Initial audit Stage 1

What are the main points of attention for an audit?

You are about to start the certification process of a management system audit. In this article, we would like to share our practical experience with these audits, to provide you with optimal information about the certification process.

The certification process and the audit cycle

Brand Compliance is an independent audit office that checks whether your organization meets the set standards. For example ISO 27001, ISO 27701, ISO 9001 and NEN 7510. We assess whether you have correctly applied the standard’s requirements and implemented it into your organization and whether you operate in accordance with your policy documents, processes, and procedures. If the result is positive, we will issue a certificate.

Management system certifications such as ISO 27001, ISO 27701, ISO 9001 and NEN 7510 consist of a cycle comprising three years. Each year we will conduct an audit at your organization. The cycle starts as soon as your organization has obtained a certificate for the first time.

In order to obtain a certificate for the first time, we conduct a so-called ‘initial audit’. The audit consists of two stages.

• Stage 1 audit: during stage 1, we assess whether your organization is ready for stage 2, on the basis of the documented information in your management system and your knowledge and understanding of the requirements of the standard.
• Stage 2 audit: during Stage 2, we assess the implementation and effectiveness of the management systems. Are all processes executed as described? Is the policy adhered to? Are employees aware of their contribution to the management system?

Focal points in preparation for a stage 1 audit

We are happy to share the following focal points with you. These points are essential in your preparations for the certification process.

1. Before planning the audit, determine that your organization has a functioning management system with the related processes and working methods.
2. Ensure that you have integrated the management system processes into your organization’s processes so that they fit in with your business operations.
3. In addition to the mandatory documented information ensure that you maintain sufficient documentation to demonstrate that you are carrying out the management system processes effectively.
4. Document where you deviated from your – planned – processes due to circumstances.
5. Be familiar with the standard’s requirements and make sure that your staff knows how they contribute to fulfilling these requirements. You and your employees are able to identify this in the interview with the auditor.
6. You are familiar with the key performances of the management system and significant aspects, processes and objectives.
7. You can explain the specific circumstances that apply to the site or the entire organization.
8. You and your staff can clarify the scope of the management system, aimed at:
   1. The activities, products and services;
   2. The sites where these activities, products and services are performed;
   3. The processes that enable the execution of these activities, products and services;
   4. The assets required to carry out these processes.
9. Ensure that the internal audit and management review have been fully completed prior to stage 1 of the initial audit.

Completion Stage 1

During stage 1, it was assessed whether your organization is ready for stage 2. During the closing meeting of the Stage 1 audit, the auditor will clarify any areas of concern in your management system that could lead to a nonconformity during stage 2. You can get started with this in time to start stage 2 well prepared. For this reason, it is essential to schedule sufficient time between the stage 1 and stage 2 audit.

Conclusion

This blog was intended to inform you about the preparation of your certification process. If you have any questions about the process, the audit cycle, or further audit preparation, don’t hesitate to get in touch with one of Brand Compliance’s Customer and Project Coordinators.