Organizations that have implemented a management system for e.g. quality, environment or information security must carry out internal audits. What is an internal audit? It is an examination of the organization's own management system carried out by employees from the same organization to determine if processes and procedures are complied with.
ISO 19011 provides guidance on the practical issues of audits and a checklist to be used by auditors. It covers everything from determining, preparing and carrying out the audit programme and drawing up the audit report. ISO 19011 is an internationally recognized management standard which ensures that organizations conducting audits have the same approach and apply the same methodologies. The standard is therefore also highly relevant for Danish companies that want to work systematically with management standards and be able to document their work.
The standard also describes the personal competencies and behaviour that an auditor should have. It is important that employees who have been appointed to carry out audits are ethical, open-minded, observant and decisive, among other qualities. At the same time, auditors must understand the organization's value chain and business processes, be skilled communicators, be able to understand and weigh the opinions of technical experts and verify the relevance of collected information. In addition, auditors must be familiar with applicable statutory and regulatory requirements and have thorough knowledge of the standard(s) to be used in the audit.
Internal audits are mandatory when applying management standards and must be conducted to ensure that processes are managed in the most appropriate way. The organization scrutinizes itself and can thereby continually improve, adjust and optimize its performance.
It is important to ensure that the system we apply is adequate, suitable and applicable for everyone who use it.
Internal audits must take place at regular intervals to ensure that the system complies with the organization's specific requirements and the requirements of the standard, if the organization is certified. At the same time it is ensured that the system is effectively implemented and maintained.
There are different ways to become an internal auditor. Most people become internal auditors by receiving training from an experienced auditor or by taking a course.