11. Dec 2020

Fundamentals, potentials and risks

Remote Audits

You probably know from your own professional experience – the Corona crisis has set new waves of digitalization leading to a constant increase in virtual exchange. Topics such as working from home, e-learning and remote audits have become indispensable. 

More and more companies and their employees are intensively dealing with different online tools that have already become daily companions. What does this digital exchange look like in audit practice?

We have summarized the advantages and disadvantages, the legal framework and technical requirements for conducting remote audits. Martin Fridlqualityaustria Network Partner and Product Expert for Compliance Management Systems, ONR 192050ISO 37001 and ISO 19600 presents the answers to your most important questions.

Frequently Asked Questions – Our Answers

What is a remote audit?

In a remote audit, the auditor is not present on-site at the audited company, but is in contact with you via audio, video and data exchange from a different location. This allows, despite physical distance, to carry out the audit process as planned, e. g. by reviewing the documents online or by checking the premises in a virtual inspection tour.

Did you already see?

Our qualityaustria video (in German):

"Remote audits – In simple terms!"

See the video

When is it permissible to perform audit activities remotely?

Here, it is important to make a distinction between service companies and production companies. In the first, audits can be carried out 100% remotely, whereas in the latter, only 30% of audit activities can be conducted remotely if the company’s focus is on production. A rule of thumb: everything that can be shown in presentations on-site can also be shown remotely! An initial certification, however, is the most challenging situation and may only be performed remotely in exceptional cases.

How are remote audits conducted?

Basically, remote audits are conducted just like regular audits – but supported by information and communication technology (ICT). The audit program is largely planned as usual: the auditor and client “meet online” to discuss the objectives, opportunities and risks as well as the sequence of the audit. In addition, some checks have to be carried out before the remote audit: first, to make sure that the technical equipment is functioning and second, to ensure that the audit team is qualified for conducting remote audits. In contrast to an on-site audit, the parties involved in remote audits are not physically present in one room but communicate Online, in real time or with time delay. For subsequent improvement of the audit program, so-called “Lessons Learned” are also identified for remote audits.

What are the benefits of remote audits for auditors and companies?

Especially during the COVID-19 pandemic, remote audits are advantageous as they provide a significant plus in flexibility despite all travel restrictions. This is particularly important for organizations with numerous national and international sites. The remote option allows conducting safe audits in accordance with the schedule while simultaneously saving on travel time and costs.

What are the risks when conducting remote audits?

As with on-site audits, success stands and falls with the auditors’ willingness to engage with the respective (virtual) environment. It is equally important to actively involve the audit partners. Furthermore, it is essential to create a dialogue and not to deliver monotonous presentations. In addition, it is necessary to have sufficient know-how about the technical equipment and technologies used and to meet the requirements for information security and confidentiality. These include, for example, security aspects related to privacy (data protection) and copyright issues (images, prohibition of recordings or screenshots of any type etc.)

What regulatory framework must be observed?

Even though the current pandemic situation requires the execution of remote assessments, there are legal aspects that need to be taken into account before performing an audit remotely. For example, not all communication and information tools are suitable for use in remote audits. General Regulations, such as the European General Data Protection Regulation (EU-GDPR) on the processing of personal data, also play a significant role with regard to data security.

Which technical requirements must be met?

For a remote audit, you need the appropriate hardware and software as well as sufficient know-how to use it. In addition to laptops, webcams or headsets, there are now numerous tools designed for online dialog, screen sharing or team work. It is also advisable to use reliable cloud services for transferring data and media.

Which principles apply to remote audits?

For remote audits, the principles of auditing– as defined in ISO 19011 – Guideline for auditing management systems, and which also provide the basis for risk assessment, apply:

  • Integrity
  • Fair presentation
  • Due professional care
  • Confidentiality
  • Independence
  • Evidence-based approach
  • Risk-based approach

Are remote audits the future?

Certainly the number of remote audits will increase in future – especially for internal audits. Nevertheless, remote audits can only be a good alternative to on-site audits but can or should never replace them entirely.

In conclusion, this means that a remote audit offers new opportunities but also has its limitations; depending on the individual situation and the respective needs, it is important to weigh whether a remote audit is a suitable method for conducting the audit. However, the digital transformation and shift to virtual methods due to the current crisis indicate that remote audits will continue to accompany our daily business in the future.

International training program

>> Train for your success!

Authors

Network partner

Mr. Martin Fridl

Network partner, Product Expert Compliance and Anti-bribery management systems

News & Events

The basis for long-term success!

08. Feb 2023

New International training program 2023

Start your next career adventure!

Learn more
10. Jan 2023

QMD Services obtains designation as a Notified Body for in vitro diagnostic devices

Milestone for the Medical Device Industry

Learn more
03. Jan 2023

Christian Matzku (50) takes over the Management of “Sales Steering” at Quality Austria

Sales professional starts at certification organization

Learn more
14. Oct 2022

The new EU Guideline on the implemen­tation of Food Safety Management Systems published

New developments for Food Businesses

Learn more
05. Oct 2022

What’s in for an Assessor?

Experience report from Mario Mauracher

Learn more
16. Sep 2022

New cooperation with ENFIT for highest standards

HQF Certification in supply chains acc. to the ENFIT Standard

Learn more
08. Aug 2022

The Many Uses of Lean Six Sigma

Guest article by Mischa Lucyshyn

Learn more
26. Jul 2022

Ransomware & other potential threat scenarios

07. Jul 2022

Building up Competency as Change Management

Continual Improvement Process

Learn more
07. Jun 2022

The five stumbling blocks you should dodge on your way to a management system

Mind the step!

Learn more
16. May 2022

25th anniversary of successful cooperation in certification

Alkaloid celebrates 25 years of successful cooperation

Learn more
03. May 2022

IFS Food Version 8 – first DRAFT version published

What changes and new features are coming

Learn more
+43 732 34 23 22