Section 3: Audit objectives

Audits are normally designed for one or more of the following purposes:

  • To determine conformity or non-conformity to a specified requirement
  • To determine the effectiveness of processes and activities
  • To identify areas for improvement
  • Too meet regulatory requirements and other compliance obligations

Carrying out internal audits should never be seen as a mere ‘tick in the box’. It is a critical check by the organisation to determine if processes and activities are being performed as planned and avoid undue complaints from interested parties (including customers). Also to identify improvement opportunities to ensure customer satisfaction.

Typical audit cycle

Management system standards require the organisation to schedule (or programme) audits in advance. The Schedule must show when audits are due to take place, the scope and boundaries and who will conduct the audit. The Schedule must show that the management system and the clauses of the applicable management system standard are covered by the audit.

Consider who needs to be notified in the organisation about a planned audit and how they need to prepare for example: making time available for themselves and colleagues, booking meeting rooms, ensuring documents and records are available for evaluation, etc. Consider how auditees are notified for example: a telephone call, email or even a formal letter. An audit plan is advisable in this case.


As the auditor you should take time to prepare yourself for the audit. Consider the following:

  • Prepare an audit plan to allocate time points
  • Consider who you need to speak to during the audit and check that they are available
  • Research and review applicable processes and procedures
  • Seek the support of a technical expert if needed (perhaps there are parts of the audit which are not within your area of expertise)


Audits should typically begin with an opening meeting and conclude with a closing meeting. The opening meeting is used to set the scene and scope of the audit, and to confirm the audit plan. Audit rules set by the organisation can also be covered during the opening meeting. The closing meeting is to conclude and summarise the status of conformity based on the evidence observed during the audit, also to communicate and agree any findings (nonconformities) identified.


As soon as possible after the completion of the audit, a report should be compiled which includes sufficient details about the audit including the audit scope, audit plan, auditees, auditor’s notes, conclusions and any nonconformities. The report should be made available to top management for review.


Typically at management review, audit findings should be subject to analysis to enable decisions to be made about the ongoing audit schedule. It may be that audit frequencies may need to be increased or decreased, or additional audits may be needed in the event of unacceptable outcomes.

Course Content Navigation

Section 1: Understanding Annex SL and Management System Standards
Section 2: Audit requirements
Section 3: Audit objectives
Section 4: Auditor responsibilities
Section 5: Audit programming
Section 6: Pre-audit activities
Section 7: During the audit
Section 8: Audit reporting
Back to main menu