The creators of isology®

The work doesn’t stop once you get ISO certified, there is a requirement to complete an annual surveillance audit to ensure your Management System continues to meet the requirements of the standard(s).

Last week Mel covered some basic preparation you can do ahead of a surveillance audit, but what should you expect on the actual audit day?

Today, Mel shares 10 top tips to help you prepare and ensure your next surveillance audit runs as smoothly as possible.

You’ll learn

• What is a surveillance audit?
• What to expect during the surveillance audit
• Considerations for remote vs on-site audits
• What evidence do you need to have prepared?

Resources

• isology Hub
• Blackmores ISO Support

In this episode, we talk about:

[00:36] A description of a surveillance audit

[02:00] A summary of the 10 top tips  

[02:40] There is no right or wrong way to prepare for a surveillance audit – but the following tips will be applicable regardless of the standard your certified to

[03:30] Tip 1: Be Prepared – A summary of what Mel covered in the previous episode  

[05:40] Tip 2 – The opening Meeting – Be sure to have all people involved in the audit present at the meeting. It’s advised to have a member of the leadership team present. Here the Auditor will explain the different types of audit findings.

[08:00] Tip 3 – Audit questions – Similar to your Stage 1 and 2 Assessment, you will be asked a lot of questions. Try to be specific with your answers, and don’t be afraid to ask for clarification. Don’t worry if you don’t know the answers to certain questions outside of your area of expertise, simply direct them to the correct individual who can answer. You are within your rights to seek clarification on findings – Do not argue with the auditor, simply ask for justification on findings if you’re confused as to why they’re being raised.

[13:05] Tip 4: Keep on track – It’s in everyone’s best interest to stick to the Agenda.

[13:35] Tip 5: On-site Surveillance audits – Do a floor walk before the auditor arrives to check that you’re following your procedures. Make sure reception knows that the Auditor is arriving, and follows any of your standard visitor procedures. Try to book a room to base the audit in to avoid them overhearing any unnecessary chatter and to allow the auditor and auditees some privacy.  

[16:05] Tip 6: Remote Surveillance Audits – Ensure that you follow any company remote working procedures. Ensure you have a good wi-fi connection, all attendees should be visible on camera but be muted when not speaking. Make sure everyone has access to the necessary documents while off-site.

[17:15] Tip 7: The Auditor – They are human, and they are here to support you to ensure you are doing what you say you’re doing. They are experts on their Standards and it’s advised to foster a friendly relationship with them. But please be aware that they shouldn’t be sending you reports from personal email addresses, be left unattended on-site and shouldn’t be taking any information off-site – show evidence on screen / in-person during the audit.    

[20:20] Tip 8: The closing Meeting – Held at the end of the day. Listen to the feedback and findings from the auditor – they are there to help you improve. Feel free to ask for further clarification if needed. It’s advised to have everyone at the opening meeting present at the closing meeting.

[22:38] Tip 9: Evidence needed – You will typically need access to your audit schedule, audit reports and Management Review Minutes. You may also need various policies and procedures. Ensure that all documents are version controlled and any applicable branding is consistent.

[24:10] Tip 10: Enjoy it! – If you’re doing everything you say you’re doing, then you should enjoy showing off your Management System. The resulting report should be seen as an opportunity to continually improve – the auditor only wants the best for your business.

We’d love to hear your views and comments about the ISO Show, here’s how:

• Share the ISO Show on Twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episode’s:

Stitcher | Spotify | YouTube | iTunes | Soundcloud

The work doesn’t stop once you get ISO certified, there is a requirement to complete an annual surveillance audit to ensure your Management System continues to meet the requirements of the standard(s).

Surveillance audits must be carried out by a Certification Body, during which they will typically look at your Management Review, your preventative and corrective actions process, Internal auditing process and the implementation of any recommendations that have come out of an Internal audit.

Today, Mel explains how you can prepare for a Surveillance audit and gives examples of some key considerations ahead of the Auditor arriving on site.

You’ll learn

• What is a Surveillance Audit?
• Why there is a requirement for an annual surveillance audit
• What you need to prepare ahead of a surveillance audit

Resources

• isology Hub
• Blackmores ISO Support
• What to expect during your first ISO Assessment

In this episode, we talk about:

[00:59] A description of a Surveillance Audit

[01:30] The purpose of a Surveillance Audit – Ensuring your Management System meets ISO Standard requirements and as an opportunity to demonstrate continual improvement

[02:40] There is no right or wrong way to prepare for a Surveillance Audit – but the following tips will be applicable regardless of the standard your certified to

[03:30] Tip 1: Check that you have an Agenda for the visit – This should be provided at the end of your last report from the Certification Body

[04:25] A brief overview of how the certification cycle works – A 3 year plan is usually provided to you by your Certification Body

[05:50] Ensure that you go ahead with a UKAS accredited Certification Body

[06:18] Tip 2: Confirm locations – make sure you know where the auditor is being sent and to prepare staff on site about the impending visit. This can also allow you to book out time for specific people that may be required during the audit

[07:10] Tip 3: Ensure you book out time for any required key members of staff – it is also advised that you book out a meeting room for the day

[08:45] Be prepared for the Auditor to walk around your site – Especially if they’re assessing ISO 45001 (Health and Safety) and ISO 27001 (Information Security)

[09:40] Double check if the auditor visit is on-site or remote  

[10:30] Tip 4 – Check that you have all the relevant Management System records in place – and that they’re up-to-date

[10:50] Examples of what documentation the Auditor will typically look at

[13:00] Tip 5 – Make sure you’ve closed out any opportunities for improvement and non-conformities from your last internal audit

[14:30] Tip 6 – Check if there have been any changes to your business that may effect the scope of certification i.e. New products or services with no controls in place yet or a new site

[16:00] Tip 6: Confirm the auditor’s visit and check if they have any accessibility or dietary needs.

[16:30] Tip 7: Warn any relevant reception / security staff about the visit so they know to expect the auditor. Ensure they go through any of your typical security procedures i.e. getting an access card, signing visitor book ect

[17:42] Tip 8: Send an email to all staff to remind them about the surveillance visit – good to do this a day or two ahead of the visit   

[19:45] Tip 9: Do a floor walk – Ensure that any of the physical controls you have in place are working as intended

We’d love to hear your views and comments about the ISO Show, here’s how:

• Share the ISO Show on Twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud