Organizations that have implemented a management system for e.g. quality, environment or information security must carry out internal audits. What is an internal audit? It is an examination of the organization's own management system carried out by employees from the same organization to determine if processes and procedures are complied with.
ISO 19011 provides guidance on the practical issues of audits and a checklist to be used by auditors. It covers everything from determining, preparing and carrying out the audit programme and drawing up the audit report. ISO 19011 is an internationally recognized management standard which ensures that organizations conducting audits have the same approach and apply the same methodologies. The standard is therefore also highly relevant for Danish companies that want to work systematically with management standards and be able to document their work.
The standard also describes the personal competencies and behaviour that an auditor should have. It is important that employees who have been appointed to carry out audits are ethical, open-minded, observant and decisive, among other qualities. At the same time, auditors must understand the organization's value chain and business processes, be skilled communicators, be able to understand and weigh the opinions of technical experts and verify the relevance of collected information. In addition, auditors must be familiar with applicable statutory and regulatory requirements and have thorough knowledge of the standard(s) to be used in the audit.