top of page

For Auditors or

 

For Auditees

How to prepare for an audit (Simple checklist)

Check the previous audit in this area; if the scope and criteria is not the same, seek to review any audit that is close to the topic you are now auditing

Check for any previous findings in the area, and audit findings should be categorised, so even 

How to prepare for an audit interview as an auditee

Guide: Preparing for an ISO Internal Audit Interview

Internal audits are designed to check that your organisation’s processes comply with ISO standards (e.g. ISO 9001, ISO 14001, ISO 27001). An interview is a key part of this process, where auditors speak with staff to confirm that procedures are understood and effectively followed.

1. Understand the Purpose of the Audit

  • Not an exam: The audit is about verifying processes, not testing your personal knowledge.

  • Focus on evidence: Auditors want to see how work is carried out in practice.

  • Continuous improvement: The audit is a tool to identify gaps and opportunities, not to assign blame.

2. Review Relevant Information Beforehand

  • Policies and objectives: Be familiar with your organisation’s ISO policy and key objectives.

  • Your role: Understand how your work fits into the management system.

  • Procedures: Review any documented procedures, work instructions, or checklists you use.

  • Records: Know where evidence (logs, forms, reports) is stored and how it is maintained.

3. Anticipate Common Interview Questions

Auditors typically ask questions such as:

  • Can you explain your role and responsibilities?

  • How do you know what you are required to do?

  • How do you record and report your work?

  • What happens if something goes wrong (nonconformity, incident, complaint)?

  • How do you contribute to meeting the company’s objectives?

  • Are you aware of any risks or opportunities in your area of work?

(Tip: Answer in terms of what you actually do, not what you think the auditor wants to hear.)

4. Practice the Right Approach

  • Be honest: If you don’t know the answer, say so. Offer to find out.

  • Be concise: Give clear, straightforward responses. Avoid unnecessary detail.

  • Show understanding: Relate your answers to your day-to-day work.

  • Use evidence: Where possible, point to records or examples that demonstrate compliance.

5. Know the Do’s and Don’ts

✅ Do:

  • Listen carefully before answering.

  • Refer to documented procedures.

  • Show awareness of policies (e.g. quality, environment, information security).

  • Stay calm and professional.

❌ Don’t:

  • Guess or make up answers.

  • Criticise the system or other staff.

  • Hide information (auditors may interpret this as a lack of transparency).

6. Prepare Logistical Details

  • Ensure records and documents you may be asked about are accessible.

  • Confirm interview time/place so you’re not rushed.

  • Dress appropriately for the workplace and audit setting.

7. Final Mindset Tips

  • Think of it as a conversation, not a test.

  • The auditor is there to help the organisation improve, not to catch you out.

  • Focus on how your work supports compliance, consistency, and improvement.

xx

📝 ISO Internal Audit Interview – Quick Staff Checklist

1. Know the Purpose

  • It’s not a test of you, it’s a check of the system.

  • Auditors want to see how we work in practice.

  • Goal: Confirm compliance, spot improvements, not blame.

2. Be Ready to Explain

✅ Your role and responsibilities
✅ How you know what to do (procedures, instructions, training)
✅ How you keep records (forms, logs, reports, systems)
✅ What you do if something goes wrong (nonconformity, complaint, incident)
✅ How your work supports company objectives (quality, safety, environment, security, etc.)

3. Do’s and Don’ts

DO

  • Answer clearly and honestly

  • Relate answers to your real daily work

  • Point to evidence (records, documents, examples)

  • Stay calm and professional

DON’T

  • Guess or make things up

  • Say “I don’t know” without offering where to find the answer

  • Criticise the system or others

  • Hide information

4. Quick Reminders

  • Review the policy and objectives (quality / environment / info security).

  • Know where your procedures and records are kept.

  • Be on time and ready when called.

  • Keep it simple – short, clear answers are best.

✅ Remember: The audit is about how the system works, not catching you out. Just explain what you do day-to-day.

Would you like me to also make this into a one-page visual handout (poster-style) so it looks professional and easy for staff to read at a glance?

xxx

Compliance Audits vs. Process Audits - Understanding the Differences and Approaches

What is the difference between a compliance audit and a process audit?

Compliance audits and process audits assess different aspects of an organisation. A compliance audit focuses on whether specific rules, standards, or regulations are being followed. In contrast, a process audit reviews the effectiveness and efficiency of a particular process within the organisation.

 

What do the terms "horizontal" and "vertical" audit mean?

You may also have heard a reference to "horizontal" and "vertical" audits. A vertical audit focuses on a single function or department in detail. A horizontal audit, on the other hand, examines a specific process or requirement across multiple functions or departments.

 

Should the maturity of the audit process influence planning?

Yes. When planning your audits, consider how mature your audit process is. The maturity level may affect both the scope and the approach you take for your audits.

 

What are the different scopes?

Scope of certification (Differences between scopes)

Scope of ISO 9001, scope of Quality Management System (QMS), scope of Certification and audit scope refer to different things, yet they are closely linked.

ISO 9001 Scope - Clause 1 of ISO 9001 describes its scope, the subject of the standard, the quality management system, and the intended results of its application by organisations.

QMS Scope - ISO 9001 Clause 4.3 states that “The organisation shall determine the boundaries and applicability of the QMS to establish its scope… The scope shall state the types of products and services covered”.

Certification Scope - The scope of certification is derived from the scope of the QMS and is dependent on what the organisation decides to have certified. This scope is used to communicate the certification status of the organization’s QMS to relevant interested parties. Sometimes the scope of certification can be smaller than the scope of the QMS and special attention needs to be given to these cases.

Audit Scope - “extent and boundaries of an audit (ISO 19011:2018, 3.5). Note 1 to entry: The audit scope generally includes a description of the physical and virtual locations, functions, organisational units, activities and processes, as well as the time period covered.”

 

Business stanadrds ISO 9001

World standards cooperation poster competition 2021

bottom of page