The Value and Role of ISO Audits in Quality Assurance

Why do business with an ISO certified company?

ISO 9001 certification is the international language of quality. An organization with ISO certification stands out from others in the competitive market. You don’t require to give a second thought about doing business with an ISO certified organization.


Hire Bobcares Server Administrators
Get super reliable servers and delighted customers

See how we do it!



Bobcares is an ISO certified company 🙂.

To understand things better, lets know what ISO 9001:2000 is. ISO 9001:2000 is a standard for quality management systems, which is published by the international organization for standards, ISO. Now you may doubt what quality management system (QMS) is. QMS refers to the set of policies, procedures and processes which are required for the planning and execution of the main business processes in an organization.

In a product approach, we check all the end-products and verify whether the product is built right. There are many is advantages associated with it. In the process approach, the organization identifies its key business processes and ensure that they are planned and executed in the right way.

QMS follows the process approach.

An organization that has been independently audited and certified to be in conformance with ISO 9001:2000, by a certifying authority, would be termed as “ISO 9001:2000 certified”. Once an organization acquires the quality assurance certificate, it should periodically check the compliance of the quality measures with the standards. The continual quality assessments are done with the help of ISO audits.

An audit is nothing but a process to check the compliance. An ISO audit is a systematic and independent process in which auditors sample the key business processes to see whether they conform to the ISO standards and collect objective evidences for any non-conformity that is observed.

At Bobcares, everyone works together to make ISO audits successful and provide quality service to our customers.


There are two types of audit – Internal audit and External audit.

Internal audit is conducted by the organization itself to ensure that its processes are in compliance with the standards.

External audits are done by the certifying authority to ensure that the organization is complying to the ISO standards.

An audit involves a cycle of four main activities –

  • Planning
  • Auditing
  • Reporting
  • Taking corrective actions.

1. An audit plan is always prepared ahead of an audit. A Lead Auditor is appointed, who prepares the plan after consulting with the Management. The audit plan includes the scope of the audit, which refers to the clauses and departments that are covered, the sampling rate, the audit dates and the auditors. An auditor is the person who collects the evidences and determine the findings. He should be a competent person, who is authorized to conduct the audit.

2. The audit team starts the audit with an Opening meeting with the Management. Auditors later audit the employees as per the audit plan and schedule. When the Auditor observes a nonconformity, it should be recorded after collecting the objective evidence for that nonconformity. A nonconformity refers to the non-fulfillment of a requirement of ISO. An objective evidence is an evidence that exists and is verifiable. Auditor should help the auditee to identify the proper root cause and suggest a suitable corrective action for the nonconformity. The root cause can be correctly identified by asking ‘Why’ till the right cause is found. Root cause can be man, material, process or machine.

3. The audit team records the observed nonconformity’s in the CAR (Corrective Action Report) forms. During the closing meeting, the summary of the audit and the audit findings are presented to the Management. The auditees are given a time frame to correct the nonconformity and enter the details in the CAR forms. An auditor should also provide suggestions for improvement and any preventive actions that can be taken.

A nonconformity statement should contain the following details – What was found, Where was it found and Why is it a nonconformity.

There are two types of nonconformity –

    1. A minor nonconformity, which can be a single incident of failure of a procedure or non-compliance with a QMS requirement.
    2. A major nonconformity, which is a significant failure of compliance with QMS requirements or a significant number of
      minor nonconformity’s for a QMS requirement.
  • For every nonconformity observed, the auditee should enter the proper root cause, correction that was done and the corrective action taken, in the Corrective Action Report. The auditor verifies whether the corrective action taken is adequate and the nonconformity has been corrected. The auditor should also conduct followup observations to check whether the corrective action taken is sufficient and whether the nonconformity has recurred.

    A corrective action is an action taken to prevent the occurrence of the nonconformity in future. A preventive action is a proactive action taken to determine potential nonconformity’s before they occur to ensure that they do not happen.

Bobcares is an ISO 9001:2000 certified organization and here internal audits are conducted every quarter. We have a set of trained auditors, who put in their time and effort to make the audits fruitful. Out of the four audits, two are major audits covering all the ISO clauses. External audit is conducted once in every year.

An organization with ISO certification stands out from others in the competitive market. You don’t require to give a second thought about doing business with an ISO certified organization.

There are two types of external audits –

  • Surveillance audit – performed every year to ensure that the organization still meets the ISO requirements.
  • Re-certification audit – done every 3 years to reassess the QMS and renew the certificate.

Finally, lets see the benefits offered by audits.

1. First and foremost, audits helps us to analyze the compliance of our process with respect to the set ISO standards.

2. Audits aid us in identifying our strengths and weaknesses, which are necessary for us to tackle the various opportunities and threats in our industry.

3. We are able to assess and identify the areas for improvement of our efficiency.

4. Audits help us to identify the deviations from our objectives and goals and provide us the opportunity to correct them.

5. Above all, audits helps to bring in positive changes in departments, by correcting the non-conformity’s observed and preventing them from recurring.

To summarize, audits are aimed at enhancing our productivity, detecting problems at an early stage and ensuring that our Quality policy and objectives are indeed being followed by everyone in the organization. At Bobcares, everyone works together to make ISO audits successful and provide quality service to our customers.

Reeshma Mary Mathews, Sr. Software Engineer is the Chief Coach at Bobcares. She joined Bobcares in 2002 and was Team Leader for about three years, before taking up the challenge of maintaining Quality in the services provided by Bobcares. She plays a crucial role in ensuring that the Quality Management System(QMS) in Poornam is in compliance with ISO 9001:2000.

Bobcares is a server management company that helps businesses deliver uninterrupted and secure online services. Our engineers manage close to 51,500 servers that include virtualized servers, cloud infrastructure, physical server clusters, and more.