• ISO 9001
    Quality
    • What is ISO 9001
    • Quality Management Systems (QMS)
    • ISO Methodology
    • Cost of ISO 9001
    • Integrated Systems
    • Internal Audits
    • Urgent Tenders
    • Gap Analysis
    • Maintaining your System after Certification
    • Simplifying your System
  • ISO 45001 & 4801
    Safety
    • ISO 45001 Certification
    • Migrating to ISO 45001
    • Safety Management System (OH&S)
    • Integrated Systems
    • ISO 45001 or AS/NZS 4801?
    • Safety Management System Methodology
  • ISO 14001
    Environmental
    • ISO 14001 Cetification
    • Environmental Management System Methodology
    • Integrated Systems
  • ISO 27001
    Information Technology
  • All ISO
    Standards
  • ISO
    Services
    • Management Systems
    • Integrated Systems
    • Urgent Tenders
    • Internal Audits
    • Gap Analysis
    • Maintaining your ISO System
    • Simplifying your System
    • Internal Auditor Training
    • Australian Government WHS Scheme for Construction
  • Clients
    • Our Clients
    • Client Feedback
  • ISO 9001
    Resources
    • ISO Certification Australia | Certification Bodies in Australia
    • ISO by Industry
    • Guide to ISO 9001
    • ISO Standards for your Business
    • Glossary of Terms
    • ISO 9001 Articles & News
    • How to Select a Certification Body
    • Can You Do It Yourself?
    • ISO 9001 Important Links
    • FAQ’s
  • About
    Us
    • Contact Us
    • About us
    • Our Team
    • Our Guarantee
    • Our Quality Policy
    • Our ISO Certification
    • Join our Team
ISO Global
1300 88 96 49
ISO Global ISO Global ISO Global ISO Global
Get a Quote Contact Us 1300 88 96 49
  • ISO 9001
    Quality
    • What is ISO 9001
    • Quality Management Systems (QMS)
    • ISO Methodology
    • Cost of ISO 9001
    • Integrated Systems
    • Internal Audits
    • Urgent Tenders
    • Gap Analysis
    • Maintaining your System after Certification
    • Simplifying your System
  • ISO 45001 & 4801
    Safety
    • ISO 45001 Certification
    • Migrating to ISO 45001
    • Safety Management System (OH&S)
    • Integrated Systems
    • ISO 45001 or AS/NZS 4801?
    • Safety Management System Methodology
  • ISO 14001
    Environmental
    • ISO 14001 Cetification
    • Environmental Management System Methodology
    • Integrated Systems
  • ISO 27001
    Information Technology
  • All ISO
    Standards
  • ISO
    Services
    • Management Systems
    • Integrated Systems
    • Urgent Tenders
    • Internal Audits
    • Gap Analysis
    • Maintaining your ISO System
    • Simplifying your System
    • Internal Auditor Training
    • Australian Government WHS Scheme for Construction
  • Clients
    • Our Clients
    • Client Feedback
  • ISO 9001
    Resources
    • ISO Certification Australia | Certification Bodies in Australia
    • ISO by Industry
    • Guide to ISO 9001
    • ISO Standards for your Business
    • Glossary of Terms
    • ISO 9001 Articles & News
    • How to Select a Certification Body
    • Can You Do It Yourself?
    • ISO 9001 Important Links
    • FAQ’s
  • About
    Us
    • Contact Us
    • About us
    • Our Team
    • Our Guarantee
    • Our Quality Policy
    • Our ISO Certification
    • Join our Team
Home ISO 9001 Articles & News Types of ISO 9001 audits

Types of ISO 9001 Audits

Table of content

What is an Audit?
Types of Audit Performed
Internal Audit
Certification Audit
Surveillance Audit
Re-Certification Audits
Supplier Audit

While trying to find out how to get certified, you must have come across various types of audits – internal audits, certification audits, surveillance audits and supplier audits. You might be be wondering if all of these are required to get certified, or you may just be confused with the purpose of each of them and their differences.

This article will help you understand what these audits are all about, when are these performed and who is supposed to conduct these audits.

What is an Audit?

ISO 9001 audits are one of the key components to get ISO 9001 certification and are also required to maintain the certification.

An audit is an evidence-based verification of processes implemented in the organization as per the policies and procedures defined in the Quality Management System, to check if these fulfill the requirement of ISO 9001. This is a systematic and documented process that is carried out by a trained person who is independent of the process being audited.

The main purpose of an audit is to check the compliance of QMS with the ISO 9001 standard. It helps you identify and address any issues with the Quality Management System, and helps you identify potential improvements in your system.

Types of Audit Performed

Audits under ISO 9001 can be categorized into 4 categories:

  • Internal Audit
  • Certification Audit
  • Surveillance Audit
  • Re-certification audit
  • Supplier Audit

Internal Audit

Internal Audit is conducted internally by the organization. That means the organization initiates and plans this audit either with personnel from its own organization or by hiring a qualified internal auditor. This is a self-assessment of the processes implemented in the organization. The person conducting the internal audit should be independent of the function/area being audited. Internal audit is a mandatory requirement of ISO 9001, and the audit results should be documented to obtain an ISO 9001 certification. This should be done at least once a year or as per the frequency defined by the organization.

Doing an internal audit before you go for a certification audit is mandatory. The purpose of the internal audit is to assess the compliance of the QMS with ISO 9001 requirements and address any non-conformities before you go for the certification. This will ensure that an internal mechanism to check your QMS for non-conformities, assess the effectiveness of processes and identify process improvements is established within the organization. This will allow you to correct any issues and ensure that your organization meets the requirements before an external auditor audits your organization, and will help you to identify process improvement opportunities that are at the core of the ISO 9001 standard. This may in turn help you to streamline your processes to move faster and more efficiently.

Certification Audit

The certification audit is conducted by the certification body or the registrar that you select for providing the certification. The main purpose of these audits is to verify your compliance with ISO 9001 and to finally get the certification.

Certification audits are conducted in 2 stages, stage 1 and stage 2. Stage 1 is conducted to verify that the policies and procedures that you have documented in your Quality Management System’s comply with the ISO 9001 requirements. The stage 1 audit also checks your readiness for Stage 2. Stage 1 may be conducted remotely by an external auditor, but Stage 2 is usually done onsite. During Stage 2 audit, the external auditor will visit your site and verify through your documented information and interviews if you are meeting all the requirements of ISO 9001 or not. The external auditors may raise non-conformities during these audits, and upon successful closure of these non-conformities, you get your certification.

Surveillance Audit

Apart from the certification audit, the certification body also conducts surveillance audits to check that you are still maintaining the Quality Management System after a successful certification. These are typically conducted annually. The difference between certification and surveillance is that surveillance will be typically done on-site in one go, and they will not issue any certificate after the audit. They may raise non-conformities that you need to resolve within the time frame they provide.

Re-Certification Audits

Re-Certification audits are typically conducted every three years. They are similar to a certification audit. Follwing the re-certification audit the certification body will re-issues your certificate.

Supplier Audit

Supplier Audits are an important part of the supplier approval process that an organization conducts when taking on new suppliers. These audits also help a customer to continually review their suppliers to ensure they are maintaining the processes as required by the regulations and standards. Supplier audits give manufacturers or retailers insight into supplier performance and help them proactively identify issues with the supplier’s products and processes. These audits are typically conducted during the supplier selection process when the supplier is new and there is not enough performance data available, or the product supplied is critical for the supply chain management. These may also be done when a supplier performs poorly or is not delivering the products of the required quality. Some organizations also conduct these audits on a periodic basis to check any non-compliances proactively.

For your quick reference, here is a table that gives you some important information on each type of audit:

 

Type of Audit When is it done? Who conducts it? Is it mandatory for the certification?
Internal audit At least once annually or as per frequency defined by the organization Any employee/s of the organization who is trained and independent of the function being audited or an independent internal auditor hired from a consulting firm. Yes
Re-Certification Audit Once in 3 Years Certification body Yes
Surveillance Audit Typically annually Certification body Yes
Supplier Audit As part of new supplier approval or when supplier performance issues are identified or as per the frequency defined by the organization Any organization can perform this audit on their supplier or can hire an external agency to conduct the audit. May be done depending upon the criticality of the supplier selection process and the supplier’s performance.

 

Audits provide management with important insights into process compliance issues and help them take pro-active measures, whether they are done internally or by external agencies. When efficient mechanisms are established to do an audit, these can help organizations identify process improvement opportunities, and help achieve the objectives of the Quality Management System.

Author: Avital Koren

Avital Koren

Avital is passionate about small business and working with entrepreneurs. She was the first to identify and address the needs of small businesses in management systems.

Learn more about Avital

100% success – Certification is guaranteed!

 

Improved operational control

 

We are ISO 9001 certified

 

User friendly systems trusted by certification bodies and auditors.

 

Get a system within 6-8 weeks

What our Clients Say

“Thank you so much for preparing us so magnificently for the implementation of our Quality Management System”“The system has been a benefit to the business from the point that we implemented it”

“ISO Global proved that the process doesn’t have to be difficult, lengthy or stressful”

“Our certification auditor described the system as “excellently done”

“Thank you and your team for the hard work and for holding our hand along the way”

Read More

  • ISO Global
  • 1300 88 96 49

Management Systems

  • Safety
  • Environmental
  • ISO 31000 Risk Management
  • HACCP

Services

  • Integrated Management Systems
  • ISO Internal Audit of Your Management Systems
  • Internal Auditor Training
  • Gap Analysis
  • Maintaining your ISO System after Certification
  • Simplifying your System
  • Australian Government WHS Scheme for the Construction Industry

Fast, Simple & Cost-Effective Management Systems

Search

© 2025 — ISO Global. All Rights Reserved.