The Audit is defined as an independent, systematic and documented assessment process, aimed at ascertaining the compliance with the qualityreference requirements. This conformity assessment can concern:

  • A company management system
  • A Program designed to achieve a given objective
  • Applicable reference Norms, Regulations, Standards, both national and international
  • A production or management process
  • A product or a system

Audits can be classified as:

First Party (or internal), made internally to the Organization and aimed at assessing the compliance with the requirements given by the applicable standards, by customers or by the management in order to achieve corporate objectives. First party Audits must be carried out systematically by qualified personnel to verify the compliance of the Company Management Systems to a requirements set (for example: conformity of a Company Management System versus an ISO standard, conformity of Personal Data Treatments versus Privacy rules (UE Regulation 679/2016, Italian Legislative Decrees 196/2003 and 101/2018), conformity of a product / service versus its specifications).

Second Party, carried out externally to the Organization and aimed at evaluating, for example, the compliance with the requirements given by the Organization to a supplier or the supplier’s compliance with respect to the requirements of a reference standard. Also in this case, people performing a second party Audit must be in possess of the suitable qualifications.
In this context, a Cyber / ICT Security / Privacy Gap Assessment service may be considered a particular case of second party Audit.

Third party, made by qualified personnel appointed by accredited Certification Bodies with the purpose of ascertaining the conformity of a company management system implemented by the Organization with respect to the requirements of a reference standard. Once this conformity is ascertained, the Certification Body issues, maintains or renews the relative certificate.


For each type of Audit described above, the objective is to highlight any deviation from applicable requisites with the purpose of identifying and implementing the appropriate corrective actions aimed at eliminating the identified discrepancies. In this sense, the Audit is a very effective tool through which the organization triggers a virtuous and continuous improvement process. The assignment of the Audit process to an independent party with respect to the Organization is a guarantee of objectivity of the findings and effectiveness of the results.

Based on the needs of the customer, NeM can perform System, Process and Product Audits, first, second and, upon appointment of a Certification Body, third party Audits.

With the support of the experience gained by its consultants in decades of activity in the field of inspections and Audits, both nationally and internationally, NeM is able to offer Auditing services in many industrial sectors to small and medium-sized companies, both local and international.

Get in touch with NeM to know more.