How is evaluation in auditing best described?

Evaluation in auditing is best described as an objective procedure. This means that the process relies on impartial criteria and systematic methodologies to judge the effectiveness and compliance of an organization's management system with established standards. Objectivity ensures that the auditor's findings are based on evidence and facts rather than personal opinions or biases, which is critical for maintaining the integrity of the audit process.

Assessing nonconformity is certainly an important aspect of auditing, as it involves identifying areas where an organization's practices do not align with the requirements of standards like ISO/IEC 27001. However, this is just one part of the broader evaluation process.

While there can be subjective elements in interpreting data or findings, the evaluation itself aims to be objective to ensure reliability and accuracy in the audit conclusions.

A standardized method refers to consistent procedures utilized in auditing, which helps ensure comparability and consistency across different audits and organizations. Although standardized methods contribute to the evaluation process, they do not fully encompass what is meant by evaluation itself.

In summary, the essence of evaluation in auditing lies in its objective nature, whereby evidence is assessed against established criteria without the influence of personal judgment, ensuring credibility and transparency in the findings.