WIXLIB

INTERNATIONALSTANDARDISO19011Third edition2018-07Guidelines for auditing managementsystemsLignes directrices pour l'audit des systèmes de managementReference numberISO 19011:2018(E) ISO 2018

ISO 19011:2018(E) COPYRIGHT PROTECTED DOCUMENT ISO 2018All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication maybe reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or postingon the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the addressbelow or ISO’s member body in the country of the requester.ISO copyright officeCP 401 Ch. de Blandonnet 8CH-1214 Vernier, GenevaPhone: 41 22 749 01 11Fax: 41 22 749 09 47Email: copyright@iso.orgWebsite: www.iso.orgPublished in Switzerlandii ISO 2018 – All rights reserved

ISO 19011:2018(E) Contents PageForeword.vIntroduction. vi123456Scope. 1Normative references. 1Terms and definitions. 1Principles of auditing. 5Managing an audit programme. 65.1General. 65.2Establishing audit programme objectives. 95.3Determining and evaluating audit programme risks and opportunities. 95.4Establishing the audit programme. 105.4.1Roles and responsibilities of the individual(s) managing the audit programme. 105.4.2Competence of individual(s) managing audit programme. 115.4.3Establishing extent of audit programme. 115.4.4Determining audit programme resources. 125.5Implementing audit programme. 125.5.1General. 125.5.2Defining the objectives, scope and criteria for an individual audit. 135.5.3Selecting and determining audit methods. 145.5.4Selecting audit team members. 145.5.5Assigning responsibility for an individual audit to the audit team leader. 155.5.6Managing audit programme results. 165.5.7Managing and maintaining audit programme records. 165.6Monitoring audit programme. 175.7Reviewing and improving audit programme. 17Conducting an audit.186.1General. 186.2Initiating audit. 186.2.1General. 186.2.2Establishing contact with auditee. 186.2.3Determining feasibility of audit. 196.3Preparing audit activities. 196.3.1Performing review of documented information. 196.3.2Audit planning. 196.3.3Assigning work to audit team. 216.3.4Preparing documented information for audit. 216.4Conducting audit activities. 216.4.1General. 216.4.2Assigning roles and responsibilities of guides and observers. 216.4.3Conducting opening meeting. 226.4.4Communicating during audit. 236.4.5Audit information availability and access. 236.4.6Reviewing documented information while conducting audit. 236.4.7Collecting and verifying information. 246.4.8Generating audit findings. 256.4.9Determining audit conclusions. 256.4.10 Conducting closing meeting. 266.5Preparing and distributing audit report. 276.5.1Preparing audit report. 276.5.2Distributing audit report. 276.6Completing audit. 286.7Conducting audit follow-up. 28 ISO 2018 – All rights reserved iii

ISO 19011:2018(E) 7Competence and evaluation of auditors.287.1General. 287.2Determining auditor competence. 297.2.1General. 297.2.2Personal behaviour. 297.2.3Knowledge and skills. 307.2.4Achieving auditor competence. 327.2.5Achieving audit team leader competence. 337.3Establishing auditor evaluation criteria. 337.4Selecting appropriate auditor evaluation method. 337.5Conducting auditor evaluation. 337.6Maintaining and improving auditor competence. 34Annex A (informative) Additional guidance for auditors planning and conducting audits.35Bibliography. 46iv ISO 2018 – All rights reserved

ISO 19011:2018(E) ForewordISO (the International Organization for Standardization) is a worldwide federation of national standardsbodies (ISO member bodies). The work of preparing International Standards is normally carried outthrough ISO technical committees. Each member body interested in a subject for which a technicalcommittee has been established has the right to be represented on that committee. Internationalorganizations, governmental and non-governmental, in liaison with ISO, also take part in the work.ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters ofelectrotechnical standardization.The procedures used to develop this document and those intended for its further maintenance aredescribed in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for thedifferent types of ISO documents should be noted. This document was drafted in accordance with theeditorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/directives).Attention is drawn to the possibility that some of the elements of this document may be the subject ofpatent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details ofany patent rights identified during the development of the document will be in the Introduction and/oron the ISO list of patent declarations received (see www .iso .org/patents).Any trade name used in this document is information given for the convenience of users and does notconstitute an endorsement.For an explanation on the voluntary nature of standards, the meaning of ISO specific terms andexpressions related to conformity assessment, as well as information about ISO's adherence to theWorld Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the followingURL: www .iso .org/iso/f

ISO 19011:2018(E) Foreword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on .