Remote Auditing: The Future Is Now

Remote AUditing Webinar

Unfortunately, this video cannot be played back due to your data protection setting. You can change your settings here at any time.

Open video external

FAQ

Jump to a Topic

Audit Preparation & Audit TIme

If the audit is for an accredited certification audit, Certification Bodies are obligated to assign auditors that have prior knowledge of the client's industry, and in particular have experience to audit the scope of clients activities. The client can and should interview auditors prior to an audit.

Yes, all certification audits are typically done under confidentiality agreements.

Organizations may opt to conduct rehersal audits or a readiness review to ensure that future audits go smoothly.

Remote Auditing should not take extra time over an on-site audit if planned properly .This means there are no extra delays during the audit due to technical or logistical issues.

No standard forbids remote auditing, but some may require some on-site audits in addition to the remote audits.

IATF and accreditation bodies around the world have developed extensive Q&A on this topic.

ANAB has also issued a Heads Up document.

There is no need specific requirement for this, but if the organization feels this will help maintain and improve their system, there is nothing forbidding it either.

Asynchronous review of audit material before or after a Remote Audit counts towards the audit duration.

The typical minimum requirements for the standard and scope apply for Remote Audits. Additionally, for ICT competence, DEKRA has a internal training and credentialing process.

DEKRA will conduct a risk assessment for each audit event, so a plan will need to be provided and approved for each.

Yes, DEKRA will share our planning checklist with our clients prior to the remote audit.

Auditor Qualifications & Challenges

  • Meeting and exceeding client objectives and satisfaction
  • Inexperience of individuals to be audited in a remote methodology
  • Auditee(s) not preparing in advance for a Remote Audit,
  • IT challenges due to bandwidth, or connectivity

The audit may need to postponed, and decision recorded accordingly.

If the audit is for an accredited certification audit, Certification Bodies are obligated to assign auditors that have prior knowledge of the client's industry, and in particular have experience to audit the scope of clients activities. The client can and should interview auditors prior to an audit.

In order to have an effective Remote Audit, documented information should be in digital format that can be accessed by the auditor during the audit.

It depends on the size and scope of the audit. Justifications should be provided according to how the sampling meets the intent.

All of DEKRA’s auditors who are interested in conducting Remote Audits have been trained to conduct Remote Audits.

The typical minimum requirements for the standard and scope apply for Remote Audits. Additionally, for ICT competence, DEKRA has a internal training and credentialing process.

A risk assessment is conducted prior to the remote audit, which would determine if any situation would not allow for the audit to reach the audit objectives. Specifics should be discussed prior to the audit.

Documentation

The documents should be shared in the client's preferred environment with proper security measures, such as a safe and secure online FTP site. Clients should feel comfortable that their data is safe and used for the audit purpose only, and that there is no record retention by external parties.

In order to have an effective Remote Audit, documented information should be in digital format that can be accessed by the auditor during the audit.

All documented information revelant to your processes should be considered for Remote Auditing.

No standard forbids remote auditing, but some may require some on-site audits in addition to the remote audits.

For each Remote Audit , we conduct a risk assessment with the client. All security issues need to be addressed and agreed upon by both the client and DEKRA.

Asynchronous review of audit material before or after a Remote Audit counts towards the audit duration.

Screenshots/screen captures should not be taken without the client's explicit consent. Generally, remote audits should not be recorded.

Yes, DEKRA will share our planning checklist with our clients prior to the remote audit.

Technology & Tools

  • Meeting and exceeding client objectives and satisfaction
  • Inexperience of individuals to be audited in a remote methodology
  • Auditee(s) not preparing in advance for a Remote Audit,
  • IT challenges due to bandwidth, or connectivity

The documents should be shared in the client's preferred environment with proper security measures, such as a safe and secure online FTP site. Clients should feel comfortable that their data is safe and used for the audit purpose only, and that there is no record retention by external parties.

In order to have an effective Remote Audit, documented information should be in digital format that can be accessed by the auditor during the audit.

Organizations may opt to conduct rehersal audits or a readiness review to ensure that future audits go smoothly.

For each Remote Audit , we conduct a risk assessment with the client. All security issues need to be addressed and agreed upon by both the client and DEKRA.

Asynchronous review of audit material before or after a Remote Audit counts towards the audit duration.

The typical minimum requirements for the standard and scope apply for Remote Audits. Additionally, for ICT competence, DEKRA has a internal training and credentialing process.

Screenshots/screen captures should not be taken without the client's explicit consent. Generally, remote audits should not be recorded.

We will use technology, such as video conferencing, to handle interviews.

A risk assessment is conducted prior to the remote audit, which would determine if any situation would not allow for the audit to reach the audit objectives. Specifics should be discussed prior to the audit.