11. Dec 2020

Fundamentals, potentials and risks

Remote Audits

You probably know from your own professional experience – the Corona crisis has set new waves of digitalization leading to a constant increase in virtual exchange. Topics such as working from home, e-learning and remote audits have become indispensable. 

More and more companies and their employees are intensively dealing with different online tools that have already become daily companions. What does this digital exchange look like in audit practice?

We have summarized the advantages and disadvantages, the legal framework and technical requirements for conducting remote audits. Martin Fridlqualityaustria Network Partner and Product Expert for Compliance Management Systems, ONR 192050ISO 37001 and ISO 19600 presents the answers to your most important questions.

Frequently Asked Questions – Our Answers

What is a remote audit?

In a remote audit, the auditor is not present on-site at the audited company, but is in contact with you via audio, video and data exchange from a different location. This allows, despite physical distance, to carry out the audit process as planned, e. g. by reviewing the documents online or by checking the premises in a virtual inspection tour.

Did you already see?

Our qualityaustria video (in German):

"Remote audits – In simple terms!"

See the video

When is it permissible to perform audit activities remotely?

Here, it is important to make a distinction between service companies and production companies. In the first, audits can be carried out 100% remotely, whereas in the latter, only 30% of audit activities can be conducted remotely if the company’s focus is on production. A rule of thumb: everything that can be shown in presentations on-site can also be shown remotely! An initial certification, however, is the most challenging situation and may only be performed remotely in exceptional cases.

How are remote audits conducted?

Basically, remote audits are conducted just like regular audits – but supported by information and communication technology (ICT). The audit program is largely planned as usual: the auditor and client “meet online” to discuss the objectives, opportunities and risks as well as the sequence of the audit. In addition, some checks have to be carried out before the remote audit: first, to make sure that the technical equipment is functioning and second, to ensure that the audit team is qualified for conducting remote audits. In contrast to an on-site audit, the parties involved in remote audits are not physically present in one room but communicate Online, in real time or with time delay. For subsequent improvement of the audit program, so-called “Lessons Learned” are also identified for remote audits.

What are the benefits of remote audits for auditors and companies?

Especially during the COVID-19 pandemic, remote audits are advantageous as they provide a significant plus in flexibility despite all travel restrictions. This is particularly important for organizations with numerous national and international sites. The remote option allows conducting safe audits in accordance with the schedule while simultaneously saving on travel time and costs.

What are the risks when conducting remote audits?

As with on-site audits, success stands and falls with the auditors’ willingness to engage with the respective (virtual) environment. It is equally important to actively involve the audit partners. Furthermore, it is essential to create a dialogue and not to deliver monotonous presentations. In addition, it is necessary to have sufficient know-how about the technical equipment and technologies used and to meet the requirements for information security and confidentiality. These include, for example, security aspects related to privacy (data protection) and copyright issues (images, prohibition of recordings or screenshots of any type etc.)

What regulatory framework must be observed?

Even though the current pandemic situation requires the execution of remote assessments, there are legal aspects that need to be taken into account before performing an audit remotely. For example, not all communication and information tools are suitable for use in remote audits. General Regulations, such as the European General Data Protection Regulation (EU-GDPR) on the processing of personal data, also play a significant role with regard to data security.

Which technical requirements must be met?

For a remote audit, you need the appropriate hardware and software as well as sufficient know-how to use it. In addition to laptops, webcams or headsets, there are now numerous tools designed for online dialog, screen sharing or team work. It is also advisable to use reliable cloud services for transferring data and media.

Which principles apply to remote audits?

For remote audits, the principles of auditing– as defined in ISO 19011 – Guideline for auditing management systems, and which also provide the basis for risk assessment, apply:

  • Integrity
  • Fair presentation
  • Due professional care
  • Confidentiality
  • Independence
  • Evidence-based approach
  • Risk-based approach

Are remote audits the future?

Certainly the number of remote audits will increase in future – especially for internal audits. Nevertheless, remote audits can only be a good alternative to on-site audits but can or should never replace them entirely.

In conclusion, this means that a remote audit offers new opportunities but also has its limitations; depending on the individual situation and the respective needs, it is important to weigh whether a remote audit is a suitable method for conducting the audit. However, the digital transformation and shift to virtual methods due to the current crisis indicate that remote audits will continue to accompany our daily business in the future.

International training program

>> Train for your success!

Authors

Network partner

Mr. Martin Fridl

Network partner, Product Expert Compliance Management Systems, ONR 192050, ISO 37001, ISO 19600

News & Events

The basis for long-term success!

30. Mar 2021

Avoidance of hazards arising from combinations of Personal Protective Equipment

Occupational Health & Safety

Learn more
25. Mar 2021

3 years of ISO 45001:2018

A success story

Learn more
24. Mar 2021

New regulation: IFS Split Assessments

Food Safety update

Learn more
19. Feb 2021

Emergency – Emergency preparedness and response – Emergency response capability → protects human lives!

Preparation in theory and practice is essential!

Learn more
09. Feb 2021

New EU database for pollutants: Experts expect positive effects on the Circular Economy

Tips on Circular Economy

Learn more
29. Jan 2021

Health Expert Dr. Günther Schreiber suggests: Eight steps to manage mental stress in the Workplace

Business continuity

Learn more
14. Jan 2021

The Top 5 insights from 2020 – from a different perspective

Lessons Learned

Learn more
13. Jan 2021

Revision PEFC CoC

New Year’s News

Learn more
21. Dec 2020

Occupational health and safety of workers – more important than ever?

Business continuity

Learn more
15. Dec 2020

IATF 16949 audits in times of the COVID-19 pandemic

When may an IATF 16949 audit take place remotely?

Learn more
19. Oct 2020

The right training makes the difference

Train for your success

Learn more
15. Oct 2020

VCK Quality Day 2020

International & digital conference

Learn more
+43 732 34 23 22