Skip links

5 common questions an auditor might ask (part 2) by Ryan Chapman

1. What are the risks associated with this process or activity and how are they being mitigated?

Identifying risks associated with a process or activity is an important part of any management system audit, such as OHS (ISO45001), Quality (ISO9001), and Environmental (ISO14001). Some of the risks that may be identified include hazards to health and safety, environmental impacts, quality defects, non-compliance with legal requirements, and reputational risks.

To mitigate these risks, the organisation should have effective risk management processes in place. This may involve implementing control measures such as physical barriers, personal protective equipment, or safe work procedures to reduce the likelihood of accidents or incidents occurring. It may also involve implementing environmental controls to minimize impacts on the environment, or quality controls to ensure that products or services meet required standards.

The organisation may also have contingency plans in place to manage risks if they do occur, such as emergency response plans or business continuity plans. It is important that these plans are regularly reviewed and tested to ensure they are effective.

In addition to risk management processes, it is important that the organisation has a culture of safety, quality, and environmental responsibility. This includes promoting awareness and understanding of risks among employees and providing training and resources to enable them to work safely and effectively.

2. Can you provide evidence that the required procedures and controls are being followed and are effective?

The auditor may ask for evidence that the required procedures and controls are being followed and are effective. This may involve reviewing documentation such as policies, procedures, and records, as well as conducting interviews with employees and observing work activities.

The auditor may also conduct site inspections to observe work activities and ensure that the procedures and controls are being followed in practice. Any discrepancies or non-conformances identified during the audit should be documented, and corrective actions should be taken by the organisation to address them.

Overall, the auditor is looking for objective evidence that the procedures and controls in place are effective in managing OHS, Quality, and Environmental risks, and that they are being followed by all employees.

3. Are there any non-conformances or areas for improvement that have been identified, and what corrective actions have been taken to address them?

The auditor may identify non-conformances or areas for improvement. Non-conformances refer to instances where the organisation is not meeting the requirements of applicable standards, regulations, or its own policies and procedures. Areas for improvement may be identified where there is potential to enhance the effectiveness of the organisation’s management system.

The organisation should also establish a process for monitoring the effectiveness of corrective actions, to ensure that the non-conformance or area for improvement has been fully addressed. The auditor may review the organisation’s corrective action process and evidence of its effectiveness during subsequent audits.

Overall, the identification of non-conformances or areas for improvement is an important part of the audit process, as it provides the organisation with an opportunity to improve.

4. How is the organisation measuring and monitoring its environmental impact, and what steps are being taken to reduce it?

Environmental impact assessment is an important aspect of an audit (especially related to ISO14001). The auditor may ask the organisation how it measures and monitors its environmental impact and what steps are being taken to reduce it.

To measure and monitor environmental impact, the organisation may conduct regular environmental audits or assessments. This may include measuring energy consumption, waste generation, greenhouse gas emissions, water usage, and other relevant indicators. The organisation may also establish targets and performance indicators to track progress over time.

The auditor may review the organisation’s environmental policies, procedures, and performance indicators to assess the effectiveness of its environmental management system. The auditor may also review evidence of the organisation’s environmental impact assessments and monitoring activities, as well as any corrective actions taken to address environmental issues.

5. How is the organisation engaging with stakeholders, including employees, suppliers, and customers, to promote a culture of safety, quality, and environmental responsibility?

Effective stakeholder engagement is an important aspect of a robust management system, and can help to promote buy-in and support for OHS, Quality, and Environmental objectives.

Overall, effective stakeholder engagement is an important component of a successful management system. The auditor will be looking for evidence that the organisation is engaging with stakeholders in a meaningful way, and that these engagement activities are contributing to a culture of safety, quality, and environmental responsibility.

If you have any further questions or would like to speak directly to an Adaptive Certifications lead auditor, please get in-touch today.

This website uses cookies to improve your web experience.

Fill in the form to download the guide!

Fill in the form to download the guide!

Fill in the form to download the guide!

Fill in the form to download the guide!

Fill in the form to download the guide!

GET A QUOTE