Tags Posts tagged with "auditor"

auditor

0 9292

A Certification Audit is the first step for those organizations that have decided to undergo an assessment process with a Certification Body (CB) or Registrar to determine if their management system complies with the requirements of a given standard (ISO 9001ISO 14001OHSAS 18001, etc). This Certification Audit is divided into two stages: Stage 1 Audit and Stage 2 Audit.

These audits differ in many ways: their purpose, duration, information reviewed and sometimes even in the location where it will take place.

The objective of a Stage 1 Audit is to determine an organization’s readiness for their Stage 2 Certification Audit. Here the Registrar will review the management system documented information, evaluate the client’s site specific conditions and have discussions with employees.  The auditor will look to see that objectives and key performance indicators or significant aspects are in place and understood.  They will review the scope of the management system and obtain information on the organization’s processes and operations, the equipment being used, the levels of control that have been established as well as any applicable statutory or regulatory requirements.  Internal audits and management reviews will be evaluated to ensure they are being planned and performed and the overall level of implementation of the management system to determine if they are ready to move forward with the Stage 2 Certification Audit.



The Registrar will use the Stage 1 Audit to complete Stage 2 Audit planning, including the review the allocation of resources and details for the next phase of the audit.  Documented conclusions will be given to the organization that will outline the readiness as well as identifying any areas of concerns that could be classified as a nonconformance during the Stage 2 Audit.

Stage 1 Audit usually will be carried out in one or two days.  This audit typically occurs onsite.  For organization’s with more than one location the audit would usually be carried out at their head office location.

The Stage 2 Audit evaluates the implementation and effectiveness of the organization’s management system(s). During this audit, the Registrar will determine the degree of compliance with the standard’s requirements, and report any non-conformances or potential non-conformances that the organization will have to correct before the compliance certificate can be issued. If Stage 2 audit is successful, the organization’s management system(s) will be certified..

The Stage 2 Audit will include:

  • All relevant documented information that evidences the management system’s conformity with all the standard’s requirements.
  • Key performance objective and targets, looking at performance monitoring, measuring and reporting
  • Evaluation of internal audits, management review and management responsibility for the organization’s policies
  • All relevant processes, looking at operational control and the ability to carry them out as planned

The duration of the Stage 2 Audit is determined in accordance with IAF MD5.  Depending on the size and complexity of the organization this audit can range anywhere from 1 to many days.

These are the main differences between Stage 1 and Stage 2 Audit. Nonetheless, every organization undergoing a certification process should maintain an open and clear communication with their Registrar in order to clarify any doubts that may arise before the audits take place.

0 2985
Accreditation bodies allow organizations seeking accreditation can demonstrate to their customers that they have been successful at meeting the requirements of international accreditation standards.

Third-party auditors are those who perform an external and independent audit of an organization’s management system to evaluate if it meets the requirements of a specific standard; if successful, this third-party audit will provide the organization with certification or registration of conformity with the given standard.

A third party audit is carried out by a Registrar/Certification Body (CB) hired by the organization; therefore, in order for someone to be a third-party auditor, he/she needs to be employed by a CB. All CB, before hiring an auditor, need to ensure that the auditor possesses the knowledge and skills necessary to achieve the intended results of the audits they are expected to perform. Some of these are described below.

  • Personal attributes that will enable them to act in accordance with the principles of auditing, which include ethical conduct, fair presentation, due professional care, independence, and free use of an evidence-based approach.
  • Knowledge on the contents of ISO 19011: 2011, Guidelines for auditing management systems.
  • Knowledge and skills on audit principles, procedures and methods, which will enable them to conducted audits in a consistent and systematic manner.
  • They should be able to exhibit professional behavior during the performance of audit activities, including being ethical, open-minded, diplomatic, observant, perceptive, versatile, tenacious, decisive, self-reliant, open to improvement, culturally sensitive, and collaborative.
  • Knowledge and skills on management system and reference documents that will enable them to comprehend the audit scope and apply audit criteria.
  • Sector specific knowledge which will enable them to comprehend the organization’s structure, business, management practices and the legal and contractual requirements applicable to the organization being audited.

As indicated in ISO 19011, someone pursuing to become a third-party auditor can acquired all these knowledge and skills by using a combination of the following:

  • Formal education/training and experience that contribute to the development of knowledge and skills in the management system discipline and sector the auditor intends to audit.
  • Training programs that cover generic auditor knowledge and skills.
  • Experience in a relevant technical, managerial or professional position involving the exercise of judgment, decision making, problem solving and communication with managers, professionals, peers, customers and other interested parties.
  • Audit experience acquired under the supervision of an auditor in the same discipline.

After acquiring all the necessary knowledge and skills and successfully being employed by a CB, third-party auditors must pledged to advocate a particular code of ethical conduct in the performance of an audit and they must abide the internal policies and rules of the CB that hires them. All these requirements must be followed in order to protect everyone involved in the audit process.