Auditing is an important function for any organization whether it is someone from outside your organization or someone internally. Audits allow companies to assess if they are ‘walking the talk’. Internal audits, completed inside the organization, are extremely important because it allows the organization to make minor changes to stay on course before things spin out of control.
Types of Audits
There are a number of different types of audits used in businesses today. The one we probably hear the most about in the news is the financial audit.
All of these audits have at their core compliance to generally accepted standards. These standards could be set by industry bodies (Association of Chartered Accountants), governments or international governing bodies (ISO). When an organization meets these standards through an independent audit process it assures that this organization’s management system complies with those standards. That is why it is extremely important that audits must be independent evaluations and they must produce qualitative and quantitative evidence of compliance.
Three levels of audit:
- Third Party or Registration Audits are conducted by auditors that are independent of the organization being audited. They are objective and typically will be from a registrar organization that audits the organization to a recognized standard (ISO9001, ISO14001, etc.)
- Second party or External Audits are external audits of an organization’s quality program by someone independent of the organization itself. The second party is typically a customer who audits a supplier (or potential supplier) to gauge whether the organization can meet contractual requirements.
- First Party or Internal Audits are performed by personnel of the organization. It is important that these internal auditors are still independent of the function being audited. Typically personnel from one division will audit the processes of a separate division.
For the remainder of this course, we will be referring mainly to internal audits.