Juan Medina / Auditor
An Integrated Management System (IMS) is a comprehensive framework that combines multiple management systems into a single, cohesive system made up of sets of standards such as ISO 9001, ISO14001 or ISO 45000, as well as processes and procedures that enable an organization to effectively manage its environmental, quality, safety, and occupational health aspects, among others.
To verify the compliance and effectiveness of an Integrated Management System (IMS), it is necessary to carry out periodic internal and external audits to assess the degree of conformity with the established requirements.
Auditing an IMS is a process that ensures that the system is operating effectively and efficiently.
The following is a description of the steps involved in auditing an IMS:
Understanding, and defining the scope and objectives
Before conducting an audit, it is essential to understand the scope and objectives of the audit. This involves identifying how the organization is made up in terms of departments and functions to be audited, to establish the audit criteria and objectives.
Define the scope and objectives of the audit: it must be established which processes, areas, or functions are to be audited, as well as the criteria and reference standards to be applied.
The purpose and expected outcome of the audit should also be defined, as well as the resources and time available.
Audit criteria should include legal requirements and industry standards, as well as any specific requirements of the organization.
For example, in a manufacturing company that has implemented an IMS, the scope of the audit may include production processes, quality control, and environmental management.
Audit criteria may include ISO 9001 (quality management), ISO 14001 (environmental management), and ISO 45001 (occupational health and safety management).
The audit objectives may include compliance with the requirements of the standards to be audited, legal norms applicable to the industry/sector, and IMS documentation.
Audit planning
Once the previous point has been established and understood, an audit plan should be drawn up, including:
Conducting the audit
This involves preparing a checklist, conducting interviews with key personnel, reviewing documentation, and observing processes and activities to verify compliance with audit criteria.
For example, during an IMS audit, the auditor may interview the Quality Manager to understand how the organization ensures compliance with ISO 9001 requirements.
The auditor may also review documents such as quality manuals and procedures to verify compliance.
In addition, the auditor can observe the production process to ensure that the organization complies with the requirements of ISO 14001.
Presentation of the report
After completing the audit, the auditor should prepare an audit report that reflects the audit findings, conclusions, and recommendations. The report should be clear, concise, objective, and evidence-based. It should be communicated to relevant stakeholders and as far as possible, receive feedback.
For example, after conducting an audit, the auditor may recommend using quality tools for the organization to implement a corrective action plan to address nonconformities identified in the audit.
Follow-up of audit findings
Once the audit is concluded, the implementation and verification of the corrective actions derived from the audit should be followed up.
Audited personnel may submit a corrective action plan including specific actions, timelines, and responsibilities for addressing nonconformities, which should be communicated to relevant stakeholders and progress monitored to ensure that nonconformities are effectively addressed.
To do this, the lead auditor should evaluate the effectiveness and impact of corrective actions on the integrated management system and close the audit when all nonconformities have been satisfactorily resolved.
In conclusion, auditing an IMS is a thorough process that ensures that the system is operating effectively and efficiently.
The steps involved in auditing an IMS include understanding the scope, and the audit objectives, performing the audit, and reporting and following up on the audit findings.
By following these steps, organizations can ensure that their IMS complies with legal requirements and industry standards and identify areas for improvement to enhance their overall performance.
Bibliography:
ISO 19011:2018- Guidelines for the audit of management systems.