BSI, the business standards company, has published the revised international standard for auditing management systems, BS EN ISO 19011:2018. The document provides comprehensive guidance on all types of audits, whether internal or external. It covers everything from the management of an audit programme, to the planning and conducting of audits, and the competence of audit teams.
ISO 19011 is applicable to all organizations that need to plan and conduct internal or external audits of management systems, with guidance that can be used by large audit teams or scaled down for smaller organizations wishing to learn more about how to effectively audit their own management systems.
The main differences between the 2018 edition and the previous edition are:
Addition of the risk-based approach to the principles of auditing
Expansion of the guidance on managing an audit programme, including audit programme risk
Expansion of the guidance on conducting an audit, particularly the section on audit planning
Expansion of the generic competence requirements for auditors
Adjustment of terminology to reflect the process and not the form it takes (e.g. ‘reporting’ rather than ‘report’)
Removal of the competence requirements for auditing specific management system disciplines
Expansion of guidance on auditing new concepts such as context, leadership and commitment, virtual audits, compliance and supply chain
Anne Hayes, Head of Governance and Resilience at BSI, said: “Audits are integral to the effective use of management systems and play an important role in identifying improvements for the business. ISO 19011 provides comprehensive guidance for any organization wishing to audit professionally and effectively for the good of their business.”