Back to top

What Are 3 Types Of Audits?



ISO 19011:2018 defines an audit as a "systematic, independent and documented process for obtaining audit evidence [records, statements of fact or other information which are relevant and verifiable] and evaluating it objectively to determine the extent to which the audit criteria [a set of policies, procedures or requirements] are fulfilled." There are three main types of audits:

Process audit: This form of audit verifies that processes work within defined limits. It tests an action or process to calculate compliance with these requirements and the efficacy of the procedures against defined guidelines or criteria. A process audit may:

  • Test compliance with specified requirements such as time, precision, temperature, strain, composition, responsivity, amperage, and mixture of components.
  • Examine the tools (equipment, materials, people) used to turn inputs into outputs, the environment, the methods followed (procedures, instructions) and the measurements obtained to assess the efficiency of processes.
  • Process controls established by procedures, work instructions, flowcharts, and training and process specifications are checked for adequacy and effectiveness.

Product audit: This type of audit is an inspection of a particular product or service, such as equipment, manufactured content, or software, to determine whether it complies with requirements (i.e., specifications, performance standards, and customer needs).

System audit: An audit that was carried out on a management system. It can be described as a documented activity performed to verify that applicable elements of the system are appropriate and effective and have been developed, documented, and implemented in accordance with and in conjunction with specified requirements, by examining and evaluating objective evidence.

  • An evaluation of the quality management system reviews an existing quality management program to assess whether it conforms to company policies, contract obligations, and regulatory requirements.
  • Likewise, an environmental system audit examines an environmental management system, an audit of the food safety system examines a food safety management system and audits of the safety system analyze the system.

Audit Considerations

Other techniques may be used separately or in support of the three general forms of audits, such as a desk or document review audit. Many audits are identified by the intent or scope of the audit. A department or function audit's scope is a particular department or function. A management audit's intent concerns management priorities, such as performance area assessment or efficiency assessment.

An audit may also be categorized, depending on the interrelationships between participants, as internal or external. External investigations are carried out by the organization’s staff. An external agent conducts external audits. External audits are often referred to as first-party audits because external audits can either be second-party or third-party audits.


  • Within an organization, a first-party audit is carried out to measure its strengths and weaknesses against its own policies or practices and/or against external criteria accepted by (voluntary) or placed on (obligatory) the organization. A first-party audit is an internal audit carried out by auditors who are hired by the audited organization, but who have no involvement in the audit results of the audited region.
  • A second-party audit is an external audit carried out on behalf of a company by a client on a manufacturer or by a contracted entity. There is a contract in place, and the goods or services are or will be, delivered. Second-party audits are subject to contract laws since they provide the manufacturer with contractual guidance from the client. Second-party audits tend to be more comprehensive than first-party audits because the audit findings may impact the purchasing decisions of the consumer.
  • An audit agency, independent of the customer-supplier relationship, performs a third-party audit and is free from any conflict of interest. Audit organization’s integrity is a key component of a third-party audit. Third-party audits can result in third-party or interested party certification, registration, acknowledgment, award, license approval, citation, fine, or penalty imposed.

Do You Need Help Getting Ready For An Audit?

Are you terrified of you, your business or your non-profit getting audited by the IRS? Do you wake up in the middle of the night at the thought of hearing that knock on your door? Call Robert Arnon CPA today so you can get busy relaxing tomorrow! We also handle internal audits, of course.  We specialize in helping HOAs, non-profits, small and mid-sized businesses make sure their books are in order. So if you’re even a little concerned, now is the time to act. Contact us today!






Previous Article


Next Article