technology's certification for Information Security Management System, ISO 27000, offers a number of major benefits - it guarantees ISG technology's customers' data is safe and that ISG technology provides top-level security regarding the flow and management of information within the organization.
The ISO 17799 standard will be renumbered under the ISO 27000 series of standards as ISO 27002 sometime in 2007 or 2008.
The company's facilities have also been independently certified to FISMA Moderate, and its processes have been successfully audited to SSAE 16 SOC II and ISO 27000.
Candidates will understand how the Critical Security Controls relate to other information assurance standards (such as ISO 27000, NIST 800-53, the NIST Core Framework, and others) and how the controls can be used to meet the goals of those standards.
ISO 27001 is part of the ISO 27000 series of international standards that have been developed to provide a framework around which information security management systems can be effectively implemented.
under the MoU will provide complete consulting and training support for wide portfolio of Management Systems like ISO 9001, ISO 14001, ISO 22000, ISO 17025, OHSAS 18001, ISO 20000, ISO 27000, BS 25999, BRC, Six Sigma, Balanced Scorecard, and Enterprise Resource Planning solutions
Many of these experts hold the Holistic Information Security Practitioner (HISP) certification, which educates practitioners on best practices for implementing multiple industry standards and regulatory requirements for information security and privacy, as well as how to integrate the ISO 27000 Series of Information Security Standards with these security standards and requirements.
Based on the recommendations of NIST, organizations and government agencies that must adhere to data security and data privacy regulations, such as SOX, HIPAA, GLBA, and ISO 27000, should now apply recognized due diligence best practices within their Vendor Risk Management Programs to data recovery service providers.
In addition, OnBase Online is SOC 2 audited, SysTrust and ISO 27000 certified and PCI-DSS compliant - ensuring that student and patient information remains secure.
Imprivata, the #1 independent technology authentication and access management provider for healthcare and other regulated industries, will be hosting a webinar on February 3, 2011 examining how to apply ISO 27000, NIST & PCI DSS v2 to address HIPAA & HITECH mandates.