ISO 14001 remote audits – Pros and Cons
ISO 14001 lead auditors globally are faced with a new challenge. Auditing of their systems when virtually the globe is in lockdown owing the COVID-19 virus. Fortunately, ISO 19011 in its 2011 revision allowed remote audits and even gave a table that outlines the considerations for virtual (remote audits). ISO 14001 lead auditors conducting internal/external audits will need to be guided by their organization guidelines for remote audits. Several certification bodies have allowed for remote audits to be conducted. However, in question is the extent to which a remote audit may be conducted and whether it will be able to add value. ISO 14001 lead auditors looking to conduct audits will need to consider the following in deciding whether to conduct a remote audit or not.
Availability of Documentation
For remote audits to be effective and for the time to be utilized well, documentation must be available online for a screen share. This ensures the audit time it well utilized, and time is not wasted in scanning documents. Another key consideration however is the security of the documentation being viewed. The ISO 14001 Lead Auditor must recognize that popular virtual meeting software may be hosted on remote servers and not adequately protected to meet the protection requirements for the information being shared. For this purpose, when considering impediments to the audit the auditor must consider whether such information needs to be available beforehand shared through a secure means.
While this may be an obvious point to consider, often the assumption may be that internet connectivity is excellent across the globe. However, even in remote parts of the United States connectivity is poor with blind spots and low bandwidth that may not support a remote audit. As such it is prudent to conduct a test of the connectivity prior determining if a remote audit should be conducted. When conducting global audits remotely this is an important consideration.
Integrity of the audit
Most importantly the integrity of the audit needs to be considered. The ISO 14001 lead auditor needs to assess if the remote audit may impact the objective of the audit and if the auditee documentation is indeed effectual. This applies even to interviews conducted as it may be hard to determine in a remote interview if the answers are being prompted. Further when conducting virtual ‘floor walks’ of manufacturing facilities and storage areas, the auditor must consider not only the connectivity (as the video is shared from different locations of the facility) but also whether they can assess the conformity to requirements via this means.
Assessing how the organization has considered risks and addressed them may also prove challenging. The use of technology has enabled remote audits to be conducted and will enable savings in travel for many organizations. ISO 14001 Lead Auditors will need to adjust their auditing techniques to meet the objectives of their audit when employing these remote techniques. QMII’s ISO 14001 Lead Auditor training introduces students to the techniques to conduct value adding audits both in a virtual and onsite format.