You will lead a third-party audit next Monday on ABC, an organisation that provides services for cleaning windows from the outside of tall buildings. They work on demand, and usually have 4-5 orders per week. All documented information on these activities is kept at the central office.

You will lead a third-party audit next Monday on ABC, an organisation that provides services for cleaning windows from the outside of tall buildings. They work on demand, and usually have 4-5 orders per week. All documented information on these activities is kept at the central office.

On Friday evening, before the audit, you are informed by mail that customers cancelled all orders for the next week; therefore, the auditors will not have the chance to see them working at the customer’s premises, but the field supervisors will be available at the ABC offices.

You have prepared the audit plan and the checklist. Choose the best action you would take:

A. Start the audit on Monday at ABC’s as planned, interviewing the functions that regularly work at the central office, and plan visits to ABC customers wherever they may be working during the following week.

B. Ask the Certification Body you work for how to proceed with the audit.

C. Start the audit on Monday as planned, interviewing the functions that regularly work at the central office, and visit another customer’s premises they cleaned the week before.

D. Complete the audit but ask the quality manager to clean some windows at the ABC’s office, simulating the process they carry out at customers’ premises.

View Answer

Answer: B

Explanation:

According to ISO 19011:2018, clause 6.3.3, the audit plan should be reviewed and revised as necessary to address changes that occur during the audit planning. The audit plan should be agreed upon, preferably in writing, by the audit team leader, the audit client and the auditee1. Therefore, if there is a significant change in the auditee’s situation, such as the cancellation of all orders for the next week, the audit plan should be reviewed and revised accordingly, with the agreement of all parties involved.

According to ISO/IEC 17021-1:2015, clause 9.1.4, the certification body should have a process to ensure that the audit team has the competence to achieve the audit objectives, and that the audit methods are appropriate for the scope and complexity of the audit. The certification body should also have a process to ensure that the audit is conducted under reasonable conditions and within a reasonable time frame2. Therefore, if there is a risk that the audit objectives cannot be achieved, or that the audit methods are not suitable, due to the change in the auditee’s situation, the certification body should be consulted and informed on how to proceed with the audit.

Therefore, the best action to take is B, ask the certification body you work for how to proceed with the audit. This action will ensure that the audit plan is revised and agreed upon by all parties, and that the audit team has the competence and the methods to conduct the audit effectively and efficiently. The other options are not correct, as they may compromise the quality and validity of the audit:

• A. Start the audit on Monday at ABC’s as planned, interviewing the functions that regularly work at the central office, and plan visits to ABC customers wherever they may be working during the following week: This action may not be feasible or acceptable, as it may extend the audit duration and cost beyond the agreed terms, and it may not provide sufficient and appropriate audit evidence to verify the conformity and effectiveness of the auditee’s processes. Moreover, this action may not be agreed upon by the audit client and the auditee, and it may not be approved by the certification body.

• C. Start the audit on Monday as planned, interviewing the functions that regularly work at the central office, and visit another customer’s premises they cleaned the week before: This action may not be relevant or reliable, as it may not reflect the current performance and condition of the auditee’s processes. The audit evidence collected from the previous customer may not be valid or representative of the audit criteria, and it may not address the risks and opportunities associated with the auditee’s context and objectives. Moreover, this action may not be agreed upon by the audit client and the auditee, and it may not be approved by the certification body.

• D. Complete the audit but ask the quality manager to clean some windows at the ABC’s office, simulating the process they carry out at customers’ premises: This action may not be objective or impartial, as it may introduce bias and influence in the audit process. The audit evidence collected from the simulated process may not be accurate or authentic, and it may not demonstrate the actual capability and effectiveness of the auditee’s processes. Moreover, this action may not be ethical or professional, as it may compromise the integrity and credibility of the audit and the certification.

Reference: ISO 19011:2018(en), Guidelines for auditing management systems, ISO/IEC 17021-1:2015(en), Conformity assessment ― Requirements for bodies providing audit and certification of management systems ― Part 1: Requirements