How ISO/IEC19770-1 certification can help during internal audits

A new stakeholder has taken the stage when it comes to ISO certification: the internal audit!

Blog - July 2023: How ISO 19770-1 certification for ITAM can help you counter internal audits

Take our ISO Readiness Assessment Quiz - find out how your level of readiness in only 10 minutes!


In 2021, ITAM Forum conducted a business impact survey to get insight in the perceived benefits of organizational certification to support the creation a certification scheme for the ISO/IEC19770-1 standard. The highest scoring benefit at that time was the management of internal stakeholders, stating “It will enable us to demonstrate good governance to internal stakeholders such as senior management or other IT departments or business units”

19770-1 organisational certification - business impact survey

That was in 2021, but in 2023 the first certifications have been awarded and the landscape has shifted somewhat. While the certification itself as well as the road towards it can be successfully used as communication tools for internal stakeholders like expected we see the trend that a new stakeholder has taken the stage: Internal audit.

There are several reasons to trigger internal audit’s interest for ITAM:

  • Increased interest in sustainability of IT, especially carbon footprint and IT asset disposition.
  • The continuing pressure on IT to do “more with less”
  • The realization that IT security themes like GDPR and data loss hinge on IT Asset Management.

Just like with an external audit, the key is to stay in control of the process. And that is where the ISO/IEC19770-1 comes into the picture.

  • You can use the standard as a checklist for the audit, to prevent auditors dreaming up a questionnaire of their own.
  • The standard (with or without the intention to formally certify) provides a roadmap for improvement in the future.
  • The standard focuses on establishing the scope for the ITAM framework before drafting a ITAM plan. You can use this to your advantage and manage expectations for not just the current audit, but also those to come in the future.

The most important thing to remember is, the audit will inevitably find gaps and areas to improve, no matter how mature your ITAM program is. But even if you’re still a long way from certification, or may not even have certification on your roadmap, you will still benefit from knowing where improvements are needed before internal audit comes around.


Want to know more about ISO certification for ITAM? Book your free meeting with our lead consultant for ISO: Ash Dharas