Since the first edition of ISO 19011 was published back in 2002, many new management system standards have been published. This makes the need for a standardized framework for performing management system audits greater than ever before.
ISO 19011 is that framework. The standard outlines a set of guidelines for performing audits on management systems, from management and planning, to the audit process, and carrying out evaluation of auditor competence.
This broader approach to management system audits is designed to streamline the process by recognizing the common structure that many ISO management systems share.
Management system audits can be conducted against a range of audit criteria, including (but not limited to):
- Requirements set of in existing ISO standards
- Policies and requirements defined by customers and stakeholders
- Government policy and similar regulatory requirements
- Documentation of internal management processes (defined by the organization being audited)
- Documentation of internal management system plans and procedures (relating to specific process outputs)
This checklist is designed to simplify the process of planning for and carrying out an audit of a management system. The checklist can be used to adapt the audit programme for the specific requirements of the audit, regardless of the management system type, the scope, complexity, or scale of the audit.
Focus is placed on internal audits (first and second party), however, this checklist can also be useful to prepare for external audits (thought it cannot be used to attain ISO certification).
This checklist is designed as a supplement, and is not intended to replace ISO 19011.
For best results, users are encouraged to edit the checklist and modify the contents to best suit their use cases, as it cannot provide specific guidance on the particular risks and controls applicable to every situation.
Typically, management system auditors will prepare custom checklists that reflect the specific scope, scale, and objectives of the management system being audited.