IS ISO 19011 2011 Guidelines for Auditing Management

Is Iso 19011 2011 Guidelines For Auditing Management-PDF Download

  • Date:03 Aug 2020
  • Views:14
  • Downloads:0
  • Pages:51
  • Size:1.19 MB

Share Pdf : Is Iso 19011 2011 Guidelines For Auditing Management

Download and Preview : Is Iso 19011 2011 Guidelines For Auditing Management


Report CopyRight/DMCA Form For : Is Iso 19011 2011 Guidelines For Auditing Management


Transcription:

IS ISO 19011 2011,Hkkjrh ekud,laijh k k ca k i fr ksa dh ekxZn kdk. igyk iqujh k k,Indian Standard,GUIDELINES FOR AUDITING MANAGEMENT. First Revision,ICS 03 120 10,BUREAU OF INDIAN STANDARDS. MANAK BHAVAN 9 BAHADUR SHAH ZAFAR MARG,NEW DELHI 110002. June 2012 Price Group 13,Quality Management Sectional Committee MSD 2.
NATIONAL FOREWORD, This Indian Standard First Revision which is identical with ISO 19011 2011 Guidelines for auditing. management systems issued by the International Organization for Standardization ISO was adopted. by the Bureau of Indian Standards on the recommendation of the Quality Management Sectional. Committee and approval of the Management and Systems Division Council. This standard was first published in 2002 which was identical with ISO 19011 2002 Since its. publication a number of new management system standards have been published As a result a. need was felt to consider a broader scope of this standard Accordingly ISO has recently published. ISO 19011 2011 The first revision of this standard is necessitated because of the publication of the. latest version of ISO 19011 2011, In 2006 the ISO committee for conformity assessment CASCO developed ISO IEC 17021 Conformity. assessment Requirements for bodies providing audit and certification of management systems. which sets out requirements for third party certification of management systems and which was. based in part on the guidelines contained IS ISO 19011 2002. The second edition of ISO IEC 17021 published in 2011 was extended to transform the guidance. offered in ISO 19011 into requirements for management system certification audits It is in this. context that the first revision of this Indian Standard provides guidance for all users including small. and medium sized organizations and concentrates on what are commonly termed internal audits. first party and audits conducted by customers on their suppliers second party While those. involved in management system certification audits follow the requirements of ISO IEC 17021. 2011 they might also find the guidance in this Indian Standard useful. During this revision following modifications have been made. the scope has been broadened from the auditing of quality and environmental management. systems to the auditing of any management systems, remote audit methods and the concept of risk have been introduced. confidentiality has been added as a new principle,clauses 5 6 and 7 have been reorganized. additional information has been included in a new Annex B resulting in the removal of help. the competence determination and evaluation process has been strengthened. illustrative examples of discipline specific knowledge and skills have been included in a new. The title of the standard during this revision has also been modified to reflect the broader scope of. this standard, The text of ISO Standard has been approved as suitable for publication as an Indian Standard without.
deviations Certain conventions are however not identical to those used in Indian Standards Attention. is particularly drawn to the following, Wherever the words International Standard appear referring to this standard they should be. read as Indian Standard,IS ISO 19011 2011,Indian Standard. GUIDELINES FOR AUDITING MANAGEMENT,First Revision, This International Standard provides guidance on auditing management systems including the principles of. auditing managing an audit programme and conducting management system audits as well as guidance on. the evaluation of competence of individuals involved in the audit process including the person managing the. audit programme auditors and audit teams, It is applicable to all organizations that need to conduct internal or external audits of management systems or. manage an audit programme, The application of this International Standard to other types of audits is possible provided that special.
consideration is given to the specific competence needed. 2 Normative references, No normative references are cited This clause is included in order to retain clause numbering identical with. other ISO management system standards,3 Terms and definitions. For the purposes of this document the following terms and definitions apply. systematic independent and documented process for obtaining audit evidence 3 3 and evaluating it. objectively to determine the extent to which the audit criteria 3 2 are fulfilled. NOTE 1 Internal audits sometimes called first party audits are conducted by the organization itself or on its behalf for. management review and other internal purposes e g to confirm the effectiveness of the management system or to obtain. information for the improvement of the management system Internal audits can form the basis for an organization s self. declaration of conformity In many cases particularly in small organizations independence can be demonstrated by the. freedom from responsibility for the activity being audited or freedom from bias and conflict of interest. NOTE 2 External audits include second and third party audits Second party audits are conducted by parties having an. interest in the organization such as customers or by other persons on their behalf Third party audits are conducted by. independent auditing organizations such as regulators or those providing certification. NOTE 3 When two or more management systems of different disciplines e g quality environmental occupational. health and safety are audited together this is termed a combined audit. NOTE 4 When two or more auditing organizations cooperate to audit a single auditee 3 7 this is termed a joint audit. NOTE 5 Adapted from ISO 9000 2005 definition 3 9 1. audit criteria, set of policies procedures or requirements used as a reference against which audit evidence 3 3 is compared. NOTE 1 Adapted from ISO 9000 2005 definition 3 9 3. NOTE 2 If the audit criteria are legal including statutory or regulatory requirements the terms compliant or non. compliant are often used in an audit finding 3 4,IS ISO 19011 2011. audit evidence, records statements of fact or other information which are relevant to the audit criteria 3 2 and verifiable.
NOTE Audit evidence can be qualitative or quantitative. ISO 9000 2005 definition 3 9 4,audit findings, results of the evaluation of the collected audit evidence 3 3 against audit criteria 3 2. NOTE 1 Audit findings indicate conformity or nonconformity. NOTE 2 Audit findings can lead to the identification of opportunities for improvement or recording good practices. NOTE 3 If the audit criteria are selected from legal or other requirements the audit finding is termed compliance or. non compliance, NOTE 4 Adapted from ISO 9000 2005 definition 3 9 5. audit conclusion, outcome of an audit 3 1 after consideration of the audit objectives and all audit findings 3 4. NOTE Adapted from ISO 9000 2005 definition 3 9 6,audit client. organization or person requesting an audit 3 1, NOTE 1 In the case of internal audit the audit client can also be the auditee 3 7 or the person managing the audit.
programme Requests for external audit can come from sources such as regulators contracting parties or potential clients. NOTE 2 Adapted from ISO 9000 2005 definition 3 9 7. organization being audited,ISO 9000 2005 definition 3 9 8. person who conducts an audit 3 1,audit team, one or more auditors 3 8 conducting an audit 3 1 supported if needed by technical experts 3 10. NOTE 1 One auditor of the audit team is appointed as the audit team leader. NOTE 2 The audit team may include auditors in training. ISO 9000 2005 definition 3 9 10,technical expert, person who provides specific knowledge or expertise to the audit team 3 9. NOTE 1 Specific knowledge or expertise is that which relates to the organization the process or activity to be audited. or language or culture, NOTE 2 A technical expert does not act as an auditor 3 8 in the audit team. IS ISO 19011 2011,ISO 9000 2005 definition 3 9 11, person who accompanies the audit team 3 9 but does not audit.
NOTE 1 An observer is not a part of the audit team 3 9 and does not influence or interfere with the conduct of the. NOTE 2 An observer can be from the auditee 3 7 a regulator or other interested party who witnesses the audit 3 1. person appointed by the auditee 3 7 to assist the audit team 3 9. audit programme, arrangements for a set of one or more audits 3 1 planned for a specific time frame and directed towards a. specific purpose,NOTE Adapted from ISO 9000 2005 definition 3 9 2. audit scope,extent and boundaries of an audit 3 1, NOTE The audit scope generally includes a description of the physical locations organizational units activities and. processes as well as the time period covered,ISO 9000 2005 definition 3 9 13. audit plan, description of the activities and arrangements for an audit 3 1.
ISO 9000 2005 definition 3 9 12,effect of uncertainty on objectives. NOTE Adapted from ISO Guide 73 2009 definition 1 1. competence, ability to apply knowledge and skills to achieve intended results. NOTE Ability implies the appropriate application of personal behaviour during the audit process. conformity,fulfilment of a requirement,ISO 9000 2005 definition 3 6 1. nonconformity,non fulfilment of a requirement,ISO 9000 2005 definition 3 6 2. IS ISO 19011 2011,management system, system to establish policy and objectives and to achieve those objectives.
NOTE A management system of an organization can include different management systems such as a quality. management system a financial management system or an environmental management system. ISO 9000 2005 definition 3 2 2,4 Principles of auditing. Auditing is characterized by reliance on a number of principles These principles should help to make the audit. an effective and reliable tool in support of management policies and controls by providing information on which. an organization can act in order to improve its performance Adherence to these principles is a prerequisite for. providing audit conclusions that are relevant and sufficient and for enabling auditors working independently. from one another to reach similar conclusions in similar circumstances. The guidance given in Clauses 5 to 7 is based on the six principles outlined below. a Integrity the foundation of professionalism, Auditors and the person managing an audit programme should. perform their work with honesty diligence and responsibility. observe and comply with any applicable legal requirements. demonstrate their competence while performing their work. perform their work in an impartial manner i e remain fair and unbiased in all their dealings. be sensitive to any influences that may be exerted on their judgement while carrying out an audit. b Fair presentation the obligation to report truthfully and accurately. Audit findings audit conclusions and audit reports should reflect truthfully and accurately the audit. activities Significant obstacles encountered during the audit and unresolved diverging opinions between. the audit team and the auditee should be reported The communication should be truthful accurate. objective timely clear and complete, c Due professional care the application of diligence and judgement in auditing. Auditors should exercise due care in accordance with the importance of the task they perform and the. confidence placed in them by the audit client and other interested parties An important factor in carrying. out their work with due professional care is having the ability to make reasoned judgements in all audit. situations,d Confidentiality security of information. Auditors should exercise discretion in the use and protection of information acquired in the course of. their duties Audit information should not be used inappropriately for personal gain by the auditor or the. audit client or in a manner detrimental to the legitimate interests of the auditee This concept includes the. proper handling of sensitive or confidential information. e Independence the basis for the impartiality of the audit and objectivity of the audit conclusions. Auditors should be independent of the activity being audited wherever practicable and should in all. cases act in a manner that is free from bias and conflict of interest For internal audits auditors should. be independent from the operating managers of the function being audited Auditors should maintain. IS ISO 19011 2011, objectivity throughout the audit process to ensure that the audit findings and conclusions are based only.
on the audit evidence, For small organizations it may not be possible for internal auditors to be fully independent of the activity. being audited but every effort should be made to remove bias and encourage objectivity. f Evidence based approach the rational method for reaching reliable and reproducible audit conclusions. in a systematic audit process, Audit evidence should be verifiable It will in general be based on samples of the information available. since an audit is conducted during a finite period of time and with finite resources An appropriate use of. sampling should be applied since this is closely related to the confidence that can be placed in the audit. conclusions,5 Managing an audit programme,5 1 General. An organization needing to conduct audits should establish an audit programme that contributes to the. determination of the effectiveness of the auditee s management system The audit programme can include. This standard was first published in 2002 which was identical with ISO 19011 2002 Since its publication a number of new management system standards have been published As a result a need was felt to consider a broader scope of this standard Accordingly ISO has recently published ISO 19011 2011 The first revision of this standard is

Related Books