8.2.2 Internal audit

An internal audit procedure must define:

  • Criteria
  • Scope
  • Program frequency
  • Method
  • Report results
  • Keep records (see 4.2.4)


Q: What do we audit against?

A: Your procedures, ISO 9001:2008. Plus any industry specific regulations or contractual requirements.

Tip: Read the relevant documentation prior to the audit and make an audit checklist of the key aspects that you wish to audit. The checklist is merely an aide-memoir, don't be blinkered by it.


Q: How far do we go?

A: Far enough to ensure the sequence and interaction of processes.

Program frequency

Q: How often?

A: Internal audit program frequency is not specified in ISO 9001:2008. Normal practice is to audit the whole QMS (but in bite-sized pieces) at least once per year or more often if considered appropriate.

Tip: Use the company process-map (see 4.1 ) as a basis for the audit programme – plan to audit related procedures (e.g. Enquiry and Quotation, Order Receipt, etc.) within a process (e.g. Sales) and ensure there is some overlap into the next process.


Q: How do we audit?

A: Interviewing staff, observing activities and viewing relevant records.

Report results

Report the audit results to management. You need to include in your procedure how any problems and improvements are followed up.

Q: What should be included in my report?

A: Your report should be objective and provide a balanced view. Report good things (conformance), bad things (non-conformance) and observations on possible improvements.

Q: What is a non-conformance?

A: ISO 9000 defines non-conformity as the failure to fulfil a requirement. So, if you can demonstrate that a requirement of ISO 9001, your procedures or other relevant document has not been met then you have a non-conformance.

The term "observation" is your opinion - so make sure you report it as such.

Keep records

Auditor training records are also required, see 6.2.

Job Description:

1. confirm compliance with ISO 9001, any other regulations, company procedures, etc.

2. seek improvements (or simplifications) in processes.

Tip: Don't forget to audit "top management".

There is considerable emphasis on top management being seen to be on-board and playing the game. Top management is defined as the person(s) who direct an organisation at the highest level.

The principal message that management must get across is that the objective of this business is to keep the customer happy.

Specifically, management must communicate these ideas (5.1, 5.2, 5.3, 5.5.1, 5.5.2, 5.5.3) to the employees who should be aware of their own roles and responsibilities (6.2.2).

Notice that few of these clauses specify a procedure or a record – top management are simply required to do it.

As a result, the Certification Body will want to question the Directors and the staff. This something that your own auditors must also do.

Also see ISO 19011.

The Human Aspect of Auditing

Good auditors realise very early on that they are dealing with personalities as much as processes and systems. Whilst the intent of the audit a serious one, often light humour, politeness and diplomacy are the best ways to build rapport. It is vital every effort is made to reassure those being audited that the audit’s primary function is to drive improvement, not to name and shame.

If you are new to auditing, acknowledge this fact, be open and honest. It is also important to explain to the auditees that they are free to express their views during the audit. Remember that you, the auditor, are also there to learn.

Always discuss the issues you have identified with the auditees and always provide guidance on what is expected in terms rectifying any non-conformances or closing out observations you raised. Let the auditees know they are welcome to read your notes and findings; the audit is not a secret.

Try not to be drawn into arguments concerning your observations. It is never appropriate to directly name people in the audit report as this may lead to defensiveness which is ultimately counter productive.

Preparing for the Audit

Preparation is the key to a meaningful audit and, as such, you should have an up-to-date audit schedule and a well defined audit plan for each process. Be sure to communicate the audit schedule to all parties involved as well as to top management as this will help reinforce your mandate.

The audit schedule is a living document and should not be cast in stone, but instead, it should be allowed to evolve organically with the needs of the business. Always review historical audit reports and check during the audit that any previous corrective or preventive actions are still operating.

Elementary Audit Questions

These basic audit questions will help guide the audit in the right direction since the answers they provide often unlock the doors to information the auditor requires in order to accurately assess the particulars of a process.

Consider these common audit questions:

  1. What are your responsibilities?
  2. How do you know how to carry them out?
  3. What kind of training is given to new employees?
  4. How is the effectiveness of training evaluated?
  5. Are training records maintained?
  6. What are the objectives of your processes?
  7. What is the quality policy and where is it found?
  8. Which documents do you use and are they correct?
  9. What outputs does your process create?
  10. How are your records maintained?
  11. How do you ensure that products meet the stated requirements?
  12. Is customer satisfaction data analyzed?
  13. How do you ensure that products meet the stated requirements?
  14. What happens when changes are made to product requirements?
  15. What are the responsibilities/authorities for dealing with non-conformances
  16. Are there trends in non-conforming products and what's being done about it?
  17. Is the non-conformance procedure linked to the corrective action process?
  18. Are employees made aware of the quality policy and objectives?
  19. Are policies and objectives available and relevant?
  20. How are quality objectives determined?
  21. Is there a clear link between the policies and objectives?
  22. How is progress towards objectives measured and communicated?
  23. Has the number of customer complaints changed over time?
  24. What tools are used to identify the causes of complaints?
  25. How are improvement efforts and successes communicated to employees?

How to Audit a Process

If you have been involved in a certification body audit, you will have probably noticed that the professional auditors often use this method to perform the audit. They will start at either the beginning or the end of the organisation's workflow and follow a sample of inputs and outputs (e.g. orders, contracts, projects, products, etc.) through the organisation. This is known as a process audit. On an internal audit, you may not have time to cover the entire process in one audit, in which case, divide the process into manageable units and use that as the basis for your audit schedule and checklist.

The first task for the auditor is to establish what the process is intended to achieve. If it is a sales department, it could be that its primary function is to provide an effective interface between the organisation and its customers and to input clear and accurate customer data onto the computer system in a timely manner. (These may turn out to be the ‘quality objectives' for that process as required by Para 5.4.1). If these are the most important objectives of that process, then the audit must concentrate on verifying whether or not they are being achieved.

Performance is often best proven by looking at how well output of Process A satisfies the input requirements of Process B. For example: how often does Process B have problems with customer data entered on  the system, how many customer complaints have arisen due to inaccurate or late information being entered? If there is a documented procedure in place, it should define the process and the steps to be taken to ensure the objectives are achieved.

Consider these points:

  1. Is there continuity between the various processes in the organisation?
  2. Is the task done consistently on a person-to-person or day-to-day basis?
  3. Do the interfaces between the departments operate smoothly?
  4. Does product information flow freely?
  5. Is the procedure right?
  6. Does it meet the Standard?
  7. Is it helping the organisation effectively?

How to Measure a Process

A clue can be found in ISO 9001:2008 Clause 8.4. We are told to determine, collect, and analyze data to provide insight about the health of your quality management system. It goes on to provide a minimum of four areas that you must perform this analysis for: customer satisfaction, product quality, process performance, and supplier performance.

Clause 8.2.3 broadly addresses the monitoring and measurement of the processes referred to in Clauses 4, 5 and 6. Clause 8.2.4 mainly focuses on monitoring and measurement of the outputs from the Product Realisation process.

The processes that require measurement are:

  1. The establishment of the quality policy and objectives
  2. The establishment of the quality manual
  3. The control of documents
  4. The control of records
  5. The process of defining and communicating responsibility and authority
  6. The management representative appointment
  7. The establishment of internal communication
  8. The conducting of the management review
  9. The provision of human resources
  10. The provision of infrastructure and work environment

A common way measure a process is with quality objectives and key performance indicators. Select an objective or indicator for each core process, ensure it is measurable and track that indicator on a periodic basis (monthly, quarterly, annually, whatever makes sense for that metric). A single indicator may be used for more than one process. Include trend charts showing the performance of the metric from period to period.

How to Audit without Procedures

In cases where an organisation has chosen not to operate a documented procedure, the first in step must be to establish what methods exist to control the process. From there, the auditor can evaluate the effectiveness of the process by testing to ensure it is performed consistently and by comparing it to the appropriate clauses of ISO 9001.

Select the ‘predominant' ISO clause for the process being audited plus the more general ones and you should be able to verify both the effectiveness of the process and also its compliance to the standard.

This can prove particularly useful when performing internal audits, as it helps the organisation to satisfy the requirements of clause 8.2.2 which requires us to ‘determine whether the quality management system conforms to planned arrangements, to the requirements of this International Standard and to the quality management system requirements established by the organisation’.

Getting the Most from the Audit Schedule

The audit schedule is divided up to reflect each section of ISO 9001:2008. You should determine which of these sections are of greatest relevance to your business; in other words, which processes, should there be problems, will affect your customers the most. These are the processes that your company must make certain remain stable and consistent. You might wish to schedule these key processes for additional audits, perhaps two or even three times per year.

The audit schedule provides the following benefits:

  1. Provides a visual plan of the audit programme
  2. Demonstrates coverage of the whole standard
  3. Provide current status of the audit programme
  4. Promotes awareness

Internal Audit Templates


Who is this for?

Companies already ISO 9001:2008 certified who wish to make the transition to ISO 9001:2015 for their Internal Audit Documentation.

We sell 3 other versions of Internal Audit Templates:
- ISO 9001:2015 first time ISO 9001 implementation
- ISO 9001:2008
- ISO 14001:2004

Written by ISO Auditors and Quality Manager Trainers

  • Everything you need for Internal Audit Documentation
  • Save time and money
  • Quick, simple to use
  • Do everything yourself without a consultant
  • Includes step-by-step guides
  • Documents are MS Word files, fully editable
  • All documents use styles – format quickly and easily to your branding
ISO 9001 Quality Manual Template Stamp

Bought by Small Businesses and Large Corporations our templates have been sold online and CD since 2002. Learn more about us

Internal Audit Templates Transition


  • 100% secure
  • Payment by credit card or debit card
  • Immedite download
  • Email with download link and sales receipt
Internal Audit Templates Transition
with guidance & interpretation


  • 100% secure
  • Payment by credit card or debit card
  • Immedite download
  • Email with download link and sales receipt
Who is this for?

Companies already ISO 9001:2008 certified who wish to make the transition to ISO 9001:2015 for their Internal Audit Documentation

Quality managers who have good knowledge of ISO 9001:2015

Companies already ISO 9001:2008 certified who wish to make the transition to ISO 9001:2015 for their Internal Audit Documentation

People new to ISO 9001:2015



Procedures - view sample procedure

  • Control of Non-conformity & Corrective Action
  • Control of Internal Audits
  • Control of Non-conformity & Corrective Action
  • Control of Internal Audits

Reports & Forms - view sample form

  • Corrective Action Report
  • Internal Audit Report
  • Non-conformance Report
  • Corrective Action Report
  • Internal Audit Report
  • Non-conformance Report

Process Maps - view sample process map

  • Control of Non-conformity & Corrective Action Process Activity Map
  • Non-conformity & Corrective Action Process Map
  • Control of Internal Audits Process Activity Map
  • Internal Audit Process Map
  • Control of Non-conformity & Corrective Action Process Activity Map
  • Non-conformity & Corrective Action Process Map
  • Control of Internal Audits Process Activity Map
  • Internal Audit Process Map

Audit Checklists - view sample

  • Internal Audit Checklist
  • Process Audit Checklist
  • Supplier Audit Checklist
  • Internal Audit Checklist
  • Process Audit Checklist
  • Supplier Audit Checklist

Internal Audit, Non-Conforming & Corrective Action Tracker - view sample

Gap Analysis Checklist - view sample

Implementation Checklist - view sample


Guidance and Interpretation - view sample

ISO 9001-2015 Transitioning Planning Guidance

ISO 9001-2015 Internal Audit Guidance

ISO 9001-2015 Clause-by-clause Interpretation

ISO 9001-2015 Documented Information Guidance & Matrix

ISO 9001-2015 v 2008 Correlation Matrix












Easy to edit and customise, using MS Word styles throughout

Same format and numbering as the standard - why?

Each Procedure and Form is a separate document - why?


12-months free support

12-months free updates

Unlimited users within company

Secure payment by credit card or debit card

or Wire transfer / BACS

Internal Audit Templates Transition


  • 100% secure
  • Payment by credit card or debit card
  • Immedite download
  • Email with download link and sales receipt

Internal Audit Templates Transition
with guidance & interpretation


  • 100% secure
  • Payment by credit card or debit card
  • Immedite download
  • Email with download link and sales receipt

Systems requirements

100% secure

100% Secure

Safety is our #1 priority. We guarantee our website and payment processing is 100% secure.

We use PayPal's secure payment system to process all online transactions, whether you pay by credit card, debit card, direct debit or your PayPal account. You can use the VeriSign Identity Protection (VIP) Network which offers an extra layer of security when you log in to PayPal with your PayPal Security Key.

PayPal Verified

Learn about PayPal's buyer protection.

Alternatively to Paypal, you can choose to use SendOwl and Stripe to process your credit card or debit card payments.

checkout screenshot



After payment download the files immediately to your computer or dropbox.

download screenshot


You will be sent 2 emails. The first contains a link to the download files. The second is a sales receipt.

This video shows our ISO 9001:2008 Quality Manual Template

More Information

  • Document Format
    • What format are the templates?

        All of the templates are supplied as MS Word (2007) documents to be edited and modified to suit your company.

    • Do the templates use styles and headings?

        Yes, the templates use styles for text and headlines, allowing you to easily and quickly adjust the formatting.

    • Are the headings linked to the table of contents (TOC)?

        Yes, the table of contents (TOC) is auto formatted to align with headings 1,2, etc.

    • How should I assign document numbers and their sequence?

        We use the same numbering sequence as ISO 9001 in our quality manual templates. You are free to replace these with a system that works best for your staff and for the business - as long as the system is logical, documented and communicated, it should be more than adequate.

    • More
  • Payment and Billing
    • How can I pay?
        • Credit Card
        • Debit Card
        • Paypal
        • Bank Transfer / Wire Transfer / BACS

        Payment processor - We use Paypal and Stripe to process all credit card and debit card payments.

        Wire Transfer or BACS - For more information please click here.

    • What currencies do you accept?

        Wire Transfer or BACS - All currencies. For more information please click here.

        Credit Card or Debit Card - We accept payment in 135 currencies.

        The currency conversion calculation will be displayed to you at the time of payment.

    • Can I use a Credit Card or Debit Card?

        Yes, we accept payment by credit card and debit card:

        • Visa/Delta/Electon
        • Mastercard/Eurocard
        • Discover
        • American Express
        • Switch/Meastro

        Payment processor - You can choose to use Paypal or Stripe to process your credit card or debit card payments.

    • Can I pay by wire transfer, bank transfer or BACS?
    • More
  • Downloading and Delivery
    • How do I download the product?

        1. After payment you will be taken to the download page.

        2. You will be emailed download instructions.

    • Can I download the product immediately and start using it?


    • Do you send me an email with the download?


    • How do I download the product if I pay by bank transfer or BACS?

        You will be sent an email. For more information please click here.

    • More
  • Support
    • Do you provide ongoing support?

        Yes, we provide ongoing technical support and can advise on questions regarding the templates and their application.

        Please contact us to discuss your requirements and ensure our templates are right for you.

    • Can I call you?

        Yes, you can call us.

        For ISO 9001 documentation support it is best to email us with your documentation attached along with your questions.

    • Do you offer consultancy services?

        Yes we offer ISO consultancy services in the UK, please contact us for more information.

    • More
  • License and Updates
    • What is the product license?

        Template license - the product is licensed for you to use within one company indefinately. For more details please read our terms and conditions.

        Support and Updates - you receive one years email support and updates from the date of purchase. If you have any questions, please email our support team with your documentation attached along with your questions.

    • Can I use the Templates for more than one company?
    • How often do you update the products?

        Product development - major updates occur once a year, generally in January or February. This includes updates to the Quality Manual Template, procedures and supporting materials.

        Auditors like to see continuous improvement to your Quality System documentation. We aim to help you by refining the documentation through projects we have worked on throughout the year. Implementing these changes to your Quality Manual or Procedures provides evidence of this work for your next Audit.

        We also provide new content we insert into the Template packages to you free of charge - for example this year we are working on training materials for Internal Auditor and Staff Training.

        Minor improvements are not usually scheduled for release as an update unless they will help your business - such as better processes or flow-chart diagrams.

    • More

Frequently asked questions - FAQs

  • Which template should I buy?

      If you are new to ISO 9001:2015 you should buy the 'guidance' version.

      Please contact us if you are unsure which version of the Template is suitable for you.

  • Do the templates include everything I need to prepare for ISO certification?

      Yes. They contain everything required to achieve ISO 9001 certification.

  • How long will it take?

      A. If you are just looking for help documenting your Quality Manual and Procedures - this will take 2 to 3 days.

      B. Implementing ISO 9001 will take anywhere from 1 month to 9 months, depending on:

      • The size of your organization
      • Your business type, how many procedures you document, and the records that you keep
      • Management commitment
      • Resources

      For more information regarding the steps needed to gain ISO 9001 certification please read How do I implement ISO 9001?

  • Are the templates 'universally acceptable'?

      Yes, our templates are purchased and used Worldwide. ISO 9001 is an international standard and this is reflected in our templates.

Any Questions?

Please email info@iso-9001-checklist.co.uk or call us on 020 8144 1863 if you have any questions about our Quality Manual Templates and if they're suitable for you.

Recent Clients

Please view our Client list.

ISO 9001 Client images

'Excellent value for money, simple, easy to follow, professional and comprehensive and would recommend it without reservation to any company seeking ISO accreditation. With these documents, we achieved accreditation, with praise from the accrediting organisation for our outstanding system.'
- Chania Trent GPS Ltd

'I found the service exceptional and the content of the manufacturing Pack easy to use, understand and implement. Definately leagues ahead of competitors offerings.'
- PMD Device Solutions Limited

'Excellent quality manual and procedures - Easy to use.'
- Asco Industries

'A massive assist within the implementation process and subsequent U.K.A.S certification award. The external Auditors commented upon the presentation standard of the documentation. Simple to follow and amend to bespoke requirements and procedures.'
- Queensgate Instruments