At the outset of the interview, the auditor should state the purpose of the interview and confirm with the respondent that the interview corresponds to the arrangements made earlier. No one likes to be surprised in showing up for an interview just to find it is not the interview they were expecting. Here are a few steps to facilitate productive interviews:
Take a moment to state the purpose of the interview. Auditors may wish deliver the goals of the interview at the beginning. Take another moment to briefly establish a personal rapport. Do not digress during the interview, stay on track. Mirror the voice, tonality, volume of speech, eye contact and rate of the respondent Ask if the auditor can take notes. Ask if they want copies of the auditor's interview notes. Be a good listener; wait for the respondent to reply. Allow the respondent time to think. Answer any questions from the interviewee. Keep it professional, avoid familiarity. Review responses for accuracy. Typical questions should cover at least the following basic topic areas: What is the nature of your business? Briefly describe your business unit's operations. How many employees are there? What are their duties? Where are their workstations and their respective locations? What was the date of the last hardware/software inventory? Where is the location of the inventory documentation? What was the date of the last risk analysis? Is there a risk management program? Where is the documentation? When was the last test of your disaster recovery/business resumption plan? Provide documentation for these business processes: Policies, procedures, standards Human resources, data and facilities safeguards Last audit documentation Legal and regulatory issues Human resources issues Employee training and continuing education Security awareness program Business unit or organizational issues