When it comes to getting ISO certified, it’s not uncommon for organisations to believe all their ISO internal audits have to be conducted onsite – but this isn’t the case.
For some time, remote consulting has been a practical and convenient option for many businesses looking to get compliant, especially those in regional Australia or with staff working from home.
Some organisations are hesitant to switch up their tried and tested approaches, but this could lead to them missing key opportunities to progress as a business. Today’s landscape is highly volatile, and remaining competitive and compliant often relies on an organisation’s ability to be agile and proactive.
This has become all the more important in the wake of a global pandemic, with travel being prohibited or restricted and traditional face-to-face audits no longer always being appropriate or possible.
All of this considered remote ISO internal auditing is becoming an increasingly viable option for businesses across the globe looking to get and stay ISO certified. But how does it work, and could it be a feasible choice for your company?
Why remote ISO internal auditing?
Remote ISO internal audits are essentially the same as a standard audit, except for the fact they are conducted using teleconferencing technology, such as Zoom or Microsoft Teams and sometimes using video devices or simply a phone app. These technologies give auditors the ability to ask questions, view evidence and more, all from a remote location.
This can be useful when a business’ operations take place in a hard-to-reach location, or when employees are infrequently in the office when the auditor is available.
Most Certification Bodies are now offering some remote audits, especially in the wake of the coronavirus pandemic. There’s no reason why your ISO consultant can’t also do the bulk of their work online, saving you on travel costs and the necessity of your staff being in the office when an audit is taking place.
ISO internal auditing becomes even more convenient when organisations set up their management systems using a cloud based IMS. The big advantage of this is that remote audits can be done at any time during the year, without the need to set aside an entire day onsite for their completion. In this way, your auditor can easily keep track of your system’s health throughout the year remotely.
For example, interviews, observations and the like can be completed online – something that’s become a familiar part of our working lives since the pandemic forced individuals to work remotely.
But, in actuality, the benefits of getting on board with remote ISO internal audits go far beyond this.
It’s no secret that the pace of change in cloud-based technology has increased dramatically in recent years and that there are many choices available to businesses wishing to effectively complete audits online while also saving time and money.
Most organisational data is now accessible online, especially if companies store their information in the cloud. This means travelling onsite isn’t always necessary, as the same work can be conducted from another location with ease.
Some locations can be difficult to access, for instance, if they require strict permits or similar. In other cases, consultants may need to travel long distances. All of this can churn through time and money for travel, which could be used better elsewhere.
Logistics are easier to manage
The logistics of signing on for an online meeting are also often far more manageable than those involved in an onsite ISO internal audit.
When arranging an online meeting, you simply need to lock in a suitable time and find a quiet place (with internet access) to join from. This is a far cry from the reality of organising an in-person meeting.
By meeting online, rather than onsite, you can avoid the inconvenience of:
- Booking a meeting room in advance;
- Cleaning after the audit team leaves;
- Temporarily pausing operations;
- Disrupting employee’s regular workflow;
- Potentially catching whatever bug the auditor has picked up from their last audit!
This all makes completing your audit less burdensome, while still getting your business one step closer to your compliance goals.
Remote consulting is a far more practical option for many businesses, especially in COVID-19 times, when there are fluctuating restrictions surrounding how many people can be onsite at once and the like.
That said, one of the several exceptions to the above is when an occupational health and safety site risk audit or site inspection needs to be done. While it is possible to complete site audits remotely via a phone camera, this often isn’t recommended. This is because they can be less effective, as it’s very difficult to get the full picture through a device.
When working from their office or home, your audit team will have any necessary resources, such as a quiet environment with appropriate internet, monitors and printers, readily at their disposal.
They will be comfortable in their workspace and well equipped to get your audit completed efficiently, as they’re less likely to get held up along the way and will not be interrupting your staff or needing special equipment or space sourced for them.
This, combined with the fact they can put time otherwise spent travelling towards completing your audit, can help you get faster results.
Remote ISO internal auditing challenges
While there are plenty of benefits that come with implementing an ISO internal audit remotely, organisations should also be aware of the challenges that may arise along the way.
By getting informed and prepared beforehand, you can avoid preventable issues and inconveniences and get the best possible outcome for your business.
Some certification and accreditation bodies don’t accept remote audits as valid
While many certification and accreditation bodies are now accepting remote audits as valid, and even offering audits themselves remotely (especially Stage 1 audits), there are some instances where only face-to-face audits will be deemed acceptable.
Because this practice is still quite new, expectations for remote audits and how much they can be trusted to provide a valid representation of operations depends on the customer, the industry, the risk and the scope of the audit. For example, if you work in a high-risk industry like construction or working with overhead powerlines, it is unlikely you will be able to audit your processes remotely for obvious reasons.
If you reach out to an ISO consultant before getting started, they can help you establish whether either all or part of your ISO internal audits can be done remotely – and whether there might be hurdles along the way and how to deal with them.
Issues with technology
While technology brings with it a wide range of benefits, we know that it isn’t always completely reliable. In recent times, employees who’ve adapted to working from home have seen this first hand, as they continue to navigate online meetings and the like.
When audits are being completed online, network issues can come into play, disrupting the process and posing a unique set of challenges.
It can also be difficult for auditors and auditees to concentrate for long period of time when working online. For this reason, in our experience it becomes important to have shorter sessions and regular breaks. In some cases, breaking up an audit into smaller sections on different days.
At ICS, our consultants have been conducting remote audits for some time and understand the types of issues that may come up. Because of this, they can help you navigate and troubleshoot challenges that arise along the way – including those that relate to technology.
Less involvement from auditees
When an ISO internal audit is being completed, organisational members are expected to be actively involved in this process, which can be more difficult when audits are moved online.
While it’s always important to ensure employees understand their roles and responsibilities throughout the auditing process, when completing remote audits, this becomes all the more essential. Staff need to have a clear perception of why the audit is being conducted, how it’s of interest and benefit to them and why their continued commitment and attention is crucial.
As the auditor isn’t physically visiting your premises, auditees can feel less engaged in the process. Online audits may therefore require more planning and better communication of expectations. By setting up regular meetings and sharing expectations and tasks/preparation required prior, this can often be combatted.
Lack of trust in the audit process
Especially when companies have become accustomed to more tradition onsite approaches, audits that are fully or predominately completed online can be unfamiliar and may not be trusted right away. If the auditor isn’t physically onsite, they ask, how can they know what the business is really like?
There’s a simple reason so many businesses are switching to remote audits – they work. The simplest way to test the process is to do a trial and compare results.
And remember, there are still some types of audits that really should be done face-to-face – such as site safety audits and audits in high-risk areas of the business where observing people at work is important. For example, in a manufacturing, mining, construction or engineering environment.
While there may be hurdles, as mentioned, ISO consultants understand these and can guide you every step of the way, ensuring your audit is reliable – regardless of where it’s being conducted from.
Getting started with a remote ISO internal audit.
If you’re looking to complete an ISO internal audit, getting in touch with an ISO consultant is a great place to start. They can help you determine:
- The criteria of the ISO standard you want to get compliant with;
- The scope of your audit;
- Who needs to be involved in the auditing process;
- Timeframes and deadlines;
- The documentation and records that will be required;
- How the audits can best be performed to get maximum benefit from online.
If you’re ready to get started with a remote ISO internal audit, get in touch with our team. We’re experts in compliance, and can help you reach your compliance goals quickly and effectively.
We also have experience with a range of other services and ISO standards, including ISO 14001, ISO 45001, cloud-based IMS, legislative services and integrated management systems. Find out more by contacting us today.