A revision ISO certification is a systematic and independent review of an organization's operations and procedures to ensure that they meet the requirements set by an ISO standard. During the audit, the auditors check that the organization has documented procedures, controls and procedures to meet the requirements. They are also investigating that these procedures are in operation and working as intended.
The result of the audit is a report that provides a detailed overview of the organization's level of compliance with ISO requirements.
An audit is a tightly controlled process in which the auditors are also regularly audited for performing the audit properly. Below we go over the major points that occur within an audit.
Remember that auditing is among the final steps in an ISO certification process - i.e. the result of all your hard work to actually establish and implement wiring system in the business.
Document auditing is one of the most common audit techniques used in an ISO audit. It involves reviewing the organization's documentation to make sure it meets the requirements specified in the ISO standard. This may include reviewing documentation relating to processes, product requirements, product management, risk management and continuity planning, among others.
Another purpose of document review is to verify that the organization adheres to its documented procedures and processes. Some do it before the actual audit time, some always do it on the spot.
Presentation of the company and the people who are on site present themselves with titles and responsibilities.
The certification scope is reviewed to see what we are going to certify. Here it is important to carefully delineate what should be certified so that the company does not broaden the business and all of a sudden has new elements in the business that are not reviewed in a certification.
This stage focuses on examining and reviewing how the business is organized and functioning. The focus is on identifying deficiencies in processes, systems and equipment that could lead to the organization not meeting the requirements specified in the ISO standards.
The audit aims to help the organization improve processes, systems and equipment to ensure they meet ISO requirements. Conducted in the form of interviews and follow-up of record keeping, protocols and similar activities.
The supplementary document review is a deep dive into main processes where business development, marketing, but especially delivery and sales are usually reviewed.
If the auditors find things during the audit that need clarification, they go back to how it is described that the organization works. The focus is very much on the management process itself, where management reviews and follow-up of objectives are carried out - usually done at the management's quarterly follow-up, management team meetings on a monthly basis or what the company in question has procedures. Generally, we say that the company needs to have followed things up at least 4 times a year.
In sales, a lot is about how the organization identifies what customer requirements and expectations exist and how they then deliver on that.
When it comes to supporting processes, the auditor checks how the organization handles e.g. suppliers/purchases, personnel and more. For example, the auditor checks that the staff can really work according to and understand the management system.
Continuous improvement includes customer feedback management, deviation management, improvement measures, risk assessments, crisis management, corrective actions, internal audits etc.
Management process, delivery and continuous improvement are absolutely the things that one has the most focus on. Possibly even development if it is a large part of the company.
The management process
Main processes
Supporting Processes
But it all depends on the company in question. If you build bridges, for example, the construction part is very important.
After review, the formulation of deviations, observations and recommendations follows.
Deviations are when you have gone against a standard requirement or you have a consistent problem with not following what you say you should do. Depending on the extent of the deviation, you will get a large or smaller deviation.
You have observations until the next audit to complete.
The audit itself ends with a meeting where the results of the audit are reviewed together with the organization.
The auditor has formulated discrepancies and observations on the spot, then the auditor writes a report.
Customer reports, with support from their management consultant, in direct and corrective actions as they have been carried out.
With this guide in mind, you should now have a clear picture of how an audit is done in an ISO certification. By following these steps and working closely with the auditors, your organization can ensure that it meets ISO requirements and works on continuous improvement.
