Cookie consent(s)
We use cookies on our website to personalize content and ads, to provide social media features and to analyze traffic to our website. Please click "ACCEPT ALL" to enable us to offer you the best possible experience on our website. By doing so, you consent to the processing and sharing of your information with our social media, advertising and analytics partners. You can revoke your consent at any time on the cookie settings page​.
Privacy statement

The difference between internal and external audits

Oct 25, 2024

What is the role of both audits?

If your organisation sets its sights on certification - against ISO 9001, ISO 27001 or ISO 14001, for example - internal and external audits will play an important role in the certification process. Although both types of audits are an extension of each other, there are also important differences between them. This blog will tell you more about both types of audit and the differences between them.

What is an internal audit?

An internal audit is used to identify opportunities and risks in an organisation and also to optimise existing processes and working methods. An internal audit could be conducted in order to:
  • Check compliance with internal agreements.
  • Check whether objectives are being achieved.
  • Assess whether processes and/or working methods are in compliance with internal requirements.
  • Assess compliance with external requirements in preparation for an external audit.
An internal audit is conducted by the organisation itself, or by an auditor that the organisation hires for this purpose. Read more about internal audits in this blog​.

What is an external audit?

An external audit is used to determine whether an organisation meets specific requirements. For example, the requirements that are set out in a standard.
An external audit is always conducted by an auditor from an independent certification body. By doing this, the auditor will objectively establish whether a company or organisation meets the relevant requirements and is eligible for the certification in question. After this, the external audit is repeated periodically.
During each external audit it is assessed whether the organization still meets all requirements. Read more about external audits in this blog​.

The differences

The main difference between internal and external audits is the purpose for which they are conducted. Internal audits are used to verify whether a company’s procedures are being implemented in line with the management system. External audits assess the effectiveness of the management system itself. If a management system is effective, the organisation is 'in control', which means that it is in compliance with the standard in question.
If your organisation would like to obtain a certification, you can choose to have an internal audit conducted first. An external audit is mandatory for certification and must be conducted by an independent certification body like DEKRA. The certification body you choose will assess whether your organisation meets the requirements stipulated by the standard in question. If it does, your company or organisation will receive the corresponding certification. The auditors at DEKRA are qualified to conduct external audits for a wide range of certifications. Discover more about our audit services.
Show all articles