How to conduct ISO Internal Audit

Why need to conduct ISO Internal Audit ?


Nowadays many business are facing more competition. Many business  want to make sure excellence in our business to maintain customer satisfaction and reduce cost by improvement operation. That’s why many company want to get ISO Certification.It give customer confidence and reinforce internal operation. But how do we know the effectiveness of management system and the area for improvement ? The answer is Internal audit -can help management to understand the effectiveness of management system and area for improvement.
ISO內部審核

What is ISO Internal Audit

According ISO 19011 requirement, Audit is a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled. The purpose of audit :
  1. To determine conformity
  2. To determine the effectiveness
  3. To provide opportunity to improve
  4. To meet regulatory requirements
  5. For certification
Be reminded, the purpose of audit is finding fact, not finding fault

Principles of auditing

Integrity is the foundation of professionalism Auditors and the person managing an audit programme should perform their work with honesty, diligence, and responsibility. Fair Presentation The obligation to report truthfully and accurately. Due professional care The application of diligence and judgement in auditing. Confidentiality Auditors should exercise discretion in the use and protection of information acquired in the course of their duties. Audit information should not be used inappropriately for personal gain by the auditor or the audit client, or in a manner detrimental to the legitimate interests of the auditee. Independence the basis for the impartiality of the audit and objectivity of the audit conclusions. Evidence-based approach the rational method for reaching reliable and reproducible audit conclusions in a systematic audit process.

Auditor competence and training

Auditor should receive Internal Auditor Training Academic qualification : at least graduate of high school.

Four Stages of Internal Audit

There are four stages of audit process.
1) Preparation of ISO audit
2) Onsite ISO audit
3) ISO Audit reporting
4) ISO Audit followup

1) Preparation of ISO Audit

-Prepare audit plan including criteria, scope & location. -Document Review-company policy, company procedure and previous audit report. -Prepare internal audit checklist . -Keep auditee advised, agree date and time

2) Onsite ISO Audit

  • Chair Open Meeting In the opening meeting , audit team leader and audit team and top management, department Representative will attend. Audit team leader will introduce audit team and explain the audit plan and audit criteria
  • Collection of audit evidence. Auditor will understand the operation through observation and interview with auditee.
  • Tips about asking question & interview with auditee. -Introduce yourself and purpose of audit. -Ask opening question. -Keep eye contact. -Keep clam & objective.
  • Verifying the integrity of record There is no time to check everything. Audit take some samples of record such as quotation, purchase order, delivery note, production record, training calibration record and so on

3) ISO Audit Reporting

Audit team members raise observation and minor nonconformity. Audit Team leader gathers the findings and and conclude the audit result. Audit Team leader hold a closing meeting with top management and department representative and to report audit result, findings and corresponding followup actions. Audit findings Observation mean slightly deviation from policy, procedure and practice Minor conformity means one or more clause of ISO requirement lapse but not a great impact on management system Major conformity means system break down or collapsed.

4) ISO Audit followup

After department representative finished the corrective actions to the corresponding nonconformity raised by auditor, the auditor close the correction action on site. Business success is lifelong journey.  Continual improvement is a never-ending story.
Share on facebook
Share on whatsapp
Share on linkedin
Share on twitter

Leave a Replay

About Me

Over 17 Year in ISO Certification Consulting industry. Many stories I heard from client, auditors and friends

Recent Posts

Follow Us