Please also visit following blogs:
- 'EMS Awareness' Blog

Academic comments are invited.

Encouragement Support - National Centre for Quality Management. Please become a member of NCQM.

Keshav Ram Singhal

Various information, quotes, data, figures used in this blog are the result of collection from various sources, such as newspapers, books, magazines, websites, authors, speakers etc. Unfortunately, sources are not always noted. The editor of this blog thanks all such sources.

People from more than 145 countries/economies have visited this blog: Afghanistan, Albania, Algeria, Angola, Argentina, Aruba, Australia, Austria, Azerbaijan, Bahrain, Bangladesh, Belarus, Belgium, Belize, Benin, Bhutan, Bosnia and Herzegovina, Botswana, Brazil, Brunei, Bulgaria, Burundi, Cameroon, Cambodia, Canada, Chile, China, Colombia, Costa Rica, Croatia, Cyprus, Czech Republic, Denmark, Dominican Republic, Ecuador, Egypt, El Salvador, Estonia, Ethiopia, European Union, Fiji, Finland, France, Georgia, Germany, Ghana, Gibraltar, Greece, Guatemala, Guyana, Haiti, Honduras, Hong Kong S. A. R. (China), Hungary, Iceland, India, Indonesia, Iraq, Ireland, Israel, Italy, Ivory Coast, Jamaica, Japan, Jersey, Jordan, Kazakhstan, Kenya, Kuwait, Laos, Latvia, Lebanon, Lesotho, Libya, Lithuania, Luxembourg, Macao S. A. R. (China), Macedonia, Malawi, Malaysia, Maldives, Malta, Manila, Mauritius, Mexico, Moldova, Mongolia, Montenegro, Morocco, Mozambique, Myanmar, Namibia, Nepal, Netherlands, New Zealand, Nigeria, Niue, Norway, Oman, Pakistan, Palestinian Territory, Panama, Papua New Guinea, Peru, Philippines, Poland, Portugal, Puerto Rico, Qatar, Rwanda, Romania, Russia, Saint Lucia, Samoa, Saudi Arabia, Saint Kitts and Navis, Serbia, Seychelles, Singapore, Slovakia, Slovenia, Somalia, South Africa, South Korea, Spain, Sri Lanka, Sudan, Swaziland, Sweden, Switzerland, Syria, Taiwan, Tanzania, Thailand, Trinidad and Tobago, Tunisia, Turkey, Turks and Caicos Islands, UAE, Uganda, UK, Ukraine, USA, Uzbekistan, Venezuela, Vietnam, Zambia, Zimbabwe etc. Total visitors number crossed 100,000 on 14. 02. 2013. Total visitors number crossed 145,000 on 30. 09. 2013. Total visitors > 200,000 (from 01.08.2014)

Tuesday, April 9, 2013

Types of audit

I received an email from a QAQC Manager interalia stating, “I want to know what is surveillance audit, periodic audit and any other audit type you know.” Although I replied the email giving some clarification, however I think it would be better if I write a write-up on the subject matter.

First, we should understand what an audit is. International Standard ISO 9000:2005 defines an audit as “systematic, independent and documented process (set of interrelated or interacting activities which transform inputs into outputs) for obtaining audit evidence (records, statements of fact or other information which are relevant to the audit criteria and verifiable) and evaluating it objectively to determine the extent to which audit criteria (set of policies, procedures or requirements relating to audit) are fulfilled.”

Accordingly, an audit is a systematic, independent and systematic process. The purpose of an audit is to obtain audit evidence and evaluating it objectively against the audit criteria.

Audit types

An audit can be categorized as one of the three audit types, which are as under:
- First party audit
- Second party audit
- Third party audit

First party audit is conducted by the organization itself (or conducted on behalf of the organization) for internal verification, review and other purpose. First party audit is also known as ‘internal audit’ and it is an internal management tool, by which an organization check the health of its management system. Organizations implementing management systems (such as ISO 9001:2008 QMS, ISO 14001:2004 EMS) are required to conduct internal audit at planned intervals.

Second party audit is conducted on a supplier or an organization (excepting a customer) by or on behalf of a party (such as a customer) having an interest in the organization. Second party audit is also known as supplier audit and it is a vendor assessment tool.

Third party audit is conducted for certification purpose and this type of audit is also known as certification audit. This type of audit is conducted by an external, independent audit organization (generally known as certification body or certification body). An organization that seeks certification to a management system is required to undergo certification audit. Certification body carries out three kinds of audit for certification purpose – (i) Adequacy audit – An audit of documentation, (ii) Onsite certification audit – Onsite verification of the management system, and (iii) Surveillance audit – Surveillance audit is a periodic audit (conducted from time to time) to ensure that organization still meets the requirements of the management system standard. Periodic audit is an audit for an intermediate period (e.g., one year) or an audit carried out at specified intervals – usually every one year.

Audit in ISO 9001:2008 QMS

ISO 9001:2008 QMS Standard, Clause 8.2.2, requires organization to conduct internal audit at planned intervals. Accordingly, conducting internal audit at planned intervals is must for an organization implementing ISO 9001:2008 QMS Standard. The Standard does not mention any requirement with regard to second party (supplier) audit or third party (certification) audit. Certification is not a requirement of the Standard. An organization may implement ISO 9001:2008 QMS Standard without obtaining its certification.

With best wishes,

Keshav Ram Singhal

No comments: