The number of days assigned to a third-party audit is not determined by the auditee’s availability, but by the audit program, which considers the audit scope, objectives, criteria, risks, and resources12. The auditee’s availability is only one factor that affects the audit planning and scheduling, but not the audit duration3. Auditors approved for conducting onsite audits do require additional training for virtual audits, as there are significant differences in the skillset required. Virtual audits pose different challenges and opportunities than onsite audits, such as communication, technology, security, and evidence collection4 . Auditors need to be familiar with the tools and techniques for conducting remote audits, as well as the ethical and professional behavior expected in a virtual environment . References:

PECB Candidate Handbook - ISO 27001 Lead Auditor, page 18

ISO 19011:2018, Guidelines for auditing management systems, clause 5.3.2

ISO 19011:2018, Guidelines for auditing management systems, clause 6.3.1

Deloitte - Conducting a Virtual Internal Audit, page 1

[A Guide to Conducting Effective and Efficient Remote Audits], page 1

[ISO 19011:2018, Guidelines for auditing management systems], clause 7.2.3

[Remote Auditing Best Practices & Checklist for Regulatory Compliance], page 1