QMS Certification Blog

Learn about ISO 19011:2018 – Guidelines for Management Systems Auditing

In this article, we will learn a little about the most current version of the ISO 19011:2018 standard, its purpose and main changes.

ISO 19011:2018 is in its 3rd version and replaces the 2012 version.

Conducting internal audits is part of the routine for companies seeking to determine whether their Management Systems (MS) complies with the established requirements and standards.

This step, the internal audit, is a very important process for companies to verify that the progress of actions to address nonconformities is in accordance with the implemented standard.

In this way, ISO has created a standard that assists, provides, and manages guidelines for organizations that are going to conduct first, second, or third party audits of management systems. This is the ISO 19011 standard.

It is important to understand that this standard not only defines how an audit is conducted, but rather is a way to provide guidance on auditing principles.

With this new ISO 19011 version, it presents a broader and more generic approach making it adaptable for various auditing contexts.

In this article, we will learn more about the characteristics and some of the main changes of this new version of the standard.

What is the objective of ISO 19011:2018?

ISO 19011 is a standard that governs auditing practice and is the normative reference for the application of audits. It is a way to provide management guidance for the audit program and on the competence and evaluation of an auditor and the audit team.

ISO 19011:2018 stands out because it offers an approach that manages to be broad enough to be used as a guide and reference tool for the work of experienced auditors.

This standard manages to be aligned with the concepts of several others, thus facilitating the internal audit process and making everything more effective.

ISO 19011 governs the practice of internal auditing

As mentioned earlier, this standard does not seek to define “how” an audit is conducted. It is like a tool for prevention and improvement. It includes management principles that consider the key responsibilities, objectives, and competencies that auditors and organizations should hold dear.

ISO 19001 is considered to be broad and general as it caters for all types of companies, regardless of the area of operation or size of the organization. It is an adaptable and flexible standard because it offers guidance for audits of various scopes.

It is not only a certification standard, but a guide for auditors and companies to use and apply its concepts in the audit environment. It provides guidance for managing an audit program that involves basing principles, planning, conducting, and evaluating competence.

Main changes in ISO 19011:2018

Replacing the 2012 version, this new 2018 version provides for audit plans to be addressed as an output of the planning process and includes attention on remote audits and other important aspects. The following changes have also been made:

  • Includes a risk-based approach to audit principles to reflect greater focus on risks in both management and market standards;
  • Expands the generic competency, guidance and planning requirements for managing an audit program.

In this new version, an appendix that includes illustrative examples of auditor knowledge and skills has also been removed.

Denise Robitaille, responsible for revising the standard and chair of the ISO project committee, comments that these updates are to ensure that the standard continues to provide effective guidance that addresses changes in the market, evolving technologies, and many new management system standards recently published.

Why apply ISO 19011 in audits?

Auditing processes are very important in companies, and having a standard that helps in these moments can greatly improve the routine and facilitate the whole process. Besides making the process much more professional.

Through this standard, auditors and companies are able to have a more complete approach to their processes, especially in organizations that have several integrated management systems.

It is the way to keep in compliance at audit times, ensuring that procedures, services, and products are within the laws and requirements.

QMS Certification

QMS Certification

QMS is an accredited third party certification body, it is currently present in 33 countries and focuses on the certification of management systems. QMS America is managed by the US office and has consistently grown in market recognition by technical level, customer satisfaction and competitive pricing.

Join the newsletter!

Subscribe to get latest content by email.

Non-Conformity Management Root Cause Analysis

Non-Conformity Management: Root Cause Analysis

In the world of quality management, one of the most crucial aspects is the effective management of non-conformities. Root cause analysis is an indispensable procedure in this context, providing a path to prevent their recurrence. Learn more!

Greenwashing and Social Washing Understand What They Are and Their Relationship

Greenwashing and Social Washing

The terms “Greenwashing” and “Social Washing” are interconnected, as both involve deceptive practices adopted by companies aiming to give the impression that they are committed to environmental and social sustainability when, in reality, their actions are not as beneficial as they appear.

Whistleblowing in Compliance Programs

Whistleblowing in Compliance Programs

The so-called “Whistleblowers” are aimed at promoting transparency, and their disclosures often have significant implications for the organization, helping to expose unethical, illegal, or harmful practices.

Scroll to Top