ISO 45001 defines “audit” as a “Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled”.
An audit can be of following types on the basis of auditee and auditor relationships:
- An internal audit known as first party audit
- An external audit known as second party (customer audit) or third party (regulatory body or auditing organization)
- Combined audit (combining two or more disciplines). An internal audit is conducted by the organization itself, or by an external party on its behalf.
Learn about audit techniques in an online free course.
Internal Audit is part of performance evaluation and one of the most important tool to check the health and effectiveness of the management system. Third party audit and customer audits are done to assess subscription to voluntary standards and contractual obligations respectively.
Check what documented information is required for internal audits.
For ISO 45001, companies has to go through a third party voluntary audit in order to conform themselves against the requirements of ISO 45001. Thus if your organization has to certify themselves against the standard, one has to go through third party audit by a registrar accredited from UKAS or IAF.