Individual audit objectives and practices vary considerably from entity to entity, and there are many kinds of practitioners in audit-related activities, such as external auditors, internal auditors, self-assessment evaluators, quality reviewers, and security assessors. For this reason, the audit process must be adaptive in use and high-level in structure. This webinar facilitates a managerial-level understanding of the ISO auditing standards associated with performing management system assurance services.

Auditing management systems are generally considered a vital component of an entity’s audit plan since it represents planning and preparation for examining necessary configurations. Ideally, deployable audit plans for management systems enable an enterprise to sustain operations that meet control objectives. Thus, a management systems audit plan should include (among other things) business, technological, human and regulatory aspects.

Generally accepted assurance standards, guidelines, and procedures permit preparing audit plans that address the enterprise’s control framework and control objectives. They should be used considering the control framework as well as control objectives and developed into specific audit programs. An overall audit program for the auditing of management systems is a sequence of tasks for achieving the audit areas operational audit objectives. Wherefore, the audit program is the plan followed by the audit team during audit performance. The principles outlined in this session reflect best practices as well as managerial experience.

If it seems like your organization’s quality, safety, environmental, information technology services or management system audit program is getting a bit stale, perhaps the cause emanates from the objective only addressing conducting audits in accordance with the requirements of the external standards (e.g.; ISO 19001, 45001, 14001, 20000, etc.). Just following external expectations will hardly ensure perceptions that audits are adding value, as opposed to merely using up resources that are deployable elsewhere. While meeting the requirements of the audit clause of the standard is necessary, it should not be considered as sufficient if the audit program is to add significant value to the organization.

The ISO 19011:2018 Guidelines for Auditing Management Systems goes far beyond how to plan, conduct, and report audits. Unfortunately, most training for auditors only covers these topics, rather than also how to manage and audit program. Audit program managers should consider studying the 19011 guidelines and adopt some of the advice. This webinar will describe many of the reasons and related content.