ISO/IAF Auditing Practices www.irca.
org
Group Papers
Linking an audit of a particular task, activity
or process to the overall system
The auditor should not lose sight of the overall direction of the audit, and get side-tracked by superfluous details.
It is important that the auditor keep a close eye on the information provided by the auditee in the quality
manual or documentation where the auditee has defined the interaction of processes.
Interviews should also be performed in such a way that the auditors should determine the input and output of
the process being audited. Keeping in mind the auditee's process map should ensure that the auditor will be
able to determine the importance of the process he is auditing at any time, and will therefore be able to keep
sight of the overall direction of the audit. This will also help the auditor to understand the linkage between the
processes.
During an audit, the auditor has an opportunity to check the auditee's description of the interrelation of its
processes. The auditor should take some samples to see if the descriptions are a proper reflection of the actual
interrelation of the processes, as this will help determine if the process description is adequate.
Auditing ISO 9001 requires auditors to obtain a good understanding of an auditee’s quality management system (QMS)
and the nature of its business. This is why it is beneficial for an organization to be visited prior to its certification audit
and for a first stage audit to be conducted. This first stage audit is primarily for scoping and planning a certification
audit (the stage two audit) and to allow the auditor to obtain an understanding of the organization, for example, to
gain knowledge of its QMS, policies, objectives, risks, processes, locations etc. It also may be used for the auditing
body to communicate its needs and expectations to the auditee.
Activities performed at a preliminary first stage audit include:
• identification of the key risks of the business and related statutory, regulatory aspects and compliance
• an assessment of whether the auditee's defined processes are adequate to meet its objectives and customer
requirements
• conducting a documentation review
• this review should determine if the organization's QMS documentation adequately covers all the requirements
of ISO 9001. The review would normally be carried out at the auditee's premises (unless otherwise requested
and justified). As a result of this activity, a report should be provided that notes any deficient areas. As part of
the documentation review, the auditor should assess the extent and availability of supporting procedures and
process descriptions, collecting necessary information regarding the scope of the organization's management
system, processes and location(s)
• drafting the future certification documentation, including the scope statement
• planning the certification (stage two) audit, including the requirements for audit team selection
• obtaining evidence that internal audits and management reviews are being planned, or performed, effectively
• checking that the QMS is implemented and ready for the stage two audit, including appropriate level of
documentation and supporting records. If the system is lacking in any way, the auditor should note this in the
audit report, so that the organization has an opportunity to rectify deficiencies prior to its certification (second
stage) audit
• agreeing a date for the stage two audit
IRCA/250a Page 1 of 2
� ISO/IAF Auditing Practices www.irca.org
Group Papers
This article is an edited version of 'Linking an audit of a particular task, activity or process to the overall system’ from
the website of the ISO 9001 Auditing Practices Group, and is reproduced courtesy of ISO and the IAF. These papers
were developed on current best practice and therefore have not been formally endorsed as International Accreditation
Forum (IAF) guidance or ISO TC176 interpretations. For further information about the Auditing Practices Group
http://isotc.iso.org/livelink/livelink/fetch/2000/2122/138402/138403/%203541460/customview.html?func=ll&objId=3
541460&objAction=browse&sort=name.
The ISO 9001 Auditing Practices Group is an informal group of QMS experts, auditors and practitioners drawn from the
ISO Technical Committee 176 Quality Management and Quality Assurance (ISO/TC 176) and the IAF. It has developed
a number of guidance papers and presentations that contain explanations about the auditing of QMSs. These reflect
the process-based approach that is essential for auditing the requirements of ISO 9001.
JANUARY 2005
IRCA/250a Page 2 of 2
