1、AMERICAN NATIONAL STANDARDGuidelines for auditing managementsystemsAMERICAN SOCIETY FOR QUALITY600 N. PLANKINTON AVENUEMILWAUKEE, WI 53203-2914ASQ/ANSI/ISO 19011:2011(This page intentionally left blank) AMERICAN NATIONAL STANDARD Guidelines for auditing management systems Approved as an American Nat
2、ional Standard by: American Society for Quality November 11, 2011 American National Standards: An American National Standard implies a consensus of those substantially concerned with is scope and provisions. An American National Standard is intended as a guide to aid the manufacturer, the consumer,
3、and the general public. The existence of an American National Standard does not in any respect preclude anyone, whether he or she has approved the standard or not, from manufacturing, purchasing, or using products, processes, or procedures not conforming to the standard. American National Standards
4、are subject to periodic review and users are cautioned to obtain the latest edition. Caution Notice: This American National Standard may be revised or withdrawn at any time. The procedures of the American National Standards Institute require that action be taken to reaffirm, revise, or withdraw this
5、 standard no later than five years from the date of publication. Purchasers of American National Standards may receive current information on all standards by calling of writing the American National Standards Institute. ASQ/ANSI/ISO 19011:2011iii 2012 by ASQCopyright Protection Notice for the ASQ/A
6、NSI/ISO 19011:2011 Standard. This standard is subject to copyright claims of ISO, ANSI, and ASQ. Not for resale. No part of this publication may be reproduced in any form, including an electronic retrieval system, without the prior written permission of ASQ. All requests pertaining to the ASQ/ANSI/I
7、SO 19011:2011 Standard should be submitted to ASQ.Note: As used in this document, the term “International Standard” refers to the American National Standard adoption of this and other International Standards.ASQ will consider requests for change and information on the submittal of such requests rega
8、rding this Standard. All requests should be in writing to the attention of the Standards administrator at the address below.ASQ Mission: The American Society for Quality advances individual and organizational performance excellence worldwide by providing opportunities for learning, quality improveme
9、nt, and knowledge exchange.Published by:COPYRIGHT PROTECTED DOCUMENTPDF disclaimerThis PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be viewed but shall not be edited or printed. In downloading this file, parties therein accept the responsibility
10、of not infringing on Adobes licensing policy. ASQ accepts no liability in this area.Adobe is a trademark of Adobe Systems Incorporated.Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creating parameters were optimized for p
11、rinting. Every care has been taken to ensure that the file is suitable for use by our customers. In the unlikely event that a problem relating to it is found, please inform ASQ at the address below.ASQ/ANSI/ISO 19011:2011ivAlso available from ASQ Quality Press: The ASQ Auditing Handbook, Third Editi
12、on J.P. Russell, editing director The Internal Auditing Pocket Guide: Preparing, Performing, Reporting and Follow-up, Second Edition J.P. Russell The Management System Auditors Handbook Joe Kausek The Process Auditing Techniques Guide, Second Edition J.P Russell Quality Audits for Improved Performan
13、ce, Third Edition Dennis R. Arter ANSI/ISO/ASQ Q9001-2008: Quality management systemsRequirements ASQ ANSI/ISO/ASQ E14004-2004: Environmental management systemsGeneral guidelines on principles, systems and support techniques ASQ ISO 9001:2008 Internal Audits Made Easy: Tools, Techniques, and Step-By
14、-Step Guidelines for Successful Internal Audits, Third Edition (e-Book) Ann W. Phillips ISO Lesson Guide 2008: Pocket Guide to ISO 9001-2008, Third Edition Dennis R. Arter and J.P. Russell The Quality Toolbox, Second Edition Nancy R. Tague Root Cause Analysis: Simplified Tools and Techniques, Second
15、 Edition Bjrn Andersen and Tom Fagerhaug The Certified Manager of Quality/Organizational Excellence Handbook, Third Edition Russell T. Westcott, editor To request a complimentary catalog of ASQ Quality Press publications, call 800-248-1946, or visit our Web site at www.asq.org/quality-press. ASQ/ANS
16、I/ISO 19011:2011v(This page intentionally left blank) Contents Page Foreword .viii Introduction x 1 Scope . 1 2 Normative references . 1 3 Terms and definitions . 1 4 Principles of auditing . 4 5 Managing an audit programme 5 5.1 General . 5 5.2 Establishing the audit programme objectives . 8 5.3 Es
17、tablishing the audit programme 8 5.4 Implementing the audit programme 11 5.5 Monitoring the audit programme . 15 5.6 Reviewing and improving the audit programme 15 6 Performing an audit 16 6.1 General . 16 6.2 Initiating the audit . 17 6.3 Preparing audit activities . 18 6.4 Conducting the audit act
18、ivities 21 6.5 Preparing and distributing the audit report 26 6.6 Completing the audit 27 6.7 Conducting audit follow-up . 27 7 Competence and evaluation of auditors . 28 7.1 General . 28 7.2 Determining auditor competence to fulfil the needs of the audit programme 28 7.3 Establishing the auditor ev
19、aluation criteria . 33 7.4 Selecting the appropriate auditor evaluation method . 33 7.5 Conducting auditor evaluation 33 7.6 Maintaining and improving auditor competence . 33 Annex A (informative) Guidance and illustrative examples of discipline-specific knowledge and skills of auditors . 35 Annex B
20、 (informative) Additional guidance for auditors for planning and conducting audits . 42 Bibliography . 49 ASQ/ANSI/ISO 19011:2011vii)oreword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing Inte
21、rnational Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison wi
22、th ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of technic
23、al committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn t
24、o the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO 19011 was prepared by Technical Committee ISO/TC 176, Quality management and quality assurance, Subcommittee SC 3, Su
25、pporting technologies. This second edition cancels and replaces the first edition (ISO 19011:2002), which has been technically revised. The main differences compared with the first edition are as follows: the scope has been broadened from the auditing of quality and environmental management systems
26、to the auditing of any management systems; the relationship between ISO 19011 and ISO/IEC 17021 has been clarified; remote audit methods and the concept of risk have been introduced; confidentiality has been added as a new principle of auditing; Clauses 5, 6 and 7 have been reorganized; additional i
27、nformation has been included in a new Annex B, resulting in the removal of help boxes; the competence determination and evaluation process has been strengthened; illustrative examples of discipline-specific knowledge and skills have been included in a new Annex A; additional guidelines are available
28、 at the following website: www.iso.org/19011auditing. ASQ/ANSI/ISO 19011:2011viiiRecommendation on the Use of ISO 19011:2011 The ASC Z1-Auditing Subcommittee recommends that users of this standard consider two points regarding additional guidance on management system auditing: 1. Concerning the ISO
29、website, referenced in the Foreword above, the primary mission of ISO is the development of international standards through the use of formal consensus processes. Since website content may not be subject to the same consensus process as this standard, users should consider anything posted on this IS
30、O website strictly as “more information” as stated in the final draft international standard (FDIS) and agreed upon by vote, rather than “additional guidance.” 2. Regarding the U.S. supplemental guidance on management system auditing that was previously published as ANSI/ISO/ASQ QE 19011S2008: ISO 1
31、9011:2011 does not include information from the 2008 American National Standard concerning the use of ISO 19011 for internal audits, supplier audits and management system audits in small organizations. Since much of this information is still relevant and important, the ASC Z1 Auditing Subcommittee h
32、as initiated work to transfer this information to new consensus documents as soon as feasible. ASQ/ANSI/ISO 19011:2011ixIntroduction Since the first edition of this International Standard was published in 2002, a number of new management system standards have been published. As a result, there is no
33、w a need to consider a broader scope of management system auditing, as well as providing guidance that is more generic. In 2006, the ISO committee for conformity assessment (CASCO) developed ISO/IEC 17021, which sets out requirements for third party certification of management systems and which was
34、based in part on the guidelines contained in the first edition of this International Standard. The second edition of ISO/IEC 17021, published in 2011, was extended to transform the guidance offered in this International Standard into requirements for management system certification audits. It is in
35、this context that this second edition of this International Standard provides guidance for all users, including small and medium-sized organizations, and concentrates on what are commonly termed “internal audits” (first party) and “audits conducted by customers on their suppliers” (second party). Wh
36、ile those involved in management system certification audits follow the requirements of ISO/IEC 17021:2011, they might also find the guidance in this International Standard useful. The relationship between this second edition of this International Standard and ISO/IEC 17021:2011 is shown in Table 1.
37、 Table 1 Scope of this International Standard and its relationship with ISO/IEC 17021:2011 Internal auditing External auditing Supplier auditing Third party auditing Sometimes called first party audit Sometimes called second party audit For legal, regulatory and similar purposes For certification (s
38、ee also the requirements in ISO/IEC 17021:2011) This International Standard does not state requirements, but provides guidance on the management of an audit programme, on the planning and conducting of an audit of the management system, as well as on the competence and evaluation of an auditor and a
39、n audit team. Organizations can operate more than one formal management system. To simplify the readability of this International Standard, the singular form of “management system” is preferred, but the reader can adapt the implementation of the guidance to their own particular situation. This also
40、applies to the use of “person” and “persons”, “auditor” and “auditors”. This International Standard is intended to apply to a broad range of potential users, including auditors, organizations implementing management systems, and organizations needing to conduct audits of management systems for contr
41、actual or regulatory reasons. Users of this International Standard can, however, apply this guidance in developing their own audit-related requirements. The guidance in this International Standard can also be used for the purpose of self-declaration, and can be useful to organizations involved in au
42、ditor training or personnel certification. The guidance in this International Standard is intended to be flexible. As indicated at various points in the text, the use of this guidance can differ depending on the size and level of maturity of an organizations management system and on the nature and c
43、omplexity of the organization to be audited, as well as on the objectives and scope of the audits to be conducted. This International Standard introduces the concept of risk to management systems auditing. The approach adopted relates both to the risk of the audit process not achieving its objective
44、s and to the potential of the audit to interfere with the auditees activities and processes. It does not provide specific guidance on the organizations ASQ/ANSI/ISO 19011:2011xrisk management process, but recognizes that organizations can focus audit effort on matters of significance to the manageme
45、nt system. This International Standard adopts the approach that when two or more management systems of different disciplines are audited together, this is termed a “combined audit”. Where these systems are integrated into a single management system, the principles and processes of auditing are the s
46、ame as for a combined audit. Clause 3 sets out the key terms and definitions used in this International Standard. All efforts have been taken to ensure that these definitions do not conflict with definitions used in other standards. Clause 4 describes the principles on which auditing is based. These
47、 principles help the user to understand the essential nature of auditing and they are important in understanding the guidance set out in Clauses 5 to 7. Clause 5 provides guidance on establishing and managing an audit programme, establishing the audit programme objectives, and coordinating auditing
48、activities. Clause 6 provides guidance on planning and conducting an audit of a management system. Clause 7 provides guidance relating to the competence and evaluation of management system auditors and audit teams. Annex A illustrates the application of the guidance in Clause 7 to different discipli
49、nes. Annex B provides additional guidance for auditors on planning and conducting audits. ASQ/ANSI/ISO 19011:2011xi(This page intentionally left blank) International Standard ASQ/ANSI/ISO 19011:2011Guidelines for auditing management systems 1 Scope This International Standard provides guidance on auditing management systems, including the principles of auditing, managing an audit programme and conducting management system audits, as well as guidance on the evaluation of competence of individuals involved in the audit process, including the person mana
