I often hear questions such as:
What do auditors do?
What is an audit all about?
What can one do with audits, how does it work?
Audits identify strengths and potentials for the company! To help providing more clarity for this effective and flexible method, here the essence is summarised in short form. If you prefer, the posts can also be watched on YouTube. The content is essentially the same!
The contributions can be reached here (German only): YouTube videos
Definition and procedure
The explanation of ISO-audits (Latin ‘audire’: listen, hear, examine, experience) is described in the ISO 9000 in pt. 3.9.1.: By definition, an audit is a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled. This definition applies primarily for certification (3rd party) audits to management systems which are examined according to an ISO standard.
In any case, it is a fact that audits can be used optimally and very flexibly in order to detect risks and opportunities for improvement in the company’s organization and performance. I could tailor audits to your needs for useful results!
What does that mean now?
In very general terms a standard is examined against its implementation in reality. This means that a certain standard (ie a law, a norm, a process or an agreement / a policy / a procedures directive) is tested for its performance level and its implementation deficits. How well does this standard ‘live’ in an organisation (administration, company, association, etc.) or in a process (also as part of a bigger process or a defined process) and adhered to as it is intended or not. And if it does not, how severe weigh the deficits found by the audit (deviations, nonconformities, weaknesses)? Proposals aim on how to eliminate the deficiencies.
Next to technical issues verified by a trained auditor, communicative and social deficits are incidentally revealed.
It may be possible that the communication is deficient for any reason, there is a lack of qualification or even that an employee refuses cooperation due to poor treatment etc. All this has a negative impact on the proper and effective implementation of work tasks.
Well-aimed interviews and listening, are accompanied by inspections of important data, documents and plans, as well as visual inspections and measurements possible as constituents of audits – a review of the existing situation.
What is part of an audit?
An audit is therefore -globally speaking- an instrument of validation of a desired (quality) standard in a wide technical and administration range that goes beyond a pure technical review and intends to do so. It is important that the auditor is trained and has the necessary (also social) skills. Audits can be flexibly used as analytical method for collecting desired data of a current situation. So why not try it?
Do you have any questions?
Essentially, we distinguish 5 types of audits. As lead auditor, I do offer problem-solving in all 5 areas:
Certification Audit / System Audit
This is about reviewing and monitoring the compliance of management systems according to ISO standards. The best known are QMS in accordance with ISO 9001, EMS in accordance with ISO 14001 and EnMS in accordance with ISO 50001, to name just three. These so-called 3rd party audits are conducted by certified auditors who are appointed by a certification authority. It is determined whether the relevant norm is implemented by the respective organisations and how it is respected. A validation cycle for system audits lasts 3 years – insofar the standard is permanently adhered to and is therefore actually ‘lived’.
A compliance audit usually examines if all affected areas of an organisation are in compliance with relevant legislation. Conformity or compliance with legislation is an important prerequisite for your business and is part of risk management. The review of implementation of corporate rules is also regarded as a compliance audit. It is checked if the default standards or specifications in the relevant locations / business units do comply with corporate rules.
Process audits require specialised knowledge of the process to be audited. Several interlocking processes, which often have different requirements are needed to produce a product or provide a service. Audits carried out according to specifications of the client show how susceptible processes are and where risks lurk. This is usually done with own internal auditors (1st party audit) or it is possible to hire external and thus independent auditors. These audits often bring out added value when they reveal potential for improvement, greater efficiency and minimised risks.
These so-called 2nd party audits are used to evaluate suppliers. Either own auditors are used or external auditors are engaged. They check the corporate or legal requirements at the supplier. Deviations from standards become transparent and actions can be taken to resolve the discrepancies. Thus, risks in the pre-supply chain can be uncovered and repaired. This can also be considered as part of risk management. In addition these audits help to compare different suppliers meeting your requirements.
Performance audits can be used when it comes to check an existing, functioning process for effectiveness and efficiency. Was a given target achieved based on the calculated figures? Closing gaps, review of deviations / risks and optimizing the entire process is the aim. If all processes are perfectly coordinated to each other, downtime and waste (and thus costs) are minimized and the value (per unit, per shift, per month, etc.) is improved. These audits may be carried out with own or with external auditors.
As a trained and certified auditor, I offer services in all the above areas. System audits need a certification body. I work together with 3 accredited certification bodies, also internationally.