ISO 9001 Audit Types and their execution
In ISO 9001, there are two main categories of audits: internal and external. Audits are a key component for becoming ISO certified 9001 auditors, and pass the 2-stage registrar audit by an external party in order to become ISO 9001 certified. Below we differentiate the ways audits can be conducted and discuss internal, external and certification audits.
The three ways audits can be conducted are:
Audit Types
Internal audits are audits that are executed by organization and are a self-examination of your organization’s QMS, performed on-site. Internal audits have many advantages including preparing the organization for external audits. The internal auditor must be independent of the area being audited to make sure objective results.
Internal audits are an ISO 9001 requirement and they are analytic to the success of your QMS. Internal audits will be used to evaluate conformity, assess the effectiveness and to identify opportunities for improvement. When you perform an internal audit, you will be able to compare your QMS to the requirements and understand if there are any non-conformances.
An external audit includes customer, supplier, certification and observation. If you are auditing an existing or potential supplier, we examine a supplier audit. Supplier audits can be one of the methods which are used to meet the requirements around control of external providers (ISO 9001:2015). The certified ISO 9001 Auditor Training courses are available these days both online and onsite, that can be effective parameter for auditing existing or new quality management system.
A certification audit is an audit your selected registrar will conduct to confirm accordance against the ISO 9001 audit before they issue your official ISO 9001 certificate. Certification audits are most often broken into two stages. Stage one audit is performed to decide an organization’s readiness for stage two of the audit. Stage one is often times conducted remotely in order to not spend additional costs on travel.
If the auditor controls to meet the minimum basis for the stage one audit, the organization will proceed with the stage two audits. Stage two audits will always be on-site audits. This is where the auditor will meet your staff and review your documented information (procedures, records, etc.) to verify you are meeting all the ISO 9001 requirements. Certification audits are typically conducted every three years.
After certification, your registrar will check-up on your periodically using observation audits to verify you are still upholding your Quality Management System and the ISO requirements. Surveillance audits are very much such as certification audits, with the exception that they are not issuing or re-issuing a certificate. These are typically conducted by your registrar annually.
It is very important when you are beginning your journey towards ISO 9001:2015 certification that you have a gap analysis performed to recognize any potential nonconformities you may have in these key features of this discussion so that you can address these gaps before your certification audit.
Key tools for audit implementation: