Training Course on ISO

19011:2018 Guidelines
for Auditing
Management Systems
COURSE CONTENTS

Introduction to Audit

The Auditor

The Audit Process

Terms and
Definitions
Audit
Systematic, independent, and documented process for
obtaining audit evidence and evaluating it objectively to
determine the extent to which the audit criteria are
fulfilled.
Note:
Combined Audit - when two or more management systems of different disciplines
(e.g. quality, environmental, occupational health and safety) are audited together
Joint Audit - when two or more auditing organizations cooperate to audit a single
auditee
Audit Evidence
Records, statements of facts or other information which
are relevant to the audit criteria and verifiable
“What is really
happening”

Audit Criteria
Set of policies, procedures or requirements used as
reference against which audit evidence is compared
“What should be happening”
Audit Findings
Results of the evaluation of the collected audit evidence
against audit criteria

Conformity
Refers to the fulfillment of a requirement

Nonconformity
Refers to nonfulfillment of a requirement
Opportunities for Improvement
a situation where the evidence presented indicates a
requirement has been effectively implemented, but based on
auditor experience and knowledge, additional effectiveness
or robustness might be possible with a modified approach

Audit Conclusion
Outcome of an audit after consideration of the audit objectives
and all audit findings.
Auditor
Person with the competence to conduct an audit

Auditee
Organization/person being audited

Audit Team
One or more auditors conducting an audit;
supported, if needed, by technical experts
Audit Programme
Arrangements for a set of one or more audits planned for a
specific time frame and directed towards a specific purpose.

Audit Scope
The extent and boundaries of an audit. Generally, includes a description of
the physical locations, organizational units, activities and processes, as well
as the time period covered.

Audit Plan
Detailed description of the activities and arrangement
for an audit.
Contents of the ISO 9001 Standards

1 Scope
2 Normative Reference
3 Terms and
Definitions
Contents of ISO 9001:2015
 Contents of ISO 9001:2015

Section 9 – Performance Evaluation

9.2 Internal Audit
9.2.1 The organization shall conduct internal audits at planned intervals
to provide information on whether the quality management system:
a) conforms to:
1) organization’s own requirements for its quality management
system;
2) the requirements of this International Standard;

b) is effectively implemented and maintained

NOTE:
See ISO 19011 for guidance
Principles of Auditing
 Principles of Auditing
⮚ Integrity
⮚ Fair presentation Pertains
⮚ Due professional care to auditor

⮚ Confidentiality Pertains
⮚ Independence to audits
⮚ Evidence based
approach
 Integrity
• Meets legal requirements and
Code of Moral Values
• Truthfulness, sincerity, honesty,
uprightness, diligence
• Courtesy, business-like
behaviour
• Completeness, unimpaired by
coercion, threat, intimidation
 Fair Presentation
• The obligation to report
truthfully and accurately
• Objective, unbiased, non-
opinionated, non-generalized
• Audit obstacles are noted
 Due Professional Care
• The application of judgment
and diligence in auditing
• Makes reasoned judgments in
all audit situations
• Takes due care in their auditing
task
 Confidentiality
• Security of information
• Discretion in use and
protection of information
• Information not used for
personal gain
 Independence
• The basis for the impartiality of the audit
and objectivity of the audit conclusion
• Independent of activity being audited
• Free from bias and conflict of interest
• Free from operating managers of
function audited
Note:
May be difficult for small organizations, but remove bias and
encourage objectivity.
 Evidence-Based Approach
• The rational method for
reaching reliable and
reproducible audit conclusions
in a systematic audit process
• Verifiable evidence
• Appropriate use of sampling
techniques
Training Course on ISO 19011:2018 Guidelines on
Auditing Management System End of Module 1:
Introduction to Audit
COURSE CONTENTS

Introduction to Audit

The Auditor

The Audit Process

Exercise 1
Profiling the Internal Quality Auditor

Instructions:
• Answer the following questions:
Group 1: What should an auditor know?
Group 2: What should an auditor believe in?
Group 3: What can an auditor do?
Group 4: What should an auditor have?
• Share your answers to the class.

Duration: 10 minutes
Auditor’s Roles and Responsibilities
a) Conform with the applicable audit
requirements
b) Communicate and clarify audit requirements
c) Plan and carry-out the assigned task
objectively, effectively, and efficiently within
scope of the audit
d) Collect and analyze relevant and sufficient
audit evidence to determine audit findings
and arrive at conclusions
Auditor’s Roles and Responsibilities
e) Document audit findings

f) Prepare documents and records as

directed by the Team Leader

g) Safeguard documents and records

pertaining to the audit and return such
documents and records as required.
 Auditor Competence

Quality Generic Environmental/

Specific knowledge knowledge Food Safety
and skills and skills
Specific knowledge
and skills

Work Auditor Audit

Education Experience Training Experience

Personal Attributes
Concept of Competence Reference:
ISO 19011:2018
 Auditor Competence

Quality Generic Environmental/

Specific knowledge knowledge Food Safety
and skills and skills
Specific knowledge
and skills

Work Auditor Audit

Education Experience Training Experience

Personal Attributes
Concept of Competence Reference:
ISO 19011:2018
 Personal Attributes
Ethical Decisive
Open-minded Self-reliant
Diplomatic Acting with fortitude
Observant Tenacious
Perceptive Culturally sensitive
Versatile Collaborative
Exercise 2
Personal Attributes

Instructions:
• From the list of auditors’ personal attributes, choose
one (1) attribute that serve as your strength and
one (1) attribute that serve as your weakness.

• Share your answer to your group and answer the

question: How can you work together as an audit
team?

Duration: 15 minutes
 Selecting the Audit Team

An audit team should be selected, taking into

account the competence needed to achieve the
objectives of the individual audit within the defined
scope.
 Considerations in Selecting
the Audit Team
1. Competency of the audit team
2. Complexity and type of the audit
3. Audit Methods
4. Legal, contractual, and other
organizational commitments
 Considerations in Selecting
the Audit Team
5. Audit team dynamics and
independence
6. Auditees’ language and culture

Note:
Auditors-in-training may be included in the audit
team, but should participate under the direction
and guidance of an auditor.
 Sample Auditor Competency Requirements

1. Knowledge of management systems requirements (standard)

2. Knowledge of established Agency’s management system
3. Knowledge of basic (discipline) management principles and
application
4. Knowledge of auditing process, principles, methods
5. Skills in auditing process (planning, conducting audit, writing
finding reports, etc.)
6. Skills in root cause analysis and verification
7. Skills in Correction and Corrective Action
8. Skills in handling difficult situations
 Auditor Evaluation
Auditor’s competence should be evaluated
through a process that considers personal
behaviour and the ability to apply the knowledge
and skills gained through education, work
experience, auditor training and audit experience.
 Auditor Evaluation
✔ Auditor evaluation should be planned,
documented, and implemented
✔ Evaluation should include the following:
a) Determining competence
requirements
b) Establishing evaluation criteria
c) Selecting the appropriate evaluate
method
d) Conduct the evaluation
 Auditor Evaluation

Possible Evaluation Methods

 Maintenance and Improvement of
Auditor Competence
• Continual professional development
• Secure additional work experience, training, private
study, coaching, seminars, conferences, knowledge
sharing sessions
• Account for the changes in the individual and
organizational needs, audit practice, standards, and
other relevant requirements
Workshop 1
Establishing the Audit Team

Instructions:
Material: Worksheet 1

• Form 4 groups. Assign a team leader.

• Assign audit team assignments.

Note: You cannot audit your own process.

Duration: 30 minutes
Training Course on ISO 19011:2018 Guidelines for
Auditing Management System
End of Day 1