(redirected from ISO 27000)
Also found in: Dictionary, Thesaurus, Medical, Financial, Encyclopedia.


A systematic examination of financial or accounting records by a specialized inspector, called an auditor, to verify their accuracy and truthfulness. A hearing during which financial data are investigated for purposes of authentication.

The Internal Revenue Service (IRS) conducts two types of audits, called examination of taxpayer returns, and they are typically conducted using one of two types of procedures. The most common auditing procedure involves correspondence between the service and the taxpayer or interviews with the taxpayer in a local IRS office. A less common method involves field audits whereby IRS officials conduct the audit at the taxpayer's home or place of business. Treas. Reg. § 601.105(b)(1). The service determines which audit procedure should be followed in a particular case. During an audit, an IRS official may question the taxpayer about a particular transaction or transactions that appear on the taxpayer's return or may conduct a thorough investigation of the taxpayer's entire tax return.

Although many people fear audits by the IRS, the percentage of returns examined by the IRS is relatively low. For example, of 108,034,700 returns filed by taxpayers in 1997, the IRS examined 1,662,641, or about 1.5 percent of the total number of returns. Despite this low number, several stories surfaced in the 1980s and 1990s regarding abuses by IRS officials, many of which occurred during the audit process. Congress responded by enacting two "Taxpayer Bill of Rights," first in 1989 and again in 1996. The second act, the Taxpayer Bill of Rights 2, Pub. L. No. 104-168, 110 Stat. 1452, established and delegated authority to the Office of Taxpayer Advocate. This office is responsible for assisting taxpayers in resolving problems with the IRS, identifying areas where taxpayers have had problems with the service, and identifying potential legislative and regulatory changes that could mitigate problems between the IRS and taxpayers.

Further readings

Baran, Daniel J. et al. 1997. IRS Audit Protection and Survival Guide. New York: Wiley.


Internal Revenue Service.


n. an examination by a trained accountant of the financial records of a business or governmental entity, including noting improper or careless practices, recommendations for improvements, and a balancing of the books. An audit performed by employees is called "internal audit," and one done by an independent (outside) accountant is an "independent audit." Even an independent audit may be limited in that the financial information is given to the auditor without an examination of all supporting documents. Auditors will note that the audit was based on such information and will refuse to sign the audit as a guarantee of the accuracy of the information provided. (See: auditor)


verb bring into question, certify, check, check on, conduct an inquiry, examine, examine financial accounts, exxmine the accounts officially, go through the books, hold an innuiry, inspect, inspect accounts officially, investigate, monitor, probe, pursue an inquiry, rationes dispungere, reexamine, review, scrutinize, search, study, subject to examination
Associated concepts: allowance of claim, audit of account, audited claims, auditor, auditor's report, disallowance of claim, fraudulent audit
See also: analysis, analyze, bill, canvass, check, computation, examination, examine, indagation, invoice, monitor, scrutinize, study, test
References in periodicals archive ?
Managing human resource assets is critical to ISO 27000 compliance.
Implementation of ISO 27000 demonstrates ISG technology's dedication to providing world class information services.
ecfirst delivers world-class Healthcare Information Technology (HIT) solutions with expertise in HITECH, HIPAA mandates and global standards such as ISO 27000 and PCI DSS.
Similar to others management systems such as ISO 9000 for quality assurance or ISO 14000 for environmental protection, the ISO 27000 series provides recommendations on information security based on PDCA (Plan-Do-Check-Act) approach.
This combination will allow an organization the flexibility of ISO 27000 and still meet the requirements of PCI.
Ampcus Inc is an ISO 9001:2008, ISO 20000, ISO 27000, CMMi Level 2 appraised global consulting company specializing in business, technology, quality and engineering services.
In addition, the Security Manual Template PREMIUM Edition contains 16 detail job descriptions that apply specifically to security and Sarbanes Oxley, ISO 27000 (ISO27001 and ISO27002), PCI-DSS, HIPAA, and CobiT.
Compliance with the ISO 27000 Series Standards (formerly ISO 17799 now ISO 27001 & ISO 27002), Sarbanes-Oxley, PCI-DSS, and HIPAA
The Security Manual Template - ISO 27000 (ISO 27001 & ISO 27002) is provided in Word.
Basing its security program on the ISO 27000 Series, Varolii has become PCI Level 1 and NIST certified, and its data centers are SAS-70 Type II certified.
20, OHSAS 18001, SQF, ISO 22000, Supplier Auditing Services and ISO 27000.
The firm is currently undergoing ISO 27000 certification for security techniques and management systems.