Management systems auditing is a process of assessing and verifying the effectiveness and compliance of a specific management system, such as ISO 9001 (Quality Management), ISO 14001 (Environmental Management) or ISO 45001 (Occupational Health and Safety Management).
The identification of non-conformities through the auditing of management systems, leads to the analysis of deviations from the requirements of the standard, orienting the management in the right direction.
Auditing management systems can help improve organizational performance in many ways, such as optimizing and streamlining processes.
By complying with relevant regulations and legislation, we provide customers, business partners and regulatory authorities with unequivocal confidence.
Once a management system is established, a effectiveness evaluation tool the respective system.
The word audit comes from Latin (the verb audio), meaning "the one who listens”.
In the ISO standard 19011:2018 "Guide for auditing management systems" the audit is defined as a systematic, independent and documented process in order to obtain AUDIT EVIDENCE and the objective evaluation of these evidences in order to determine the degree of fulfillment of AUDIT CRITERIA.
SYSTEMATIC - it is carried out planned, with a certain frequency and according to a well-defined method;
INDEPENDENT - the auditor must be absolutely independent from the audited activity and there must be no conflict of interests;
DOCUMENTED - proven with written documents (audit program, audit plan, checklists, audit report, non-conformity sheets).
AUDIT CRITERIA - for a management system: • Referential requirements; • Legal requirements and other requirements applicable to the audited field of activity; • Documentation of the management system.
The third-party audit is the one carried out by a certification body - independent external organization - to determine the compliance of the management system with the requirements of the reference standard/s, with the aim of granting "ISO certification”.
Third-party audits, depending on the goalare of 4 types:
Initial certification audit: takes place in two stages (stage 1 and stage 2);
Supervisory audit: (12 months, respectively 24 months after the initial certification);
Recertification audit: (3 years after the initial certification or from the previous recertification);
Special audits: (for scope expansion, follow-up – to close major non-conformities, unscheduled audits, extraordinary audits, etc.).
Second party audit is a supplier audit or a subcontractor one. This type of audit is the one carried out by an organization at a supplier/subcontractor before signing the contract, respectively during the performance of the contract to determine:
• the level at which it respects the contractual conditions, the adopted code of practice;
• the level of compliance with the reference standard, technical product specifications, etc.
Second party audit it is a tool for initial evaluation or effective monitoring of one's own suppliers, a tool whose importance increases with the size and profile of the organization and the level of risk correlated with contractual obligations.
For an organization the audit with the greatest impact is the second party due to the very important commercial implications - concluding or maintaining contracts, affecting one's image by third parties.
A second-party audit by SUN CERT will allow you:
implementation of an effective tool for evaluating and monitoring own suppliers;
protection against damage to the organization's image and reputation by collaborators;
increasing trust and continuously improving the organization's image;
compliance with the standards and the adopted code of practice, international normative requirements.
Call SUN CERT now to receive a personalized offer regarding our second party audits!
FIRST PARTY AUDIT or INTERNAL AUDIT it is the one performed by or on behalf of the organization and is carried out in accordance with the clause dedicated to internal audit in the reference standard.
The internal audit is carried out by the staff of the organization in question, but the possibility of it being carried out by specialized external staff is not excluded either. The condition imposed by the standard is that the internal audit must be performed by persons who are indpendent to the activities to be audited.
In accordance with the Impartiality Policy, form code PO 02, policy available on www.suncert.ro, SUN CERT does NOT provide internal audit services to certified clients and does NOT certify a management system for which it has provided internal audits within two years of the completion of internal audits.