Three types of audits can be done:
- First-Party Audit (Internal Audit): A first-party audit, also known as an internal audit, is conducted by an organization internally. It involves assessing its own quality management system against established criteria, such as ISO 9001 or industry-specific standards. The purpose of a first-party audit is to ensure compliance with internal policies, identify areas for improvement, and monitor the effectiveness of the QMS. Internal auditors are typically employees or representatives of the organization and should be independent and objective in their evaluations.
- Second-Party Audit (Supplier Audit): A second-party audit is conducted by one organization on its suppliers or vendors. In this type of audit, the customer organization assesses the supplier’s quality management system to verify its capability to meet contractual requirements and ensure the quality of products or services received. The purpose of a second-party audit is to evaluate the supplier’s ability to consistently deliver products or services that meet specified criteria. It helps build confidence in the supplier’s capabilities and ensures alignment with the customer’s quality expectations.
- Third-Party Audit (Certification Audit): A third-party audit is conducted by an independent and external certification body or registrar. The purpose of a third-party audit is to provide an unbiased assessment of an organization’s quality management system against applicable standards, such as ISO 9001. The goal is to determine if the organization complies with the requirements of the standard and is eligible for certification. Third-party audits are often conducted for certification purposes, and the certification body issues a certificate to the organization if it meets the requirements.