ISO's technical committee has set up a working group to review and revise ISO 19011. What do covers think should be in the next edition of the standard?

A distinction between those requirements of an effective internal audit programme and those of an external one. There's too much blurring of the edges when clearly - when one looks at the nature of inquiries and comments here - the two are distinctly different. Internal audits and a lot of related training - especially that which is accredited by RABQSA and IRCA -places no significant difference on the processes of each style of audit and, clearly there is a need for a distinctly different approach.

I believe it's time to up the ante with audit management, specifically program planning for internal audits - a clearer guide to what's meant by 'status and importance' and also auditor qualifications: -

How many internal auditors have had exposure to lean practices, real improvement techniques, effective problem solving? I'd like to see all of these as part of their qualifications! I'm talking of auditors being as (or more) knowledgable than their management in these repects - a bit like SSBB or SSGB for example. In general terms their heads are filled with compliance only, and some bizzarro details like how to deal with bolshy bosses at the closing meeting! Fun? Oh, yeah,we all had fun. Relevant? Heck no!

On the audit management side, ISO 19011 doesn't really mention anything substantial about the management of the audit programme for internal audits, at least not if you are new to this task and especially if you've been to a training course predicated on external auditor behaviours!!

A distinction between those requirements of an effective internal audit programme and those of an external one. There's too much blurring of the edges when clearly - when one looks at the nature of inquiries and comments here - the two are distinctly different. Internal audits and a lot of related training - especially that which is accredited by RABQSA and IRCA -places no significant difference on the processes of each style of audit and, clearly there is a need for a distinctly different approach.

Definitely agree with this Andy. The current 'one size fits all' approach does not work for me.

I'm going to be a US commentor for my group so I'll be tracking this Thread guys. The distinction between internal and external auditors is already high up on the pile.

Definitely agree with this Andy. The current 'one size fits all' approach does not work for me.That was one of the main drives for the US to develop a standard that addresses auditing isssues for 1st, 2nd and 3rd party specific guidance.

What do you think about QE19011S-2004? (ISO 19011) (http://elsmar.com/Forums/showthread.php?t=23717&highlight=19011)

ANSI/ISO/ASQ QE19011S-2008: Guidelines for management systems auditing - With supplemental guidance added
This American National Standard provides guidance on the principles of auditing, managing audit programs, conducting quality management system audits and environmental management system audits as well as the competence of quality and environmental management system auditors. It is applicable to all organizations having a need to conduct internal or external quality and/or environmental management system audits or manage an audit program.
The supplemental text contained in this document provides additional guidance to users to augment the International Standard. In particular, additional guidance is provided for small organizations that may wish to consider its application to the full range of audit activities (i.e., first, second, and third-party audits) and for any users that wish to apply the standard to internal (first-party) audits and external supplier (second-party) audits.
Since the definition of small organizations may vary, the concept of a small organization in this Supplement relates not only to the size of the organization but also to the complexity of the management system, the complexity of the product and processes, the organization’s regulatory environment, and the effectiveness of communications within the organization. Therefore, the guidance given for small organizations may also apply to larger organizations with simple management systems, simple products and processes, little regulatory impact, and good communication processes among the personnel, functions and management levels.
Supplemental guidance for first-party audits, second-party audits, use by small organizations and OHSMS audits has been added to individual sections of this Supplement as applicable.

Friends,

I always liked the American version of ISO 19011.

The supplemental guidelines add more value.

Stijloor.