Back over 12 years ago in the classroom, we had a slide on remote auditing - and it seemed almost science fiction.
I’m sure people were thinking - are you telling me that:
- “We could tap into your computer from anywhere.”
- “We could fly a drone around your site.”
- “We could do an audit without even being there.”
At the time, not many people were doing it. It was hard to picture how it could work in practice.
Fast forward to post-COVID, and it’s not a big leap anymore.
- Remote auditing is now part of how we plan audits.
- It’s part of how we conduct audits.
- Blended audits and fully remote audits are everyday choices, and no longer far-fetched ideas.
That’s why the changes in the Draft International Standard for ISO 19011 make sense. The standard is finally catching up to what’s already happening in the field - and a big part of that is strengthening the guidance on remote auditing.
👉 ISO/DIS 19011 Guidelines for auditing management systems explains in the foreword that the main differences compared to the current revision of ISO 19011:2018 is the expansion of guidance on remote auditing methods, including content from ISO/IEC TS 17012 and updates to Annex A covering remote methods and virtual locations.
How to Decide Between On-Site, Remote, and Hybrid Audits
Remote auditing is no longer the “future of auditing” - it’s the present. The draft ISO 19011 recognises that audits today can be fully on-site, fully remote, or a blend of both, and that the real skill is knowing when and how to use each. To make that decision easier, we have mapped the draft’s guidance (and Annex A) into a simple model you can use to plan, conduct, and follow up on any audit - whether you’re walking the factory floor, screen-sharing from your desk, or doing a bit of both
This model shows how the draft ISO 19011 integrates on-site, remote, and hybrid auditing.
- The columns outline the three methods and how they apply at each stage of the audit.
- The decision factors at the top guide you in choosing the right method based on your objectives, risks, and context.
Use it as a quick reference when planning or reviewing your audits — so your method isn’t just convenient, it’s the most effective choice for the situation.
Example 1 – Certification body audit
A certification body planned a surveillance audit for a client with sites in Brisbane and Singapore. The objectives included verifying compliance with new safety controls and reviewing updated training records.
- Decision factors: High process risk at the Brisbane site, strong ICT systems in Singapore, budget/time constraints.
- Outcome: Brisbane was audited on-site to physically verify safety controls, while Singapore was audited remotely to review digital records and interview staff.
- Result: Objectives met, travel costs reduced, and confidence maintained in audit findings.
Example 2 – Internal multi-department audit
An internal audit team was tasked with auditing the quality management system across three departments - two in the head office and one fully remote design team overseas.
- Decision factors: Head office processes required physical walkthroughs, the design team operated entirely online, and the timeline was tight.
- Outcome: Conducted on-site audits for the two head office departments and a remote audit for the design team’s processes, document control, and project records.
- Result: The hybrid approach allowed the team to complete all audits within the deadline while tailoring the method to each department’s work style.
What to Do Next
- Review your current audit methods – Identify which are on-site, remote, or hybrid, and why you’re using them.
- Map your audits against the decision factors – Use the model to check if method choices align with objectives, risks, ICT, and competence.
- Test your ICT and secure data platform – Make sure it supports evidence sharing, confidentiality, and reliability for remote work.
- Plan your audit sequence – Decide the order of remote vs. on-site activities for maximum efficiency and coverage.
- Document your method selection – Record why you chose each method and review outcomes for continual improvement.