Auditing is defined as the on-site verification activity, such as inspection or examination, of aManagement System, to ensure compliance to requirements. An audit can apply to an entire organization or might be specific to a function, process, or production step. Some audits have special administrative purposes, such as auditing documents, risk, or performance, or following up on completed corrective actions.
An audit conducted on a management system. It can be described as a documented activity performed to verify, by examination and evaluation of objective evidence, that applicable elements of the system are appropriate and effective and have been developed, documented, and implemented in accordance and in conjunction with specified requirements.
A quality management system audit evaluates an existing Quality Management Program (QMP) to determine its conformance to company policies, contract commitments, and regulatory requirements.
Similarly, an environmental / occupational health & safety / medical devices / automotive / aerospace / social accountability / CTPAT / SCAN, etc… system audit examines an EXISTING Management System comply to applicable/ subscribing legal and statutory requirements with value adding and return on investment and improving customer and interested parties expectations.
The process approach to auditing focuses on reviewing the sequence and interaction of processes and their inputs and outputs. It analyses the management system not just as if it were a set of documented procedures, but rather as an active systemof processes that addresses business risk and its applicable requirements.
A first-party audit is performed within an organization to measure its strengths and weaknesses against its own procedures or methods and/or against external standards adopted by (voluntary) or imposed on (mandatory) the organization. A first-party audit is an internal audit conducted by auditors who are employed by the organization being audited but who have no vested interest in the audit results of the area being audited.
A second-party audit is an external audit performed on a supplier by a customer or by a contracted organization on behalf of a customer. A contract is in place, and the goods or services are being, or will be, delivered. Second-party audits are subject to the rules of contract law, as they are providing contractual direction from the customer to the supplier. Second-party audits tend to be more formal than first-party audits because audit results could influence the customer’s purchasing decisions.
A third-party audit is performed by an audit organization independent of the customer-supplier relationship and is free of any conflict of interest. Independence of the audit organization is a key component of a third-party audit. Third-party audits may result in certification, registration, recognition, an award, license approval, a citation, a fine, or a penalty issued by the third-party organization or an interested party.