ISO 19011: Post-audit activities

This is the fourth instalment and final instalment in the ISO 19011 audit series which looks at activities required to successfully prepare for an integrated management audit. In this post we will look at post-audit activities and elaborate on the graph below:

post

ISO 19011 Post audit activities

Once audit findings and a report have been finalised, it is then time to turn your attention to the post-audit activities.

The audit report should potentially include the following:

  • Objectives
  • What was audited, including the organization/area and scope
  • Details of the audit client
  • Audit team details
  • Dates and locations of the audit investigation
  • Audit criteria
  • Audit findings (which may be summarized in the body of the report if they are reported separately elsewhere)
  • Conclusions
  • Audit plan
  • People contacted within the auditee organization
  • Audit process
  • Problems encountered that may have an impact on the reliability of the results
  • Achievement of the audit objectives
  • Areas within the scope but not covered
  • Improvement recommendations
  • Follow-up plans and arrangements
  • A confidentiality statement
  • Distribution list for the audit report

The auditor’s report will outline the follow up actions required to resolve any issues with the integrated management system and the auditor should ensure that remedial action is taken. The report can vary depending on the audit objectives, but will indicate the need for corrections or for corrective, preventive or improvement actions. These actions are usually decided and undertaken by the auditee within an agreed timeframe. Also, the auditee should keep the person managing the audit programme and the audit team informed of the status of the actions.

Possible Corrective/Preventive or Improvement Actions

For each non-compliance, there should be:

  • A description of the non-compliance or observation
  • Assigned risk rating of the non-compliance
  • Timeframe for completion of actions for each non-compliance identified

ISO 19011:2011 also allows for the evaluation of individuals involved in the auditing process:

  • Auditors should have the necessary skills and knowledge to conduct the audits in a satisfactory manner and achieve expected results. They should be knowledgeable on audit principles, procedures and methods
  • Auditors should be able to comprehend the audit scope and apply audit criteria
  • The auditor should be able aware of and be able to work within an organisations legal and contractual requirements
  • Auditors should have achieved competency through formal education, training programmes, relevant technical experience and audit experience

   

Links to previous blogs in the series are available here:

Preparing for an Integrated Management Systems Audit: ISO 19011:2011

Pre-audit activities using ISO 19011:2011

Audit activities using ISO 19011:2011

Sources:

ISO 19011:2011 Full Standard: http://www.cnis.gov.cn/wzgg/201202/P020120229378899282521.pdf

ISO 19011:2011 Overview: http://www.iso.org/iso/catalogue_detail?csnumber=50675

Follow up: http://www.lbma.org.uk/assets/ISAE%20Corrective%20Action%20Plan.pdf

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: