Performing a successful audit

Auditing in ISO 45001, as with the other ISO management system standards, follows a process audit methodology, where you compare what is happening in the process to the planned arrangements to ensure that what is planned is what is happening. When auditing it is important to remember that you want to audit both the ISO standard requirements, and the process as it has been implemented at the organization. I have found that this can be done best as a two step process. First, during audit preparation you want to compare the process that is implemented (including procedures where they exist) against the ISO 45001 standard to see if what is planned to happens meets the requirements.

Once you know that the planned process meets the requirements, you can prepare questions to ask employees to confirm that what is actually happening meets the requirements of the process as implemented. Some of the best questions then include “Can you walk me through the process you use?”, “What happens when there is a nonconformity?”, etc. These are open ended and allow people to explain what they do which you can then compare to the process that is planned. Remember, you are auditing for conformity, not trying to hunt for mistakes. These questions and expected answers will be specific to your organization.

You can learn more about the process audit using the ISO standard for auditing management systems in the article: How to perform an internal audit using ISO 19011, https://info.advisera.com/free-download/how-to-perform-an-internal-audit-using-iso-19011