ISO 19011, guidelines for auditing management systems, under revision

The standard used today for controlling the auditing of management systems is under revision, and is expected to be published in July 2018.

ISO 19011: 2011, Guidelines for auditing management systems, is currently used to control the auditing approach of Certification Bodies when auditing their customers’ ISO Management Systems.  It applies to all organisations that need to conduct internal or external management system audits or manage audit programmes.

The revised standard will help auditors by providing a uniform approach of the auditing process, especially when there are complex and multiple systems in place. It aims to:

  • Secure agreement on the goals of individual audits
  • Reduce audit duplication
  • Ensure audit reports follow best-practice formats
  • Evaluate audit team members against relevant criteria.

The revision intends to adapt the current standard so that it caters for the growing number of management system standards available today, as well as taking into account the recent revisions of some of the most widely used standards, such as ISO 9001 and ISO 14001.

Currently it is at the Committee Draft (CD) stage, meaning those countries involved in its revision have an opportunity to make comments on the draft before it moves to the Final Draft International Standard (FDIS) stage or Publication (ISO) stage.

When the standard was last published, in 2011, there were only 11 management system standards, since then that number has grown significantly to 39, with a further 12 management systems currently in development.

Denise Robitaille, Chair of ISO/PC 302, the ISO project committee responsible for the revision, commented “As organisations see the benefit and need for management systems, there has been an increase in the number of sector-specific standards to respond to the mandate.  So the auditing of these systems needs to reflect the variety and number of standards being developed.”

ISO 19011 will apply to a broad range of users, including ISO auditors, ISO consultants, organisations implementing management systems and organisations that need to conduct audits of any ISO management systems for contractual or regulatory reasons.

The revision will include updated requirements and terminology, as well as incorporating concepts such as remote auditing and risk-based thinking.