ISO audit
An ISO audit is often not seen as a beloved activity. Most employees experience it as an audit of their operations. But it can actually be a source of inspiration for further improvement or a compliment that you have things right. It is therefore a good idea to have your processes looked at periodically.
What is the significance of an ISO audit?
An ISO audit is really nothing but a snapshot and its purpose is to see if one’s operations are being carried out in a controlled manner. This audit can be performed either by one’s own organization or by a certifying organization. We then speak of an internal or an external audit.
The focus of an audit may depend on the desired certification. For example, LeanForms has chosen both quality(ISO 9001) and information security(ISO 27001). The ISO audit looks at whether you meet all the requirements set out in the standard. How an organization meets those requirements is a choice of the company.
So there are several roads that lead to Rome, but the most important thing is that a quality management system really adds value to an organization.
Why is there an ISO audit?
An ISO audit is conducted according to an audit schedule. This is agreed over a period of 3 years. During these 3 years, all business processes should be tested against the standard requirement. In many organizations, the quality manager coordinates the internal audit plan and coordinates the external schedule with the certifying body. The auditor (sometimes also an auditor duo) must have thorough knowledge of the standard requirements and be able to test them in the organization. Using qualified persons as auditors ensures the quality of the audit.
The course of an ISO audit
Conducting an ISO audit usually involves a number of stages. The auditor will first hear how a business process is handled by asking targeted open-ended questions. This gives him insight into whether employees are familiar with the agreed-upon practices. But between the lines, the auditor also gets information he wants to see as evidence later. If a process operator says he is recording a deviation for further investigation, it is of course logical for the audtior to use a sample to verify this. It gets especially interesting when employee A has to produce something for employee B.
Do they both have the same story and experience? Basically, the auditor looks for the familiar PDCA improvement cycle:
P (Plan) – What is the plan?
D (Do) – How does one implement it?
C (Check) – Does implementation get the planned result?
A (Act) – Should action be taken?
The benefit of preparing an audit properly
Preparing for an audit is actually nonsense. Surely you’re not going to work differently because an auditor is going to ask you questions! However, the reality is that many employees do not feel comfortable. The following can help:
- Re-read in advance the agreements that you yourselves have established in the process descriptions and any work instructions;
- Take another look at the previous audit report;
- In advance, try to describe the business process in your own words, keep it simple;
- Look again where with your own experience is the high probability of something going wrong.
And remember, the audit is meant to improve, not punish.
Checklist
A uniform ISO audit checklist does not exist. On the one hand, this depends on the standard against which you want to test; on the other hand, the professional maturity within an organization is also important. But every audit should result in an audit report containing:
- The subject of the audit and the frame of reference
- List of auditees
- An overall conclusion
- A description of the individual findings
- Evidence supporting or refuting findings
- An overview of possible deviations and areas of concern
- The audit report should preferably be discussed with the auditees in advance so that it does not contain any surprises or inaccuracies.
A good audit report will then be received positively and also provide possible leads for further optimization of your business processes.
Start preparing for your ISO audit
When preparing for an audit, it is important that your documented information is in order. Documented information is anything that shows that certain things were done as agreed upon. Using the workflow management system within digital forms ensures that processes are also handled automatically and all information is easily retrievable. All you really have to do is make sure that the record is current.
Within our organization, we have professionals with years of practical experience in setting up and supervising ISO certifications and business management systems. Therefore, we can actually help our customers and get them on their way if they want to start with ISO certification in their organization. In addition, we have an extensive partner network that we can use for special issues.
Because together we get further.
Want to know more? Get in touch
Do you have questions or are you curious how LeanForms can support your organization? We are ready to answer all your questions! Get instant specialized advice on the best solution for your specific situation.
Related items
Applying for ISO certification
With ISO certification, organizations demonstrate that business operations meet set standards. This can be important as part of the marketing and sales process.
ISO 9001, an excellent guide to smarter organizing
ISO 9001 is an international standard for quality management systems that helps organizations streamline processes, increase customer satisfaction and achieve continuous improvements.
ISO standards as a tool, not an end in itself
How to choose the best audit software?
How to choose the best audit software? Audit software supports performing audits and inspections on business processes. The goal here is to improve efficiency within organizations.
