What is a Surveillance Audit and how it differs from recertification

Surveillance Audit is a follow-up process after a company gets ISO certification. 

Basically, companies not only need to conduct certification audits, but also need to implement surveillance audits and recertification audits as a follow-up step. 

To better understand the surveillance audit, how the process, as well as explanations related to certification and recertification audits, please listen to the explanation of this article.

What Is A Surveillance Audit 

Surveillance audits are periodic checks carried out by independent certification bodies to organizations or companies that have obtained certification.

This supervision process is carried out to ensure the effectiveness and consistency of the company in implementing a quality management system or QMS based on ISO standards. 

In general, ISO certification is valid for up to 3 years. However, companies need to do audit surveillance every year to ensure compliance with the rules. 

After 3 years of validity of ISO certification, organizations or companies can re-certify. 

In the audit process, the auditor will identify the entire organization, from employees to each unit in carrying out each activity in the company in accordance with the established SMM. 

This is because in order to maintain ISO certification, the company must comply and run the quality management system in accordance with the established system. 

The implementation of surveillance audit is always followed by an interview that asks about the effectiveness and consistency of the company against the ISO system. The following are some common questions asked by auditor., such as:

• Does the company still comply with the requirements of ISO clauses?
• Is the company still implementing the policies and sops set by ISO?
• Does the company evaluate and improve the quality management system through internal audit and management review on a regular basis?
• What are the stages in making continuous improvements in accordance with ISO standards?
• What steps are taken to deal with internal problems of the company or organization?

Read Also: Understanding Audit Standards along with 3 Types and Their Qualifications

Proses Audit Surveillance

Surveillance Audit is said to be quite crucial because it is used to review the company's compliance with ISO clauses. 

What if there is a discrepancy with ISO standards? The thing that needs to be done is to conduct a review and internal audit of the company. 

That is why ISO certificate holder organizations need to run the company in accordance with the policy in order to remain entitled to certain operations. 

Surveillance audits conducted annually after obtaining certification are carried out by independent institutions that issue such certificates.

Because done annually within three years of its validity, the surveillance audit will be preceded by a management review, internal audit, and revisit adjustments over the past year.

The explanation related to the preparation before conducting a surveillance audit is as follows:

• Review the results of previous audits, where the auditor will conduct a review and corrective action on the conclusions of previous surveillance audits which are then continued by ensuring that existing non-conformities have been overcome with appropriate steps, while committing to continuous improvement. 
• Updating documentation, where the auditor will verify the documentation that includes work instructions, records, internal policies, and procedures from the aspect of their accuracy and updating in order to remain in accordance with practices in the company. 
• Perform internal auditl, where this process allows surveillance audits to be more efficient in identifying potential problems or nonconformities that occur to take remedial steps. 
• Provide training to employees related to ISO, where it aims to ensure compliance while increasing awareness of all employees in carrying out their obligations and duties based on the ISO management system. 
• Preparing documented information, where the auditor will collect all the required documentation, such as the results of previous supervisory audits, corrective action reports, and delivery audit evidence for continuous compliance with standards. 
• Perform Management review, where the auditor will review the management system comprehensively which includes the effectiveness of performance, aspects that can be improved, and the flexibility of the company to the management system to remain in accordance with ISO clauses. 
• A pre-audit meeting, where the company will conduct a meeting with audit team which allows companies to better understand the audit process, ranging from discussing the scope of the audit, providing answers to related questions, and others so that supervisory audits can run optimally.
• Checking compliance with the rules, where the company needs to monitor changes in industry legislation or ISO standards that may occur periodically, so that the company can ensure compliance with these modifications.
• Implement remedial measures, where the auditor will ensure the implementation and effectiveness of corrective actions taken by the company on non-conformities that occur. The company will then present evidence of remedial action that demonstrates a commitment to addressing the problem at hand. 
• Performing simulations, is a preventive measure that companies take to introduce staff to audit procedures, thus allowing the team to help review possible nonconformities during the audit process. 
• Easy access to documentation, where the company can facilitate management and access to areas that need to be identified, so that the audit process can run more optimally and effectively. 

Read Also: 7 Differences between Internal and External Audit, Let's Know!

Difference between certification, Surveillance, and recertification audits 

Basically, the three audits have some similarities, such as the same conducted by the certification body, the same in issuing corrective actions if found discrepancies, and the same in producing audit reports. 

The general difference is in the quantity of hours used for the process in the audit. 

Certification Audit

It is an audit that is carried out for the first time by companies that want to obtain ISO certification by ensuring compliance with established standards. 

The certification Audit includes two stages, where the first stage is usually carried out remotely to review the company's readiness to participate in the second stage of the audit. 

After meeting the minimum criteria of stage one, the next stage will be carried out in the company. 

In this second phase, the auditor will begin to identify the company in depth, from reviewing documents, conducting interviews, and observing work that includes meeting aspects of the standard by the company. 

The validity period of certification obtained by the company is three years by conducting a supervisory audit every year. 

Audit Surveillance

Has a scope that is not as extensive and not as intensive as certification audits, where the auditor's task is to conduct periodic reviews. 

The company will be reviewed from the aspect of its compliance in carrying out ISO clauses, so that the organization can maintain its certification. 

Surveillance audits conducted annually during the three-year validity period of this certification will not necessarily identify all aspects of the company's quality management system. 

This is because companies can review certain aspects, such as the scope of potential gaps after previous remedial actions. 

To ensure the company's eligibility for certification, the company will certainly be committed and responsible in handling repairs to non-conformities that occur. 

Audit Recertification

As the name suggests, this audit is a recertification after the validity period of the first certification expires after three years. 

The auditor's task in this audit is to ensure that any changes that occur in the company have been properly assessed and documented, as well as providing the necessary training for employees. 

In addition, recertification also plays a role to ensure that the company always adjusts the quality management system to the latest version of ISO standards that apply. 

Conclusion 

Audit surveillance is a crucial aspect in supervising the company'S SMM to remain in compliance with ISO standards. 

In addition to conducting certification, companies also often conduct internal audits, such as compliance audits, operations, financial statements, and performance audits.

Like Audithink which has supported many companies from various industries in conducting internal audits. 

You can contact contact to obtain more information about Audithink services. Please schedule demo to immediately carry out the audit program of the company!