22 August 2018 | Herpreet Kaur Grewal
BSI, the business standards company, has published the revised international standard for auditing management systems, BS EN ISO 19011:2018.
The document provides comprehensive guidance on all types of audits, whether internal or external.
It covers the management of an audit programme, the planning and conducting of audits, and the competence of audit teams.
ISO 19011 is applicable to all organisations that need to plan and conduct internal or external audits of management systems, with guidance that can be used by large audit teams or scaled down for smaller organisations wishing to learn more about how to audit their own management systems.
The main differences between the 2018 edition and the previous edition are:
- Addition of the risk-based approach to the principles of auditing;
- Expansion of the guidance on managing an audit programme, including audit programme risk;
- Expansion of the guidance on conducting an audit, particularly the section on audit planning;
- Expansion of the generic competence requirements for auditors;
- Adjustment of terminology to reflect the process and not the form it takes (e.g. 'reporting' rather than 'report');
- Removal of the competence requirements for auditing specific management system disciplines; and
- Expansion of guidance on auditing new concepts such as context, leadership and commitment, virtual audits, compliance and supply chain.
Anne Hayes, head of governance and resilience at BSI, said: "Audits are integral to the effective use of management systems and play an important role in identifying improvements for the business. ISO 19011 provides comprehensive guidance for any organisation wishing to audit professionally and effectively for the good of their business."