We are often asked to explain the difference between an inspection and an audit.
ISO/IEC 17020:2003 Conformity assessment — Requirements for the operation of various types of bodies performing inspection defines an inspection as:
“examination of a product, process, service, or installation or their design, and determination of their conformity with specific requirements or, on the basis of professional judgment, with general requirements”.
ISO 19011:2018 Guidelines for auditing management systems defines an audit as:
“systematic, independent and documented process for obtaining objective evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled”.
An inspection is a critical examination usually following a predefined checklist, and with a defined frequency (daily, weekly, monthly, bimonthly, etc.) in order to verify compliance with scheduled maintenance, equipment integrity, safety equipment, etc. This can be done by a competent employee or by a third-party resource. Therefore, an inspection looks at the physical condition of assets in a workplace.
Inspections are carried out with the purpose of providing information about the conformity of inspected items with regulations, standards, specifications, inspection schemes, or contracts. Inspection parameters include attributes such as quantity, quality, safety, fitness for purpose, and continued safety compliance of installations or systems in operation.
Inspections can include the examination of materials, products, installations, plants, processes, standard operating procedures or services, and the determination of their conformity with requirements. The results of these activities can be subsequently reported to clients and, where appropriate, to regulatory authorities. Inspection can encompass all stages of the lifecycle of these items, including the design and development stages. Such work normally requires the exercise of professional judgement in performing inspection, in particular when assessing conformity with general requirements.
Inspection activities can overlap with testing and certification activities where these activities have common characteristics. However, an important difference is that many types of inspection involve professional judgement to determine acceptability with general requirements, for which reason inspectors need the necessary competence to perform the task.
ISO 19011:2018 defines an audit as a “systematic, independent and documented process for obtaining audit evidence (records, statements of fact or other information which are relevant and verifiable) and evaluating it objectively to determine the extent to which the audit criteria (a set of policies, procedures or requirements) are fulfilled.”
There are three main types of audits:
Process audit: This type of audit verifies that processes are operating within established limits. It evaluates an operation or method against predetermined instructions or standards to measure conformance to these standards and the effectiveness of the instructions. A process audit may:
- Check conformance to defined requirements such as time, accuracy, temperature, pressure, composition, responsiveness, and component mixture.
- Examine the resources (equipment, materials, people) applied to transform the inputs into outputs, the environment, the methods (procedures, instructions) followed, and the measures collated to determine process performance.
- Check the adequacy, efficiency and effectiveness of the process controls established by procedures, work instructions, flowcharts, and training and process specifications.
Product audit: This type of audit is an examination of a particular product or service, such as hardware, processed material, or software, to evaluate whether it conforms to requirements (i.e., specifications, performance standards, and statutory and regulatory and/or customer requirements).
System audit: An audit conducted on a management system. It can best be described as a documented activity performed to verify, by examination and evaluation of objective evidence, that applicable elements of the system are appropriate and effective and have been developed, documented, and implemented in accordance and in conjunction with specified requirements.
An audit can be conducted against a range of audit criteria, separately or in combination, including but not limited to:
- requirements defined in one or more management system standards
- policies and requirements specified by relevant interested parties
- statutory and regulatory requirements
- one or more management system processes defined by the organisation or other parties
- management system plan(s) relating to the provision of specific outputs of a management system (e.g., quality plan, project plan)