Professional Documents
Culture Documents
The purpose of the following notes are to provide the meanings and intention of certification
criteria and associated theories, methodologies, techniques or tools.
y
These are the areas your Certification Body (CB) will be generally looking for to comply with
nl
generic internal auditing requirements in Management System Standards.
O
The questions below will generally be phrased as more open ended, but these are the areas
in general to be determined by a CB assessor. Your tutor will expand on these to explain the
es
meaning of certification criteria as thought necessary.
os
(Objective evidence – Documented audit programme)
rp
Does it cover the intended scope of the management system under assessment? (Yes)
Pu
(Objective evidence – The organization’s processes, comprising the scope of
certification, broken down into the audit programme)
How are the audits scheduled (planned intervals) in the programme? (By consideration
ng
out, and the results of their previous audit findings. Essentially, more depth (scope) of
the audits and experience of the auditors (instead of just on the number of audits) if the
process is more important or negative findings are encountered, and vice versa.
SI
Evidence that it is being used as a powerful business improvement tool not just a tick in
the box – management review minutes, actions arising from findings etc.)
rB
programme)
How does the organization maintain this programme(s)? (We review and adjust it
periodically to meet business needs (significant changes/activities in the organization)
rather than just meeting management system requirements/ certification requirements.)
(Objective evidence – Audit scheduling changing in the audit programme itself; as a
result of new audit findings, changing risks and opportunities, and other factors as per
the above e.g. availability of auditees, significant changes, or new/changing processes
etc.)
ISM03001ENGX v3.0 (AD01) Nov 2022 ©The British Standards Institution 2022 1 of 4
Who has the responsibility for planning, establishing, implementing and maintaining
your audit programme(s)? (The Production Manager has…, etc.)
(Objective evidence – Responsibilities explained (or documented) covering the duties of
the person(s) managing the audit programme(s) and those involved with its planning,
establishing, implementing and maintaining.)
y
What are the methods used for reporting the results of audits? (All audit results are sent
nl
to the relevant manager (dept etc.), within one week, and to top management within
one week, and our six months formal top management review, by the Production
O
Manager…etc.)
(Objective evidence – Information regarding where the results of the audits go, when
es
they are to be sent, who is to review them, actions arising etc.)
os
Are the results of the audits reported to relevant management, and a summary/trends
in audit results provided to top management? (Yes)
rp
(Objective evidence – Meeting minutes, comments/actions received as an output from
management, continual improvement, results being received by the management that
have been determined to see them.)
Pu
What is expected from those who receive the audit reports and/or results? (They review
the results and decide on actions needed and resources required to implement
ng
actions…etc.)
(Objective evidence - This question is to trigger the auditee to think about the
responsibilities and accountabilities of each individual who receives the audit reports/
ni
results and whether the expectations are clearly communicated and transparent.)
ai
ISM03001ENGX v3.0 (AD01) Nov 2022 ©The British Standards Institution 2022 2 of 4
What are the methods used to select auditors? (Auditors are selected first on their
y
independence of the process, and then competence to carry out the audit. Obviously
nl
their availability is also a factor and how many times they have audited that process.
Sometimes it’s better with a fresh pair of eyes.)
O
(Objective evidence – Auditor independence, evidence of auditor competence etc.)
es
Has an audit objective(s), scope and criteria been defined for each audit? (Yes)
(Objective evidence – Documented audit objective(s), scope and criteria for each audit
os
conducted and planned.)
Are auditors selected to ensure objectivity and the independence of the audit process?
rp
(Yes)
(Objective evidence – Auditors chosen for each audit that are independent of the
Pu
activity being audited, or as a minimum efforts to remove bias and encourage
objectivity where full independence is not possible – Small organizations.)
ng
objective evidence and evaluate it objectively to determine the extent to which the audit
criteria are fulfilled.)
Tr
(Objective evidence – Audit programme detailing the current status of audits performed,
audits to be performed, and any outstanding actions pertaining to audit findings.)
rB
What competence has the organization determined for the individuals assigned to
manage the audit programme? (They have passed the BSI Lead Auditor course and
Fo
ISM03001ENGX v3.0 (AD01) Nov 2022 ©The British Standards Institution 2022 3 of 4
How did the organization determine the competence required for their auditors?
(Reviewed ISO 19011:2018 and use that as a basis for knowledge and skills, also spoke
to BSI for suitable training courses etc.)
(Objective evidence – The organization first considered 7.2.1 a) to c) to help decide the
competence required, and desired professional behaviours (necessary attributes) 7.2.2
a) to m). Generic knowledge and skills in 7.2.3.2 a) to d), and discipline/sector-specific
y
competence in 7.2.3.3 a) to d). Generic competence of the audit team leader in 7.2.3.4
nl
a) to g) and knowledge and skills for auditing multiple disciples (if applicable) in 7.2.3.5)
O
Auditor might then assess the remaining requirements in 7.2 Competence.
(Objective evidence - Where applicable, the organization has taken actions to acquire
es
the necessary competence, and evaluated the effectiveness of the actions taken.)
os
rp
Pu
ng
ni
ai
Tr
SI
rB
Fo
ISM03001ENGX v3.0 (AD01) Nov 2022 ©The British Standards Institution 2022 4 of 4