Audits, specifically those done to prove compliance with an ISO standard, are on-site verifications which include inspections and thorough examinations of your organization’s systems that verify their compliance with a certain ISO standard. This is done to ensure sufficient compliance with the requirements of the management system(s) and to track and improve the efficiency of your operational processes. There are various types of audits depending on what they are meant to audit or who your auditors are, each with their own range of unique benefits. We will talk about the different types of audits you will experience in each cycle of your certification, some of the requirements of each type of audit, their purpose and goals, how they will help you as an organization, and the overall importance of auditing to the growth of your company.
The classification of audit types is based primarily on the relationships between the participants and the examiners. ISO audits have 2 main types, Internal and External Audits.
These are performed by internal auditors who are employed by the organization being audited and are also known as first-party audits. They’re performed within a company to verify the efficiency of their own adopted procedures and check for conformance to international standards and possible shortcomings. An internal auditor typically has a working knowledge of your organization and knows “what makes your company tick”. Internal audits are meant to dive deeply into your processes and uncover anything and everything that could or might be a non-conformance to the External Auditor. It is during Internal Audits that you want to find, report, and later act on these findings to help improve your organization.
When conducted by an audit team comprising of employees from a different department, you can maintain impartiality and ensure less conflict of personal interest. If provided with the appropriate training, these teams of internal auditors can offer objective insight with the added advantage of knowing the context of the organization inside out by virtue of working there and offering more specific feedback in view of it.
Internal audits allow you to inspect your company and ensure compliance with laws and regulations in a more casual environment with lower stakes. Because the internal auditor is typical a colleague, you should feel much more at ease when the auditor is around. The Internal Auditor is your friend! As with any audit, you do not want to hide information or mislead the auditor to make the audit go by quicker; you should view these audits as an opportunity to learn and grow from shortcomings and prove to your external auditor that you are working towards constant improvement. They operate as an essential tool in preparing you for your next external audit.
Most international standards include internal audits as an important part of the ongoing process towards continual improvement for an organization because they allow you the opportunity to constantly monitor and review the efficiency of your processes. Internal Audits give your organization an opportunity to identify potential risks and gaps in your system and design corrective actions before they start costing the company. They also help you track and document changes that are important to present to external auditors when seeking certification.
Internal Audits are typically held at least once per year and before external auditors are brought in. Internal audit findings will not put your certification in jeopardy and help to prove to the external or third-party auditor of your compliance with the standard.
If you feel your audits are not adding value to your organization, before you drop your certification, consider if your audits are effective. You may want to bring in a consultant or expert to help your organization truly understand just how helpful ISO Certification is and how important audits are to the continual improvement of your organization.
If you are unhappy with your current audits or auditor, do not feel trapped. Talk to your Certification Body, they should be more than willing to accommodate an auditor change depending on your location, auditor availability and certification cycle. Consider the cost-benefit here. If you are not seeing the value of audits with your current auditor, a slight change in cost for a new one who might have a higher travel cost may be more cost-effective for your organization than simply accepting a lower quality audit. If your CB will not accommodate your change request, know that you are never obligated to remain with a CB. You may want to consider transferring your certificate and understand the cost-benefit from transfer fees to better service or higher satisfaction. When searching for a new CB, express your current troubles and expect an answer for how this new CB will rectify the issues.