Internal Audits: what to expect
Blog Article | ISO | ISO 14001 | ISO 27001 | ISO 45001 | ISO 9001

Share this

Share On Facebook
Share On Twitter
Share On Linkedin
Share On Pinterest

Internal Audits: what to expect

by | Aug 1, 2023 | Blog Article, ISO, ISO 14001, ISO 27001, ISO 45001, ISO 9001 | 0 comments

Internal Audits; what to expect

As part of our post certification support, we assist and perform internal audits for our clients across the clauses and annexes of the relevant standards. These are carried out approximately 2 months ahead of client surveillances by actual auditors who have skill sets of the standards clients have attained.

You’re probably wondering what these internal audits consist of and how you can prepare. In today’s helpful guide we outline what a typical internal audit schedule looks like and what documents you might want to prepare:

Your internal audit programme should review all of the main areas within your management system including:

A typical audit schedule should include all key areas of your QMS (ISO 9001):

  • HR documents including inductions and appraisals.
  • Control of records for all of your standards including employee documents, meeting minutes and any maintenance records.
  • Control of documents for all of your standards including a documentation log and how it is maintained.
  • Evidence for the key areas of your service realisation including a project or purchase from inception through to completion.
  • Internal audit program for all of your standards with dates.
  • Management reviews with detailed actions for all of your standards.
  • Purchasing evidence
  • Feedback from clients including complaints and/or complements.
  • Preventative / Correction / Control of nonconformances in the form of a log.

A typical audit schedule should include all key areas of your EMS:

  • Energy Conservation methods and records.
  • Waste streams including waste carrier licences and waste transfer notes where applicable.
  • Recycling and evidence including an aspects and impacts register.
  • Purchasing including evidence for all services and supplier profiles.
  • Environmental Awareness – including any training records.
  • Emergency preparedness and response
  • Legal responsibilities reviews and updates including an up to date legal register.
  • Preventative / Correction / Control of nonconformances in the form of a log.

A typical audit schedule should include all key areas of your OHSMS:

  • H&S performance, policies and targets, objectives.
  • Evidence that everyone understands their role in contribution to the OHSMS.
  • Hazard identification including risk assessments and operational controls to show mitigating actions to reduce risks.
  • COSHH assessments.
  • Incident and accident reporting.
  • Emergency preparedness and your response.
  • Legal responsibilities reviews and updates including an up to date legal register.
  • Communication, participation and consultation on the OHSMS including training, awareness and notices.
  • Resource, roles, responsibility, accountability, and authority records.
  • Control of records for all of your standards including employee documents, meeting minutes and any maintenance records.
  • Control of documents for all of your standards including a documentation log and how it is maintained.
  • Evidence for the key areas of your Internal audit program for all of your standards with dates.
  • Management reviews with detailed actions for all of your standards.
  • Preventative / Correction / Control of nonconformances in the form of a log.

A typical audit schedule should include all key areas of your ISMS:

  • Records on control and security processes in the form of a statement of applicability.
  • Document control and security processes including procedures when someone leaves your organisation to maintain security.
  • Verify risk assessment validity in the form of a risk assessment tool.
  • An information security policy that verifies compliance and accuracy.
  • HR documents including training on information security.
  • Key Systems used to control ISMS-related processes.
  • Internal audit program for all of your standards with dates.
  • Management reviews with detailed actions for all of your standards.
  • Preventative / Correction / Control of nonconformances in the form of a log.
Small business ISO Certification

Getting started with Compliant

As part of our internal audit process, we walk clients through each of the steps above and can supply proven templates if required to ensure audit success. Show your commitment to quality management, the environment or occupational health & safety performance with a UKAS certified ISO certification from Compliant. Contact us today to find out more on 0333 456 5000 or fill in our FREE quote calculator!

Recent Comments

    Share

    Share On Facebook
    Share On Twitter
    Share On Linkedin
    Share On Pinterest

    Submit a Comment

    Your email address will not be published. Required fields are marked *