Top 5 Things to Check Before Your Next ISO Audit

InsightsAudit tips
Written By Peter McBay

How to prepare with confidence for ISO 9001 or ISO 27001 internal audits


Whether your organisation is ISO 9001 certified for quality management or ISO 27001 certified for information security, a smooth audit depends on solid preparation. Internal audits are essential for maintaining compliance, avoiding surprises at surveillance visits, and demonstrating your commitment to continuous improvement.

Here are five key areas to review before your next audit.

✅ 1. Are your documented procedures up to date?

Auditors expect your documented processes to reflect how you actually operate. Review your:

  • Policies

  • Work instructions

  • Process maps

Make sure they’re version-controlled and aligned with real-world practices.

✅ 2. Have you completed your previous audit actions?

If you’ve had internal or external audits before, check:

  • Are nonconformities resolved?

  • Are corrective actions documented?

  • Were deadlines met?

Auditors often follow up on previous issues — be ready to show closure.

✅ 3. Is your risk register active and reviewed?

ISO audits require risk-based thinking. Ensure your risk register:

  • Lists clear risks (e.g. security threats, process failures)

  • Assigns responsibility

  • Shows dates of recent reviews and actions

✅ 4. Can your team explain what they do — and why?

Auditors will often talk to team members. Help them feel confident to:

  • Describe their job clearly

  • Explain how they support compliance

  • Refer to relevant policies or records

✅ 5. Is your audit trail easy to follow?

Ensure you have:

  • Easily accessible records (training logs, asset lists, etc.)

  • Clear naming and logical storage

  • Documentation to support decision-making

💡 Bonus Tip: Don’t wait until the last minute

Preparing for an internal audit should be part of your compliance routine — not a last-minute scramble. Ongoing review helps you stay ready.

📞 Need Support with Internal Auditing?

At Bespoke Integrity Solutions, we carry out independent internal audits for ISO 9001 and ISO 27001 certified organisations across the UK.

Whether you’re preparing for certification, surveillance, or simply want a fresh perspective — we’re here to help.

👉 Explore our services
👉 Contact us to book a consultation

Peter McBay
Next

Blog Post Title Two