Phase 2 initial audit

Once Phase 1 of the initial audit has been successfully completed, you are ready for the follow-up: Phase 2 initial audit. This is a physical audit at your premises. At its core, the DigiTrust auditor will test your organisation to ensure that the implementation of the management system has actually been carried out properly. To what extent are the system and all associated processes effectively set up? And are they also tailored to the specific context that applies to your organisation? In doing so, the auditor also assesses to what extent all employees also perform all work according to this methodology.  

Basically, then, the big key question is: does your quality management system meet the requirements of the relevant ISO standard? And is it also implemented and complied with in practice? This is tested in Phase 2 of the initial certification audit.  

Phase 2 initial audit: this is where you are judged on: 

• Is there a clear quality policy with measurable objectives? 

• Are all procedures, documents and records maintained and accessible and understandable to employees? 

• Have you conducted a thorough risk analysis and is there sufficient consistency with the control measures? 

• Is it clearly formulated who is responsible and competent for what?  

• Does the organisational structure fit the objectives? 

• Have clear processes and understandable procedures been established and recorded? 

• Does the organisation have a monitoring system regarding the operation of the management system? 

• Are internal audits also conducted? 

• Is the organisation set up to continuously improve? To identify opportunities wherever possible and implement improvements? 

• And do you have a good record with regard to detected anomalies and record them properly?  

Tip: Make sure you can provide evidence that your operations, management system, processes and documentation meet the requirements of the relevant ISO standard and your own requirements. 

Phase 2 initial audit completed, now what? 

After the audit is over, the auditor will share his findings in a final interview. Should there be any discrepancies, the auditor will communicate them to you. This gives you the opportunity to address and improve these points. The auditor also draws up a report, which is first assessed internally. The moment any deviations are resolved to the auditor's satisfaction or included in a plan of action, the auditor nominates your organisation for certification. The certification manager will assess your file and if there is a positive decision, an official certificate will be drawn up.