Changing the Audit Focus to a Performance Based System where the audits are driven by needs related to both System Performance and Management Objectives rather than by simple schedule.

For maximum benefit the internal management systems audits should connect with an overarching objective to evaluate "risk".

IS031000, defines risk as: "An undesirable situation or circumstance that has both a likelihood of occurring and a potentially negative consequence" or the "effect of uncertainty on objectives".

It is increasingly understood that the explicit and structured management of risk brings benefits.

It is common for internal audit programs to be developed on an annual calendar that predicts which aspects of the Quality Management System are going to be audited.