An audit is defined as an on-site leveraging activity, such as an inspection or inspection, of a process or quality system, to confirm requirements. An audit may apply to the entire organization or it may be specific to a function, process, or production step. Some audits have specific administrative purposes, such as auditing documents, risks, or performance, or following up on corrective action that has been required.
There are three main types of audits:
- Process audits: This type of audit verifies that processes are working within defined limits. It evaluates the operation or method against predetermined instructions or standards to measure conformity with this standard and the effectiveness of the instructions. Process audits can:
- Check compliance with specified requirements such as time, accuracy, temperature, pressure, composition, responsiveness, electric current and component mix.
- Examine the resources (equipment, materials, people) applied to convert inputs into outputs, the environment, the methods (procedures, instructions) followed, and the measures collected to determine process performance.
- Check the adequacy and effectiveness of the process controls defined by procedures, work instructions, flow charts, and training and process specifications.
- Product audits: This type of audit is the inspection of a specific product or service, such as hardware, processed materials, or software, to evaluate whether it conforms to requirements (ie, specifications, performance standards, and customer requirements).
- System audits: Audits conducted on the management system. This can be described as a documented activity undertaken to verify, by examination and evaluation of objective evidence, that the applicable elements of the system are appropriate and effective and have been developed, documented, and implemented according to and in relation to specified requirements.
- Quality management system audits evaluate existing quality management programs to determine their compliance with company policies, contractual commitments, and regulatory requirements.
- Likewise, the environmental system audit checks the environmental management system, the food safety system audit checks the food safety management system, and the safety system audit checks the safety management system.
What are First Party, Second Party and Third Party Audits?
First-party audits are conducted within the organization to measure its strengths and weaknesses against its own procedures or methods and/or against external standards adopted by the (voluntary) or enforced (mandatory) of the organization. A first-party audit is an internal audit conducted by an auditor who is employed by the organization being audited but has no interest in the results of the audit in the area being audited.
A second-party audit is an external audit performed on a supplier by a customer or by an organization contracting on behalf of the customer. The contract is in effect, and the goods or services are or will be, being delivered. Second-party audits are subject to contract law rules, as they provide contractual directions from customer to supplier. Second-party audits tend to be more formal than first-party audits because the audit results can influence customer purchasing decisions.
Third-party audits are conducted by audit organizations that are independent of the customer-supplier relationship and free from conflicts of interest. The independence of the audit organization is a key component of a third-party audit. Third-party audits can result in certifications, registrations, recognition, awards, license approvals, citations, fines, or penalties issued by the third party organization or interested parties.
Performance Audit vs. Compliance and Compliance Audit
Value-added assessment, management audit, value-added audit, and continuous improvement assessment are terms used to describe audit objectives beyond compliance and conformity. The purpose of this audit is related to organizational performance. Audits that determine compliance and suitability have not focused on good or bad performance. Performance is an important concern for most organizations.
The main difference between compliance audits, conformity audits and remedial audits is the collection of evidence related to an organization’s performance versus evidence to verify conformance or compliance with a standard or procedure. An organization may adopt its procedures for accepting orders, but if each order is subsequently changed two or three times, management may have a reason for concern and want to correct the inefficiency.