ISO 9001 2015 Surveillance Audit

This article is about ISO 9001 2015 Surveillance Audit and What your organization should know about the certification audit cycle to be more prepared for it.

The ISO 9001:2015 surveillance audit is an important part of maintaining your organization’s quality management system (QMS). This audit is conducted by an external auditing body to verify that your QMS is still compliant with the requirements of the ISO 9001:2015 standard.

The surveillance audit consists of two parts: a document review and a site visit. During the document review, the auditor will review your organization’s quality manual, policies, procedures, and records to verify that they are up to date and compliant with ISO 9001:2015. During the site visit, the auditor will observe your organization’s operations and speak with employees to ensure that the QMS is being followed.

The surveillance audit is an important part of maintaining your ISO 9001:2015 certification. It ensures that your QMS is still effective and compliant with the latest version of the standard.

Implementing a Quality Management System (QMS) under ISO 9001:2015 requirements means consulting with a certification body. This involves learning what your organization must do to certify your management system as compliant with the requirements.

There are processes your organization will face under ISO 9001 2015 Surveillance Audit:

• Documentation audit;
• Certification audit;
• A cycle of surveillance audits;
• Re-certification audit

They could prove tiresome and complex. But to help your organization overcome these audits, QSE Academy made this brief discussion to explain what to expect at audits.

The Processes of Certification and Surveillance Audit

The 3-year certification cycle is used for organizations certified against ISO 9001. However, there are some possible amendments.

For example, your organization should begin with a documentation audit if you have implemented your QMS and are having your first certification.

Consequently, a certification body’s auditor will review all of your organization’s documentation.

The auditor will then compare it to the ISO 9001:2015 standard requirements, to validate that what your organization has documented fulfils the standard’s requirements.

You can only schedule a certification audit once the documentation is confirmed.

Next, a certification body will conduct an on-site audit of all of your organization’s QMS processes. It will issue your ISO 9001:2015 certification if you have completely addressed any corrective actions.

Note that there will be on-site surveillance audits for the next two years. This is until your re-certification audit on your cycle’s third year.

Furthermore, most certification bodies execute one surveillance audit per year. Yet, this could be more often if your organization negotiates with the certification body.

As long as you are maintaining your current certification with the same certification body, you will not need to go back to the certification audit.

However, you will have to transfer an audit if you change certification bodies or your version of the ISO 9001 standard. It involves a full audit where old certificates are withdrawn to issue new certifications.

For instance, some organizations are shifting from ISO 9001:2008 to ISO 9001:2015.

What Does a Surveillance Audit Cover?  

Surveillance audits, certification audits, and re-certification audits have things in common:

• On-site audits performed by a certification body;
• Will have corrective actions issued that must be tackled;
• Will have an audit report issued to your organization as the audit’s record.

The main difference is the number of hours allocated to the audits’ processes.

For the certification and re-certification audits, the certification body’s auditors will check for conformance to the ISO 9001 standard.

This involves assessing the implementation of every process within your QMS, company documentation, process effectiveness, and constant improvement.

It usually takes several days for many auditors to finish the process. Hence, the size of your organization and the number of processes within your QMS impact the duration of the audit.

Meanwhile, a surveillance audit will spend less time on only some portions of your organization’s QMS processes, rather than everything.

It will look at key processes like internal audits, management reviews, and corrective actions. Afterward, it will check some of the remaining processes within your organization’s QMS.

Additionally, surveillance auditors may look at a portion of the whole organization. For instance, an auditor may only assess selected sites or certain production lines.

Typically, auditors use the square root rule. In this way, an organization with 25 branches will only have 5 sites included in the audit.

Thus, surveillance audits will take less time to finish.

Lastly, certification bodies aim to audit all of the processes and business sites at least once within the QMS during the two-year surveillance cycle.

Importance of Certification Body Audits

Surveillance audits and certification audits have the same amount of significance.

Both audits require your organization to execute internal audits for all processes as per your audit schedule. You will also make necessary improvements or corrections.

Remember that your organization can lose certification if a major non-conformance found during a certification audit is not addressed.

Therefore, certification body audits can provide different improvement opportunities. Similarly, information from surveillance audit reports can be used to improve your organization.

• Documentation audit
• Certification audit
• Year one surveillance audit
• Year two surveillance audit
• Re-certification audit

All of these could be achieved on time if you are armed with the toolkits designed by QSE Academy.

Browse through our packages and you’ll see various ways to assist your journey towards ISO 9001:2015 surveillance audits.