Labs Support
EN SV

ISO guide

Internal audit

Plan and perform internal audits that find gaps before external audit.

Book a free consultation Download PDF Print version

Internal Audit

To be certified the company must undergo a certification audit conducted by an independent and accredited organization. Before this happens, it is important that the company conducts internal audits to assess whether the management system meets the organization’s own requirements and the standard requirements, and where action is needed.

Internal auditors play a central role in this work. They need to be knowledgeable of the current standards and how they are applied in practice, as well as able to analyze and evaluate the company’s processes and systems objectively.

To perform useful internal audits, auditors need enough competence to audit the selected criteria and scope. The audit process must stay objective and impartial.

Example two-day internal audit for ISO 9001, 14001 and 45001:

Day 1

  • An introductory meeting with a presentation of participants, a review of the program, and a review of the company’s background and operations.
  • Review the handling of complaints, deviations, and suggestions for improvement, including internal audits and external and internal communication within the company.
  • Review of sourcing, supplier follow-up, and purchasing processes within the company, with a focus on environmental management and supplier monitoring.
  • Review of marketing and sales processes, including identification of customer requirements and expectations and transfer and reporting of information to the downstream.
  • Review of delivery processes, focusing on work environment management, including planning, execution, risk assessment, and invoicing of assignments.
  • Summary of results and time available to the internal auditor.

Day 2

  • Review of HR, including hiring, induction, requirements for and verification of the staff’s competence, and planning and follow-up of competence development.
  • Review of leadership and commitment within the company, including business intelligence, strategy, business development, long-term and short-term goals, management meetings and communication, as well as management of operational risks.
  • Summary of results and time available to the internal auditor.
  • Conclusion of the audit with a review of results and discussion of possible improvement measures, as well as adaptation to the requirements of the ISO standards.

Book a free consultation

Want to make ISO work easier? We can show how AmpliFlow keeps responsibilities, documents, goals, and improvements in one system.

Book a free consultation