www.iso-9001-checklist.co.

uk

Internal Audit
Checklist
System & Process Compliance Auditing
Insert your company’s name or logo.
ISO 9001:2015 Audit Checklist
System & Process Compliance Auditing

Contents
Guidance____________________________________________________________________________________________________________________________________________________________ 3

About this Checklist _____________________________________________________________________________________________________________________________________________ 3

Audit Scoring Criteria ___________________________________________________________________________________________________________________________________________ 3

Principles of Auditing ___________________________________________________________________________________________________________________________________________ 4

Audit Methodology _____________________________________________________________________________________________________________________________________________ 5

Introduction ____________________________________________________________________________________________________________________________________________________ 5
Preparation _____________________________________________________________________________________________________________________________________________________ 7
Documented Information Review ______________________________________________________________________________________________________________________________ 7
Process Criteria, Metrics and Objectives________________________________________________________________________________________________________________________ 7
Previous Audit Findings ________________________________________________________________________________________________________________________________________ 7
Customer Complaints and Corrective Actions __________________________________________________________________________________________________________________ 8
Inputs and Outputs _____________________________________________________________________________________________________________________________________________ 8
Relevant ISO standards _________________________________________________________________________________________________________________________________________ 8
Review Performance ____________________________________________________________________________________________________________________________________________ 8
Review Competencies __________________________________________________________________________________________________________________________________________ 8
Review Linkages & Interactions ________________________________________________________________________________________________________________________________ 9
Review the Process _____________________________________________________________________________________________________________________________________________ 9
Review the Findings ___________________________________________________________________________________________________________________________________________ 10
Prepare the Report ____________________________________________________________________________________________________________________________________________ 10

Audit Checklist – Part 1 ___________________________________________________________________________________________________________________________________________11

Section 4.0 Context of the Organization ______________________________________________________________________________________________________________________11

Audit Findings Summary _______________________________________________________________________________________________________________________________________16

Audit Checklist – Part 2 ___________________________________________________________________________________________________________________________________________17

www.iso-9001-checklist.co.uk Page 1 of 78
Insert your company’s name or logo.
ISO 9001:2015 Audit Checklist
System & Process Compliance Auditing

Section 5.0 Leadership _________________________________________________________________________________________________________________________________________17

Audit Findings Summary _______________________________________________________________________________________________________________________________________22

Audit Checklist – Part 3 ___________________________________________________________________________________________________________________________________________23

Section 6.0 Planning____________________________________________________________________________________________________________________________________________23

Audit Findings Summary _______________________________________________________________________________________________________________________________________28

Audit Checklist – Part 4 ___________________________________________________________________________________________________________________________________________29

Section 7.0 Support ____________________________________________________________________________________________________________________________________________29

Audit Findings Summary _______________________________________________________________________________________________________________________________________37

Audit Checklist – Part 5 ___________________________________________________________________________________________________________________________________________38

Section 8.0 Operation __________________________________________________________________________________________________________________________________________38

Audit Findings Summary _______________________________________________________________________________________________________________________________________62

Audit Checklist – Part 6 ___________________________________________________________________________________________________________________________________________65

Section 9.0 Performance Evaluation __________________________________________________________________________________________________________________________65

Audit Findings Summary _______________________________________________________________________________________________________________________________________73

Audit Checklist – Part 7 ___________________________________________________________________________________________________________________________________________74

Section 10.0 Improvement _____________________________________________________________________________________________________________________________________74

Audit Findings Summary _______________________________________________________________________________________________________________________________________78

www.iso-9001-checklist.co.uk Page 2 of 78
Insert your company’s name or logo.
ISO 9001:2015 Audit Checklist
System & Process Compliance Auditing

Guidance
About this Checklist
The audit checklist is just one of the many tools which are available from the auditor’s toolbox that help ensure your audits address the necessary
requirements. It stands as a reference point before, during and after the audit process and if developed for a specific audit and used correctly will provide the
following benefits:

• Ensures the audit is conducted systematically;

• Promotes audit planning;
• Ensures a consistent audit approach;
• Actively supports your organization’s audit process (ISO 9001:2015, Clause 9.2.1);
• Provides a repository for notes collected during the audit;
• Ensures uniformity in the performance of different auditors;
• Provides reference to objective evidence.
This audit checklist comprises tables of the certifiable (‘shall’) requirements, from Section 4.0 to Section 10.0 of ISO 9001:2015, each required is phrased as a
question. This audit checklist may be used for element compliance audits and for process audits. If you wish to create separate process audit checklists, select
the clauses from the tables below that are relevant to the process and copy and paste the audit questions into a new audit checklist. We suggest that you
retain this audit checklist as your ‘master copy’.

Audit Scoring Criteria

A risk-based internal audit approach allows the internal audit to concentrate on reviewing the major risks to your organization. The audit’s role is to provide
assurance that key risks to your organization’s objectives are being well controlled.

The audit findings ‘traffic lights’ are intended to visually communicate the risk posed by the audit finding of any system or processes being audited. The rating
system is stratified from ‘compliant’ to ‘major non-conformance’ to convey a concise and consistent method for scoring each audit finding. At the end of the
audit, you can transfer the findings into an Excel spreadsheet to create charts, summary tables and trend data to paste into your audit report or management
review documentation.

www.iso-9001-checklist.co.uk Page 3 of 78
Insert your company’s name or logo.
ISO 9001:2015 Audit Checklist
System & Process Compliance Auditing

This methodology should be uniformly applied to all types of internal audit (gap analysis, system audits and process audits) that your organization will likely
undertake.

Finding Definition/Impact Action/Mitigation

Compliant means adherence with the requirements of the standard and the QMS. The
COMPLIANT Continue to monitor trends/indicators.
process is implemented and documented and records exist to verify this.

A low risk issue that offers an opportunity to improve current practice. Processes may Review and implement actions to improve the process(s).
OFI cumbersome or overly complex but meet their targets and objectives. Unresolved OFIs may Monitor trends/indicators to determine if improvement was
degrade over time to become non-compliant. achieved.

A medium risk, minor non-conformance resulting in deviation from process practice not
Investigate root cause(s) and implement corrective action by
MINOR N/C likely to result in the failure of the management system or process that will not result in the
next reporting period or next scheduled audit.
delivery of non-conforming products nor reduce the effectiveness of the QMS.

A high risk, major non-conformance which directly impacts upon customer requirements, Implement immediate containment action, investigate root
MAJOR N/C likely to result in the customer receiving non-conforming products or services, or which may cause(s) and apply corrective action. Re-audit in 4 weeks to
reduce the effectiveness of the QMS. verify correction.

Principles of Auditing
Auditing relies on a number of principles whose intent is to make the audit become an effective and reliable tool that supports your company’s management
policies and procedures whilst providing suitable objective information that your company can act upon to continually improve its performance. Adherence to
the following principles are considered to be a prerequisite for ensuring that the conclusions derived from the audit are accurate, objective and sufficient. It
also allows auditors working independently from one another to reach similar conclusions when auditing in similar circumstances. The following principles
relate to auditors.

1. Ethical conduct: Trust, integrity, confidentiality and discretion are essential to auditing;
2. Fair presentation: Audit findings, conclusions and reports reflect truthfully and accurately the audit activities ;
3. Professional care: Auditors must exercise care in accordance with the importance of the task they perform;

www.iso-9001-checklist.co.uk Page 4 of 78
Insert your company’s name or logo.
ISO 9001:2015 Audit Checklist
System & Process Compliance Auditing

Audit Checklist – Part 1

Section 4.0 Context of the Organization
Audit Findings
(Score ‘1’ per box) Opportunities for
Audit Evidence
Improvement (OFI)

COMPLIANT
Clause Ref Audit Question

MAJOR N/C
MINOR N/C
OFI
Provide reference to documented Provide suggestions for
information to justify the finding process improvement

Has your organization determined external and internal

issues relevant to its purpose and its strategic direction
4.1 1
that affect its ability to achieve the intended result(s) of
its QMS?

Does your organization monitor and review

4.1 2
information about these external and internal issues?

Does the organisation determine the interested parties

4.2 3
that are relevant to the QMS?

Does the organisation determine the requirements of

4.2 4
these interested parties that are relevant to the QMS?

Does your organization monitor and review

4.2 5 information about these interested parties and their
relevant requirements?

www.iso-9001-checklist.co.uk Page 11 of 78
Insert your company’s name or logo.
ISO 9001:2015 Audit Checklist
System & Process Compliance Auditing

Audit Findings Summary

Manually transfer any adverse audit findings from the Section 4.0 audit checklist above into the audit findings summary table below. At the end of the audit,
you can transfer the findings into an Excel spreadsheet to create charts, summary tables and trend data to paste into your audit report.

Clause ► 4.1 4.2 4.3 4.4 4.4.1 4.4.2

Question No. ►
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
Criteria ▼
OFI
MINOR N/C
MAJOR N/C

www.iso-9001-checklist.co.uk Page 16 of 78