Types of audits
- Product audit– An examination of a particular product or service (hardware, processed material, software) to evaluate whether it conforms to requirements (that is, specifications, performance standards, and customer requirements).
- Process audit– A verification that processes are working within established limits. It evaluates an operation or method against predetermined instructions or standards to measure conformance to these standards and the effectiveness of the instructions. Such an audit may:
- Check conformance to defined requirements such as time, accuracy, temperature, pressure, composition, responsiveness, amperage, and component mixture.
- Examine the resources (equipment, materials, people) applied to transform the inputs into outputs, the environment, the methods (procedures, instructions) followed, and the measures collected to determine process performance.
- Check the adequacy and effectiveness of the process controls established by procedures, work instructions, flowcharts, and training and process specifications.
- System audit– An audit conducted on a management system. It can be described as a documented activity performed to verify, by examination and evaluation of objective evidence, that applicable elements of the system are appropriate and effective and have been developed, documented, and implemented in accordance and in conjunction with specified requirements.
- A quality management system auditevaluates an existing quality program to determine its conformance to company policies, contract commitments, and regulatory requirements.
- Similarly, an environmental system auditexamines an environmental management system, a food safety system audit examines a food safety management system, and safety system audits examine the safety management system.
Internal & external audits: – first, second and third party audits
- A first-party auditis performed within an organization to measure its strengths and weaknesses against its own procedures or methods and/or against external standards adopted by (voluntary) or imposed on (mandatory) the organization. A first-party audit is an internal audit conducted by auditors who are employed by the organization being audited but who have no vested interest in the audit results of the area being audited.
- A second-party auditis an external audit performed on a supplier by a customer or by a contracted organization on behalf of a customer. A contract is in place, and the goods or services are being, or will be, delivered. Second-party audits are subject to the rules of contract law, as they are providing contractual direction from the customer to the supplier. Second-party audits tend to be more formal than first-party audits because audit results could influence the customer’s purchasing decisions.
- A third-party auditis performed by an audit organization independent of the customer-supplier relationship and is free of any conflict of interest. Independence of the audit organization is a key component of a third-party audit. Third-party audits may result in certification, registration, recognition, an award, license approval, a citation, a fine, or a penalty issued by the third-party organization or an interested party.