Stage 1 focuses on initiating the audit and checking readiness against requirements. Stage 2 is where on-site audit activities are performed, including executing procedures, communicating with auditees, and using test plans.
ISO 37001 audits commonly separate work into stage 1 and stage 2 activities. The course agenda highlights both stages and places them within a broader audit lifecycle that includes preparation, execution, and closing.Stage 1 is part of initiation and preparation. It is used to confirm the audit scope and approach, clarify how the ABMS is structured, and determine whether the organization is ready for the next stage. In practical terms, stage 1 aligns expectations on what will be audited and how evidence will be evaluated. It also helps the audit team plan stage 2 activities more precisely.Stage 2 is where on-site audit activities take place. The agenda for Day 3 includes preparing for stage 2, executing stage 2, maintaining communication during the audit, applying audit procedures, and creating audit test plans. Test plans are important because they translate audit objectives into targeted checks and sampling strategies, which supports evidence-based conclusions.The course also emphasizes audit principles such as evidence-based auditing and risk-based auditing. Evidence-based auditing requires clear linkage between observed facts and the requirements being assessed. Risk-based auditing helps prioritize audit effort toward areas where bribery exposure or control weaknesses are more likely to matter.After stage 2, the audit moves into closing activities, including drafting findings and nonconformity reports, performing documentation and quality review, and evaluating action plans. The course includes “beyond the initial audit” and managing an internal audit program, reinforcing that audit work should feed ongoing oversight rather than end with a report.
Stage 1 is where you prevent wasted stage 2 time. Use it to validate scope, confirm how the ABMS is documented, and identify where evidence is likely to be strongest or weakest. A disciplined stage 1 output is a clear stage 2 plan, including what you will test and who you need to speak with.During stage 2, manage communication actively. Evidence quality improves when auditees understand what you are asking for and why it matters to specific requirements.
“Stage 1 confirms readiness; stage 2 produces the evidence.”
Expert Trainer
Expert Trainer
Day 2 focuses on audit principles and preparation, including evidence-based and risk-based auditing, audit initiation, and stage 1 audit activities.
It enables you to plan and conduct internal and external ISO 9001 audits and to lead audit teams using ISO 19011 guidance and ISO/IEC 17021-1 certification process concepts. It also builds competence in reporting and follow-up.
The course frames audit planning and execution in line with ISO 19011 and the ISO/IEC 17021-1 certification process, while auditing an EnMS against ISO 50001:2018 requirements.
Necessary cookies are always active. You can accept, reject non-essential cookies, or customize your preferences.