New ISO 19011 - What do Covers think should be in the next edition?

Paul Simpson

Trusted Information Resource
ISO's technical committee has set up a working group to review and revise ISO 19011. What do covers think should be in the next edition of the standard?
 

AndyN

Moved On
A distinction between those requirements of an effective internal audit programme and those of an external one. There's too much blurring of the edges when clearly - when one looks at the nature of inquiries and comments here - the two are distinctly different. Internal audits and a lot of related training - especially that which is accredited by RABQSA and IRCA -places no significant difference on the processes of each style of audit and, clearly there is a need for a distinctly different approach.

I believe it's time to up the ante with audit management, specifically program planning for internal audits - a clearer guide to what's meant by 'status and importance' and also auditor qualifications: -

How many internal auditors have had exposure to lean practices, real improvement techniques, effective problem solving? I'd like to see all of these as part of their qualifications! I'm talking of auditors being as (or more) knowledgable than their management in these repects - a bit like SSBB or SSGB for example. In general terms their heads are filled with compliance only, and some bizzarro details like how to deal with bolshy bosses at the closing meeting! Fun? Oh, yeah,we all had fun. Relevant? Heck no!

On the audit management side, ISO 19011 doesn't really mention anything substantial about the management of the audit programme for internal audits, at least not if you are new to this task and especially if you've been to a training course predicated on external auditor behaviours!!
 

Colin

Quite Involved in Discussions
A distinction between those requirements of an effective internal audit programme and those of an external one. There's too much blurring of the edges when clearly - when one looks at the nature of inquiries and comments here - the two are distinctly different. Internal audits and a lot of related training - especially that which is accredited by RABQSA and IRCA -places no significant difference on the processes of each style of audit and, clearly there is a need for a distinctly different approach.

Definitely agree with this Andy. The current 'one size fits all' approach does not work for me.
 

Randy

Super Moderator
I'm going to be a US commentor for my group so I'll be tracking this Thread guys. The distinction between internal and external auditors is already high up on the pile.
 

Sidney Vianna

Post Responsibly
Leader
Admin
Definitely agree with this Andy. The current 'one size fits all' approach does not work for me.
That was one of the main drives for the US to develop a standard that addresses auditing isssues for 1st, 2nd and 3rd party specific guidance.

What do you think about QE19011S-2004? (ISO 19011)

ANSI/ISO/ASQ QE19011S-2008: Guidelines for management systems auditing - With supplemental guidance added
This American National Standard provides guidance on the principles of auditing, managing audit programs, conducting quality management system audits and environmental management system audits as well as the competence of quality and environmental management system auditors. It is applicable to all organizations having a need to conduct internal or external quality and/or environmental management system audits or manage an audit program.
The supplemental text contained in this document provides additional guidance to users to augment the International Standard. In particular, additional guidance is provided for small organizations that may wish to consider its application to the full range of audit activities (i.e., first, second, and third-party audits) and for any users that wish to apply the standard to internal (first-party) audits and external supplier (second-party) audits.
Since the definition of small organizations may vary, the concept of a small organization in this Supplement relates not only to the size of the organization but also to the complexity of the management system, the complexity of the product and processes, the organization’s regulatory environment, and the effectiveness of communications within the organization. Therefore, the guidance given for small organizations may also apply to larger organizations with simple management systems, simple products and processes, little regulatory impact, and good communication processes among the personnel, functions and management levels.
Supplemental guidance for first-party audits, second-party audits, use by small organizations and OHSMS audits has been added to individual sections of this Supplement as applicable.
 

Stijloor

Leader
Super Moderator
Friends,

I always liked the American version of ISO 19011.

The supplemental guidelines add more value.

Stijloor.
 

Sidney Vianna

Post Responsibly
Leader
Admin
ISO’s popular standard for auditing management systems is under revision and has just reached the first voting stage, a crucial step in its development.

Organizations are increasingly turning to management systems, in a quest to be more effective and save time and money. Many companies have several different management systems, each focusing on different areas, such as IT, information security, quality and environmental management. ISO 19011, Guidelines for auditing management systems, will help with the effective audit of those management systems to ensure continuous improvement, allowing harmonization across systems and a uniform approach of the auditing process where there are multiple systems in place.

Read more...

Obviously my hope is that the next revision of 19011 sheds some light in the conformity assessment practices when the "requirements" standards have been deliberately distanced from a command-and-control perspective to touchy-feely, do-the-right-thing approaches. When "requirements" become fluid, the task of determining conformity becomes hard (pun intended). Let's see if this new version of 19011 cracks the code for management system audits in the age of HLS, but, based on the players at hand, I am not hopeful.
 
Last edited:

Chennaiite

Never-say-die
Trusted Information Resource
Mid-2018 is quite a time. A time before which the challenges thrown open by the new version for the auditors especially could get multiplied by varieties of interpretation and the value addition get divided by stereotypes.
 

Sidney Vianna

Post Responsibly
Leader
Admin
A preview of the ISO 19011 DIS is available.

Interesting to note that an ISO Project Committee (PC 302) was formed. ISO 19011 used to be in the domain of the ISO TC176. It then became a joint product of TC 176 and 207. Now, ISO 19011 is supposed to be used for auditing ANY TYPE/DISCIPLINE of management system, so it has to be an "universal" document, not only for QMS and EMS auditing, but also for Information Security, Food Safety, Energy Management, Anti-Bribery, etc....
 
Last edited:
Top Bottom