ISO 19011:2018 is in its 3rd version and replaces the 2012 version.
Conducting internal audits is part of the routine for companies seeking to determine whether their Management Systems (MS) complies with the established requirements and standards.
This step, the internal audit, is a very important process for companies to verify that the progress of actions to address nonconformities is in accordance with the implemented standard.
In this way, ISO has created a standard that assists, provides, and manages guidelines for organizations that are going to conduct first, second, or third party audits of management systems. This is the ISO 19011 standard.
It is important to understand that this standard not only defines how an audit is conducted, but rather is a way to provide guidance on auditing principles.
With this new ISO 19011 version, it presents a broader and more generic approach making it adaptable for various auditing contexts.
In this article, we will learn more about the characteristics and some of the main changes of this new version of the standard.
What is the objective of ISO 19011:2018?
ISO 19011 is a standard that governs auditing practice and is the normative reference for the application of audits. It is a way to provide management guidance for the audit program and on the competence and evaluation of an auditor and the audit team.
ISO 19011:2018 stands out because it offers an approach that manages to be broad enough to be used as a guide and reference tool for the work of experienced auditors.
This standard manages to be aligned with the concepts of several others, thus facilitating the internal audit process and making everything more effective.
ISO 19011 governs the practice of internal auditing
As mentioned earlier, this standard does not seek to define “how” an audit is conducted. It is like a tool for prevention and improvement. It includes management principles that consider the key responsibilities, objectives, and competencies that auditors and organizations should hold dear.
ISO 19001 is considered to be broad and general as it caters for all types of companies, regardless of the area of operation or size of the organization. It is an adaptable and flexible standard because it offers guidance for audits of various scopes.
It is not only a certification standard, but a guide for auditors and companies to use and apply its concepts in the audit environment. It provides guidance for managing an audit program that involves basing principles, planning, conducting, and evaluating competence.
Main changes in ISO 19011:2018
Replacing the 2012 version, this new 2018 version provides for audit plans to be addressed as an output of the planning process and includes attention on remote audits and other important aspects. The following changes have also been made:
- Includes a risk-based approach to audit principles to reflect greater focus on risks in both management and market standards;
- Expands the generic competency, guidance and planning requirements for managing an audit program.
In this new version, an appendix that includes illustrative examples of auditor knowledge and skills has also been removed.
Denise Robitaille, responsible for revising the standard and chair of the ISO project committee, comments that these updates are to ensure that the standard continues to provide effective guidance that addresses changes in the market, evolving technologies, and many new management system standards recently published.
Why apply ISO 19011 in audits?
Auditing processes are very important in companies, and having a standard that helps in these moments can greatly improve the routine and facilitate the whole process. Besides making the process much more professional.
Through this standard, auditors and companies are able to have a more complete approach to their processes, especially in organizations that have several integrated management systems.
It is the way to keep in compliance at audit times, ensuring that procedures, services, and products are within the laws and requirements.