Since the second edition of ISO 19011 was published in 2011, a number of new management system standards have been published, many of which have a common structure, identical core requirements and common terms and core definitions.
As a result, there is a need to consider a broader approach to management system auditing, as well as providing guidance that is more generic.
Audit results can provide input to the analysis aspect of business planning, and can contribute to the identification of improvement needs and activities.
An audit can be conducted against a range of audit criteria, separately or in combination, including but not limited to:
- Requirements defined in one or more management system standards
- Policies and requirements specified by relevant interested parties
- Statutory and regulatory requirements
- One or more management system processes defined by the organisation or other parties
- Management system plan(s) relating to the provision of specific outputs of a management system