The Key to Successful Audits Using the ISO 19011:2018 Framework | Intertek SAI Global Australia (2024)

FAQs

How to conduct effective audit ISO 19011? ›

Clause 6.3. 2 of the ISO 19011:2018 Standard provides guidance on audit planning. By adopting a risk-based approach to planning, auditors can consider the risks of the audit activities and not achieving the audit objectives. A common problem is allocating sufficient time and resources.

This document provides guidance on auditing management systems, including the principles of auditing, managing an audit programme and conducting management system audits, as well as guidance on the evaluation of competence of individuals involved in the audit process.

ISO 19011 enumerates the following as being emblematic behavior for a competent and qualified auditor: ethical, open-minded, diplomatic, observant, perceptive, versatile, tenacious, decisive, self-reliant, acting with fortitude, open to improvement, culturally sensitive, and collaborative.

A successful audit starts with adequate preparation and a focus on making things easier for all involved, has continuous support from management, and leads to a change in course or other corrective action.

The principles of independence, objectivity, competence, confidentiality, professionalism, due professional care, and continuous improvement are essential for the internal audit function to fulfill its role as a trusted advisor to the organization.

That means that an auditor or audit team looks at what a company is doing, collects evidence, and compares that evidence to the controls the organization is supposed to be doing.

Key audit matters are those matters that, in the auditor's professional judgment, were of most significance in the audit of the financial statements of the current period.

This document concentrates on internal audits (first party) and audits conducted by organizations on their external providers and other external interested parties (second party). This document can also be useful for external audits conducted for purposes other than third party management system certification.

Is ISO 19011 2018 the latest version? ›

ISO 19011 is an international standard that sets forth guidelines for management systems auditing. The current version is ISO 19011:2018. It is developed by the International Organization for Standardization. Originally it was published in 1990 as ISO 10011-1 and in 2002 took the current ISO 19011 numbering.

An ISO audit is an activity that companies conduct to evaluate, confirm, and verify processes related to the quality, security and safety of products and services so that companies are able to ensure the management system has been effectively implemented.

Relevance – must pertain to the audit objective being tested. Effectiveness of client internal controls – good internal controls can mean better information. Auditor direct knowledge – auditor determinations are stronger that client comments. Qualifications – individual is a qualified source.

The basic principles of auditing are confidentiality, integrity, objectivity, independence, skills and competence, work performed by others, documentation, planning, audit evidence, accounting system and internal control, and audit reporting.

There are three types of ISO audits: internal audits (first-party audits), supplier audits (second-party audits), and external audits (third-party audits).

Moreover, the ISO 19011 standard enables organizations to enhance their management systems through a rigorous auditing arm. It ensures conformity to ISO's management system standards such as but not limited to the following: ISO 9001 – Quality Management System (QMS) ISO 14001 – Environmental Management System (EMS)