I was sitting at my desk thinking about what on earth people would actually want to read the week before Christmas.
Everyone is tired. Audits are being rushed to close out before shutdowns. Out-of-office replies are multiplying fast.
The last thing anyone needs right now is another article telling them what they should be preparing for next year.
This time of year is different.
December is not about acceleration. It is about looking back.
And for auditors, the most valuable lessons never come from the Standard itself. They come from what you see, hear, challenge and navigate out in the field.
So instead of talking about what might be coming next, I started asking a different question: "What did ISO auditors actually learn this year?"
That question became this list that I will share with you.
🎅This is not a Christmas list. It just happens to come at the end of the year.
As the calendar slides toward holiday shutdowns and end-of-year breakups, many businesses shift into “close-out mode.” That makes it a perfect moment not just to wrap up files, but to pause and look back. An article from ACCIONA titled “The Importance of Reflecting at the End of the Year” argues exactly this - that a well-timed pause to review successes and missteps helps organizations reconnect with priorities, recognize what worked, and clarify what needs attention next.
“We do not learn from experience… we learn from reflecting on experience.” - (John Dewey, Philosopher and Education Reformer)
As the year winds down and audit files start closing for the last time before shutdowns, patterns always become clearer. Not patterns from the Standard itself, but from what auditors see, hear, and navigate in real organisations. These are the lessons that quietly repeated themselves across audit rooms this year.
Here are the twelve that stood out.
Across many audits, the same themes continue to surface. Context of the organisation, leadership, and control of documented information are still areas where misunderstandings regularly appear. The clauses are not new. The interpretation often is.
Procedures, registers, and templates are still often mistaken for implementation. A documented system still gets confused with a working system. Evidence remains the uncomfortable gap for many businesses.
Where leaders are engaged, systems move. Where they are distant, systems stall. The strength of the management system continues to reflect the strength of leadership more than anything written in a manual.
Preparation is now different. Documents are now shared earlier. Screen-sharing is normal even on site. Records are reviewed live in systems rather than in folders. Time discipline is tighter. The mechanics of auditing shifted during remote work and never fully returned to old habits.
More people understand the language of ISO and how it applies operationally. They know what clauses mean. They ask better questions during audits. Conversations are more informed and more balanced than they were a few years ago.
How findings are raised, how conversations are handled, and how people are engaged matters as much as clause knowledge. Technical ability is still critical, but it is no longer sufficient on its own.
There is more discussion and more clarification during audits. Auditors explain intent and observations. The line between auditing and advising is still held. Independence remains non-negotiable.
Filing cabinets are disappearing. Platforms, screenshots, and digital records dominate audit evidence. Paper still exists, but it no longer leads the way.
Worker consultation, leadership culture, and how people feel when raising issues are now part of audit conversations. Safety is being discussed as more than just compliance with a procedure.
AI is being used for document review, gap analysis, and preparation. Some use it well. Some use it poorly. Some are still scared of it. The tool is here. The responsibility for judgement still sits with the auditor.
After several years of stability, draft standards and revisions are active again. The quiet years do not last forever, and auditors are once again tracking what is coming next.
Every auditor will recognise at least a few of these in their own year. The question is not whether they showed up. It is which ones shifted how you audit, how you question, and how you see your role.
1. Write down the three lessons that showed up most in your own audits this year.
Those are your personal patterns. They matter more than the full list.
2. Write one practical adjustment you will make because of each of those three.Not a resolution. A small behaviour change in how you prepare, question, or report.
3. Have one deliberate conversation in January based on one of these lessons.With a client, a colleague, or your certification body contact. Turn reflection into dialogue.
4. Review how one of these trends affects your own credibility as an auditor.Technical depth, communication, use of technology, or professional boundaries.
5. Track one lesson consciously for the first quarter of next year.Observe it. Don’t judge it. Let evidence build before you act.
This article is just the beginning. Join us for the extended discussion on the podcast, available on Spotify and YouTube.