QHSE ABERDEEN often gets asked by clients and organisations enquiring about ISO Certification, what it all entails. The Certification Body Audit is always a common question, so this is a summarised rundown of what it may involve.
An overview of Stage 1 and Stage 2 audits conducted by a UKAS (United Kingdom Accreditation Service) Certification Body:
Stage 1 Audit: (Objective – Determine the organisation’s readiness for the Stage 2 Audit)
- Introduction and Documentation Review:
- The Stage 1 audit typically begins with an introduction to the auditee's organisation and key personnel.
- The auditor reviews the documented management system, including policies, procedures, and manuals.
Site Assessment:
- The auditor conducts a site visit to understand the organisation's operations, processes, and context.
- The purpose is to identify any potential gaps between the existing management system and the requirements of the specific relevant standard(s) (e.g., ISO 9001, ISO 14001, ISO 45001).
Risk Assessment:
- Risk assessment and identification of significant aspects and impacts are crucial during this stage.
- The auditor assesses how well the organisation has identified and addressed risks and opportunities related to quality, health, safety, and environmental aspects (in relation to the requirements of the specific relevant standard(s).
Management System Understanding:
- The auditor evaluates the organisation's understanding of its management system, ensuring that key elements are in place and functioning effectively.
Preparation for Stage 2:
- The Stage 1 audit concludes with a report outlining findings, readiness for the Stage 2 audit and any Areas of Concern (that could be classified as a nonconformance during the stage 2 audit).
- The auditee is provided with guidance to address identified gaps before the Stage 2 audit.
Stage 2 Audit: (Objective - Evaluate the implementation and effectiveness of the organisation’s management system)
- Detailed Evaluation:
- The Stage 2 audit involves a more in-depth examination of the management system's implementation.
- The auditor evaluates the effectiveness of the system in meeting the specified standards.
Process Verification:
- Verification of key processes is conducted to ensure they conform to the documented management system.
- This may involve interviews, observations, and document reviews to validate the system's effectiveness.
Compliance Assessment:
- The auditor assesses whether the organisation's practices align with the requirements of the chosen standards.
- Any non-conformities are identified, and evidence of corrective actions taken in response to Stage 1 findings is reviewed.
Effectiveness of Controls:
- The auditor evaluates the effectiveness of the controls in place for quality, health, safety, and environmental aspects (as appropriate to the specific reference standards).
- Monitoring, measurement, analysis, and evaluation processes are scrutinized.
Closing Meeting and Reporting:
- The Stage 2 audit concludes with a closing meeting, where the auditor provides a summary of findings and whether or not, the auditor will be recommending certification.
- A detailed audit report is subsequently submitted, outlining any non-conformities and/or Opportunities For Improvement.
Certification Decision:
- The certification body, based on the Stage 2 audit findings, decides whether to grant certification or not.
Throughout both stages, effective communication and collaboration between the auditor and the auditee are crucial to ensure a comprehensive understanding of the organisation's management system and a successful certification process.
For any organisations requiring assistance with ISO Management Systems, whether it be Implementation or just assistance with the Certification Body Audits, then QHSE ABERDEEN are on hand with a team of Lead Auditors to help each step of the way.