Auditing management systems

ISO 19011 Internal audit

ISO 19011 Internal audit is a generic guide for auditing management systems. The standard provides guidance on how to structure, implement and report an audit programme.

Buy the standard

Organizations that have implemented a management system for e.g. quality, environment or information security must carry out internal audits. What is an internal audit? It is an examination of the organization's own management system carried out by employees from the same organization to determine if processes and procedures are complied with. 

Why apply ISO 19011?

ISO 19011 provides guidance on the practical issues of audits and a checklist to be used by auditors. It covers everything from determining, preparing and carrying out the audit programme and drawing up the audit report. ISO 19011 is an internationally recognized management standard which ensures that organizations conducting audits have the same approach and apply the same methodologies. The standard is therefore also highly relevant for Danish companies that want to work systematically with management standards and be able to document their work.

Focus on auditor competence

The standard also describes the personal competencies and behaviour that an auditor should have. It is important that employees who have been appointed to carry out audits are ethical, open-minded, observant and decisive, among other qualities. At the same time, auditors must understand the organization's value chain and business processes, be skilled communicators, be able to understand and weigh the opinions of technical experts and verify the relevance of collected information. In addition, auditors must be familiar with applicable statutory and regulatory requirements and have thorough knowledge of the standard(s) to be used in the audit.

Benefits of working with ISO 19011 Internal audit

  • An effective tool for conducting audits.
  • Ensures proper conduct of audits.
  • Indicates methodology.
  • Emphasises the personal competences of auditors.
  • Can be used for auditing all management standards.

Susan Redder Bruun
Susan Redder Bruun Chefkonsulent | Chief Consultant
Public Affairs, Fondssekretariat & Compliance
T: 39 96 62 15

FAQ about ISO 19011 Internal audit

What is an internal audit?

Internal audits are mandatory when applying management standards and must be conducted to ensure that processes are managed in the most appropriate way. The organization scrutinizes itself and can thereby continually improve, adjust and optimize its performance.

Why are internal audits important?

It is important to ensure that the system we apply is adequate, suitable and applicable for everyone who use it.

What are the requirements for an internal audit?

Internal audits must take place at regular intervals to ensure that the system complies with the organization's specific requirements and the requirements of the standard, if the organization is certified. At the same time it is ensured that the system is effectively implemented and maintained.

How do you become an internal auditor?

There are different ways to become an internal auditor. Most people become internal auditors by receiving training from an experienced auditor or by taking a course.