Every management system needs an instrument to evaluate the implementation and the effectiveness against the requirements of the standard(s).

The term “audit” comes from Latin – the verb “audio” which means “to listen”.

The standard ISO 19011:2011 Guidelines for auditing management systems” provides the definition for the term audit: “systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled”.


SYSTEMATIC: it is carried out with a specific frequency and in accordance with a programme and an established method;

INDEPENDENT: the auditor should be independent of the activity being audited wherever practicable, and should in all cases act in a manner that is free from conflict of interest;

DOCUMENTED: based on verifiable audit evidence (audit programme, audit plan, audit checklist, audit report, nonconformities reports).

AUDIT CRITERIA for a management system:

  • Requirements of the standard
  • Legal and other requirements applicable to scope
  • Organisation’s management system documentation


External audits include second and third party audits.

Second party audits are conducted by parties having an interest in the organisation (customers, or other persons on their behalf). A second-party audit is when a client performs an audit of a supplier to ensure that they are meeting the following:

  •   The requirements specified in the contract or in the code of practice;
  •   The requirements of the standard, technical specifications etc.

The second party audit is an instrument of initial evaluation or monitoring of organisation’s suppliers; the importance of this instrument increases with the size and profile of the organisation and the level of risk related to contractual obligations.

For an organisation, the most important audit is the second party audit because of its commercial implications – signing or terminating of commercial agreement, affecting organisation’s image.

A second party audit conducted by SUN CERT will allow to any organisation to:

  •   Implement an effective instrument of suppliers evaluation and monitoring;
  •   Be protected against the image or reputation damage of the organization by its suppliers;
  •   Increase trust and continuously improve the organisation’s image;
  •   Fulfill the requirements of the standards or of the code of practice, international legal requirements.

Please contact us at for a customised offer regarding our Second party audits!


Pre-Assessment Audits

Pre-assessment is an optional service that the client has chosen to take advantage of at their expense, normally prior to commencing the certification process, before a Stage 1 Audit.

The scope of a pre-assessment audit conducted by SUN CERT is:

  •   Explanation of the audit/certification process to the organisation’s management;
  •   Setting of dates for actual certification audit, further visits etc;
  •   Discussing any training needs of the organisation;
  •   Performing an audit on parts of the system to:
  •   Determine if the organisation is ready for audit;
  •   To demonstrate to the organisation’s staff and management how an audit works;
  •   To identify any potential nonconformities that could delay certification;
  •   To identify any areas of concern in the management system.
  •   Ensure facilities required for the audit are in place;
  •   Confirm the certification scope once the audit has been conducted;
  •   In the case of QMS, confirm if any requirements of the standard are not applicable.

The agenda for a pre-assessment audit may be as follows:

  • Opening meeting with Top Management to present the scope and the audit methods and records;
  • Tour of site and conduct the audit in order to collect audit evidence;
    • Confirm the scope, locations and processes etc.
    • Check facilities and administrative arrangements for the certification audit.


First Party Audits

The first party audit or the internal audit is conducted by the organisation itself, or on its behalf and is conducted in accordance with the standard clause for the internal audit.  The condition imposed by the standard is that internal audit must be performed by auditors who are fully independent of the activity being audited.

The scope of the internal audit:

  •   To evaluate the implementation and the effectiveness of management system against the requirements of the standard(s);
  •   To evaluate the organisation’s management system and performance against legal compliance, responsibility for organisation’s policies, any other applicable requirements, objectives and targets;
  •   Identification of areas for potential improvement of the management system.


In accordance with SUN CERT Impartiality Policy, code PO 02, available on, SUN CERT does NOT offer or provide internal audits to its certified clients and does NOT certify a management system on which it provided internal audits within two years following the end of the internal audits.