What is an audit
What is an audITAn audit within the context of ISO management system standards is a systematic, independent and documented process to determine whether activities and results meet established requirements. The goal is to gain insight into the effectiveness of the management system and to identify opportunities for improvement. What is an audit? It is an instrument with which organizations can test whether their processes meet the standard requirements, such as ISO 9001 (quality) or ISO 27001 / NEN 7510 (information security). Internal and external audits play a crucial role in ensuring continuous improvement. Auditors assess whether the policies, procedures and practices are in line with the agreed standards. What else is an audit? It is also a means of promoting transparency and trust among stakeholders. By auditing regularly, an organization can manage risk and demonstrate that it takes its obligations seriously. In this way, an audit contributes to maintaining or obtaining certification.
The word audit is derived from a Latin word "audire", which means "to hear". Audit tools make it more efficient.
There are different types of audits: financial, operational, IT, quality, environment, etc. Everything is focused on the design, existence and operation of information, communication and control systems.
What is an audit - the process
What is a process audit? An audit is an activity that identifies the risks or shortcomings in a process or organization. Does a process or organization meet the frame of reference, usually a standard. The extent to which the existing control measures sufficiently cover the risks is examined.
The auditor who carries out the audit must be independent. An important requirement. It is important that the auditor does not assess processes for which he is responsible and therefore has no interest in the results of the audit. The method of an audit can differ from time to time.
In general, it consists of the following process steps:
- Preparation
An agenda is drawn up for the specific audit on the basis of a previously drawn up audit programme. What is covered and what is not. The management system or parts of it are reviewed and the results of the previous audits are examined. Have all improvements been implemented effectively?
- Execution
During the audit, the auditor examines whether the organization or process meets the requirements of a standard based on evidence. To this end, the auditor collects information such as documents and registrations and assesses operational (monitoring) systems. In addition, information can be obtained through auditor observations and interviews with employees. The auditor checks and assesses the information. Can it be shown that the auditee says what he does, and that he does what you say?
- Report
All findings, deviations from the standard or suggestions for improvement are collected and recorded in an audit report. Discussed topics, points of attention and shortcomings are described in this and these are discussed with the auditee. Corrective actions are also recorded. There should be no ambiguity about the facts.
- Succession
If corrective actions have been proposed in the audit report, the auditee must implement them. In a subsequent audit, for example a repeat audit, it can then be assessed whether these corrective measures have actually been implemented.
A very specific process. For the implementation, we therefore rely on our business partners from meta-audit.nl.
Click here for their audit questionnaire.
What is an audit - the tooling
What is an audit for the tooling is something that is subject to rapid developments. For example, remote audits have quickly become the practice, especially for external audits. A lot is also possible in audit tooling.
Take a look at this overview of 'standard' functionalities of a digital management system, set up for audits.
(Just for fun, put this Infoware system online in 60 seconds as a test....)
Planning
Audit frame work |
- Schedule audits in advance
- Timely alerting
- Insight and overview
- Check for completeness of standard requirements
- Explanation of standard requirements
- Monitoring
|
| Workflow control |
- Clear process steps
- Audit trail
- Overview of current status
- Flexible workflow
|
| Execution |
- To be set up per audit type
- One framework, multiple standards
- Also for mobile devices
- Short lead times
|
| Monitoring |
- Dashboard
- Multisite
- Details and overall picture
|
For those who are still 'fighting' with loose documents, long lead times or unclear progress ....
Get our cloud solution Infoware, a software tool for management systems, ready in 60 seconds. And spot the differences...
