Home
General
Customer Processes Internal Audit
Customer Processes Internal Audit
Jon Wilson-Stimson

Customer Processes Internal Audit

Scope of this audit: This audit covers the determination, review, and communication of customer requirements, feedback mechanisms, contract management, risk management, legal compliance, and continual improvement processes in compliance with ISO 9001 (Quality), ISO 14001 (Environmental), ISO 27001 (Information Security), and ISO 45001 (Occupational Health & Safety). Relevant NJC Documentation: -NJC MP05 Customer Processes -Improvement Process (MP12) -Analysis & Evaluation Process (MP11) -Documented Information Process (MP04) -Environmental Aspects Procedure (MP08) -Communication, Participation, and Consultation Procedure (MP15) -IMS Guide 8.1.3, Management of Change

Use this Template
Print as PDF
graphic of a hand making an okay sign ×

Free Customer Processes Internal Audit Checklist

Use this Template

Title Page

  • Add media

  • Client

  • Site conducted

  • Conducted on

  • Prepared by

1. Customer Communication

  • Audit Criteria: ISO 9001: 8.2, ISO 14001: 7.4, ISO 27001: A.7, ISO 45001: 7.4

  • Are all customer communications documented and maintained on the CMS system?<br>Evidence Required: Records of emails, service requests, and on-site meeting notes.

  • Is there clear communication regarding environmental, OH&S, and information security requirements? <br>Evidence Required: Environmental Aspects Procedure (MP08), Communication Procedure (MP15)

  • Are customer feedback mechanisms (complaints, compliments, surveys) effectively implemented, documented, and analyzed? <br>Evidence Required: Customer Portal data, satisfaction surveys, feedback reports.

  • Is customer feedback reviewed during management reviews, and are actions taken for improvement?<br>Evidence Required: Management review meeting minutes.

  • Are legal and regulatory compliance obligations related to customer communications addressed?<br>Evidence Required: Documentation on compliance with data protection (GDPR), environmental laws, and OH&S regulations.

2. Determination of Customer Requirements

  • Audit Criteria: ISO 9001: 8.2.2, ISO 14001: 6.1.2, ISO 27001: A.6, ISO 45001: 6.1.2

  • Are customer requirements identified through site visits, tenders, and CMS requests?<br>Evidence Required: Tender documents, site visit reports, CMS records.

  • Are environmental, health & safety, and information security impacts considered in proposals/quotations?<br>Evidence Required: Proposal documents, method statements.

  • Is there a documented process for handling enquiries, quotations, and tenders?<br>Evidence Required: SharePoint records, CMS quotations.

  • Are risks and opportunities related to customer requirements identified and managed?<br>Evidence Required: Risk assessment documentation (ISO 9001: 6.1, ISO 14001: 6.1.1, ISO 27001: 6.1.2, ISO 45001: 6.1.2).

3. Review of Customer Requirements

  • Audit Criteria: ISO 9001: 8.2.3, ISO 14001: 6.1.2, ISO 27001: A.6, ISO 45001: 8.1.3

  • Are contract reviews conducted to ensure all customer and legal requirements are met?<br>Evidence Required: Signed contracts, contract review forms on SharePoint/CMS.

  • Are contract amendments reviewed and documented appropriately?<br>Evidence Required: Contract variation records on CMS.

  • Are changes that affect OH&S, environmental, or information security performance managed and controlled per IMS Guide 8.1.3?<br>Evidence Required: Change management documentation.

  • Are all compliance obligations (legal, regulatory, contractual) reviewed and addressed in customer contracts?<br>Evidence Required: Compliance logs, legal requirement checklists.

4. Risk and Opportunity Management

  • Audit Criteria: ISO 9001: 6.1, ISO 14001: 6.1.1, ISO 27001: 6.1.2, ISO 45001: 6.1.2

  • Are risks and opportunities related to customer processes identified and documented?<br>Evidence Required: Risk registers, opportunity assessments.

  • Are identified risks (quality, environmental, OH&S, information security) evaluated and mitigated appropriately?<br>Evidence Required: Risk mitigation plans, corrective action records.

5. Continual Improvement Processes

  • Audit Criteria: ISO 9001: 10.2, ISO 14001: 10.2, ISO 27001: A.16, ISO 45001: 10.2

  • Are corrective actions for non-conformities effectively implemented and tracked?<br>Evidence Required: Corrective action logs, non-conformance reports.

  • Are trends in customer feedback used to drive continual improvement?<br>Evidence Required: Trend analysis reports, improvement action plans.

  • Are improvement opportunities identified during audits, management reviews, and feedback evaluations?<br>Evidence Required: Management review minutes, audit reports.

6. Compliance with ISO Standards

ISO 9001 (Quality Management):

  • Are customer satisfaction levels monitored and addressed?

  • Are quality risks in customer processes identified and mitigated?

ISO 14001 (Environmental Management):

  • Are significant environmental aspects identified and managed in customer processes?

  • Are compliance obligations with environmental laws met?

ISO 27001 (Information Security Management):

  • Are customer-related information security risks identified and managed?

  • Are data protection regulations (e.g., GDPR) followed?

ISO 45001 (Occupational Health & Safety Management):

  • Are OH&S risks associated with customer contracts identified and mitigated?

  • Are emergency preparedness and response plans in place for customer sites?

Customer Processes Internal Audit
Jon Wilson-Stimson

Customer Processes Internal Audit

Scope of this audit: This audit covers the determination, review, and communication of customer requirements, feedback mechanisms, contract management, risk management, legal compliance, and continual improvement processes in compliance with ISO 9001 (Quality), ISO 14001 (Environmental), ISO 27001 (Information Security), and ISO 45001 (Occupational Health & Safety). Relevant NJC Documentation: -NJC MP05 Customer Processes -Improvement Process (MP12) -Analysis & Evaluation Process (MP11) -Documented Information Process (MP04) -Environmental Aspects Procedure (MP08) -Communication, Participation, and Consultation Procedure (MP15) -IMS Guide 8.1.3, Management of Change

Use this Template
The templates available in our Public Library have been created by our customers and employees to help get you started using SafetyCulture's solutions. The templates are intended to be used as hypothetical examples only and should not be used as a substitute for professional advice. You should seek your own professional advice to determine if the use of a template is permissible in your workplace or jurisdiction. You should independently determine whether the template is suitable for your circumstances.

Related checklists

Gap Analysis ISO 9001 Checklist
Milena Lanfranca
Gap Analysis ISO 9001 Checklist
3 Downloads
Preparation Checklist for ISO 22000 Audit
SafetyCulture Staff
Preparation Checklist for ISO 22000 A...
924 Downloads
Preparation Checklist for ISO 22000 Audit
Najat lamghari
Preparation Checklist for ISO 22000 A...
6 Downloads
back arrow for carousel
back arrow for carousel
iAuditor Logo Icon ©SafetyCulture 2022