When ISO/IEC 17021-1 was updated in 2015, many certification bodies rushed to update their manuals and forms—but few stopped to ask: Are our internal audits catching what assessors will look for?
In my experience guiding CBs through this transition, internal audits became the single biggest difference between a smooth accreditation and a stressful one. A good internal audit acts as your “trial run”—it exposes gaps in competence, impartiality, and process control long before an accreditation assessor does.
So if you’re transitioning to ISO/IEC 17021-1:2015, your internal audit isn’t just routine—it’s your rehearsal for success.
An internal audit during transition does two critical things:
It tells you how closely your current system aligns with the new 2015 requirements.
It gives you time to fix issues before an accreditation body finds them.
Think of it as a pressure-free simulation of your accreditation assessment.
One CB I worked with treated their internal audit like a box-checking exercise. They focused on paperwork but skipped process verification. During their real transition assessment, the accreditation body immediately spotted competence gaps. That’s when they realized—the internal audit should’ve caught that.
Pro Tip: Treat your internal audit like a dress rehearsal. Walk through processes as if assessors are in the room.
Common mistake: Limiting your audit to documents instead of testing how procedures actually work in practice.
Planning Internal Audits for the Transition Phase
Before diving in, you need a solid audit plan. A transition-specific internal audit plan should:
Set clear objectives – Verify compliance with ISO/IEC 17021-1:2015.
Define the scope – Cover all key processes: auditor competence, impartiality, audit programs, certification decisions, document control, and management review.
Schedule early – Run it at least two months before your accreditation body’s visit to allow time for corrections.
Assign qualified auditors – Use auditors who understand both the 2011 and 2015 versions.
One CB I supported scheduled their internal audit exactly 60 days before transition assessment. They used findings from that audit to strengthen competence evaluations and avoid repeat NCs.
Pro Tip: Focus first on high-impact clauses—like Clause 7 (Competence) and Clause 9 (Process Requirements).
Common pitfall: Rushing an internal audit a week before accreditation. There’s no time left for follow-up actions.
Updating Internal Audit Checklists for ISO/IEC 17021-1:2015
Your old audit checklist won’t cut it. The 2015 revision added intent behind clauses, not just new numbers.
Update your checklist to include:
Risk-based thinking for impartiality, competence, and decision-making.
Expanded competence requirements for all personnel functions.
Consistency checks across multi-site or multi-scheme audits.
Clause alignment with 2015 numbering.
Start with a simple crosswalk—list the 2011 clause beside its 2015 counterpart, note what changed, and rewrite questions accordingly.
Pro Tip: Phrase checklist questions as “Show me how” instead of “Do you have.” It encourages auditors to look for real implementation, not just documents.
Common mistake: Copy-pasting your 2011 checklist and hoping for the best. You’ll end up missing risk and impartiality checks entirely.
Conducting the Internal Audit Effectively
Once planning and checklists are ready, it’s time to audit.
Here’s a format that works:
Opening meeting: Confirm objectives and scope.
Process-based approach: Follow how real work flows—from client application to certification decision.
Interviews: Talk to auditors, technical experts, and decision-makers. Ask how they ensure impartiality or maintain competence.
Evidence collection: Request records, witness logs, and competence matrices—not just procedure copies.
One CB I audited had perfect documents but overlooked training follow-up records. The system looked fine on paper, but interviews showed auditors hadn’t been calibrated for the 2015 update.
Pro Tip: Audit by process, not clause. You’ll see how the system actually functions instead of reviewing it in isolation.
Reporting and Corrective Actions
After the audit, reporting matters just as much as the findings. Keep it clear and actionable:
Major non-conformities: Serious breakdowns (e.g., no impartiality committee or competence process).
Minor non-conformities: Gaps in records, unclear responsibilities, or outdated forms.
Opportunities for improvement: Ideas for smoother implementation.
Then assign corrective actions with owners and deadlines.
Pro Tip: Use a “Transition Audit Log” that tracks each finding by clause, type, and closure date. Accreditation assessors love this level of organization.
Common mistake: Closing findings too quickly without checking if the fix actually worked. Verification is non-negotiable.
Using Internal Audit Results to Prove Readiness
Your internal audit report is one of the strongest pieces of evidence for accreditation. Here’s how to make it count:
Summarize audit results in your management review.
Show all non-conformities closed and verified.
Include the audit plan, checklists, and corrective-action records as transition evidence.
One CB’s transition file impressed assessors so much that they shortened the witness audit duration. Why? Their internal audit was thorough, verified, and clearly linked to 2015 clauses.
Pro Tip: Prepare a one-page summary per clause showing “Requirement → Evidence → Status.” It speeds up assessor review and shows control.
FAQs – Internal Audits During Transition
Q1: Can we use an external consultant to perform the internal audit? Yes, as long as they’re independent and competent in ISO/IEC 17021-1:2015. Independence is crucial.
Q2: When should we schedule our transition internal audit? Ideally 2–3 months before your planned accreditation transition. That leaves time for corrections and verification.
Q3: Do we need to audit every process? Yes. ISO/IEC 17021-1 expects a full-system internal audit. Focus extra effort on areas that changed under the 2015 revision.
Turn Your Internal Audit into a Competitive Edge
A strong internal audit isn’t just about passing accreditation—it’s proof your certification body genuinely understands ISO/IEC 17021-1:2015.
Done right, it uncovers risks early, strengthens your system, and builds confidence with your accreditation body.
At QSE Academy, we’ve helped certification bodies design transition-ready internal audits and checklists that cut major findings to zero.
If you’re preparing for your transition, download our ISO/IEC 17021-1 Internal Audit Checklist for Transition or book a short guided session—we’ll help you turn your internal audit into your best accreditation advantage.
Melissa Lavaro is a seasoned ISO consultant and an enthusiastic advocate for quality management standards. With a rich experience in conducting audits and providing consultancy services, Melissa specializes in helping organizations implement and adapt to ISO standards. Her passion for quality management is evident in her hands-on approach and deep understanding of the regulatory frameworks. Melissa’s expertise and energetic commitment make her a sought-after consultant, dedicated to elevating organizational compliance and performance through practical, insightful guidance.
