As the world becomes increasingly digital, the ISO certification process needs to evolve to keep pace. One of the most significant developments in recent years is the formalisation of remote auditing practices through the publication of ISO/IEC TS 17012:2024, supported by the IAF MD 4:2025 mandatory document. These guidelines provide a robust framework for certification bodies to conduct audits remotely — a practice that gained momentum during the COVID-19 pandemic and has since proven its value in many contexts.
At certbodies.co.uk, we help clients navigate the certification process and choose the right certification body. Understanding how remote audits work — and when they’re appropriate — is key to making informed decisions.
What Is ISO/IEC TS 17012?
ISO/IEC TS 17012:2024 is a technical specification that offers detailed guidance on how to conduct remote audits of management systems. It complements ISO 19011 and ISO/IEC 17021-1 by outlining how remote methods can be used effectively without compromising audit integrity.
Key highlights include:
- A risk-based approach to determine when remote audits are appropriate.
- Guidance on planning, conducting, and reporting remote audits.
- Considerations for auditor competence, technology use, and data security.
- Emphasis on maintaining audit objectives and integrity, regardless of the method used.
How IAF MD 4:2025 Supports Remote Audits
The IAF MD 4:2025 document provides mandatory requirements for the use of Information and Communication Technology (ICT) in conformity assessment. It applies to all types of certification — including management systems, product, and personnel certification — and ensures consistency across accreditation bodies and certification bodies.
MD 4:2025 mandates that:
- The use of ICT must be mutually agreed upon by the auditee and the certification body.
- Security, confidentiality, and data protection must be maintained.
- Risks and opportunities related to ICT use must be identified and managed.
- The extent and effectiveness of ICT use must be documented in audit reports.
Benefits of Remote Audits
Remote audits offer several advantages for both clients and certification bodies:
- Reduced travel costs and time.
- Lower carbon footprint, supporting sustainability goals.
- Faster scheduling and greater flexibility.
- Access to remote or hazardous sites via drones or wearable tech.
- Increased participation from technical experts or global teams.
Drawbacks and Considerations
However, remote audits are not a one-size-fits-all solution. Some limitations include:
- Technology barriers (e.g., poor internet, lack of digital infrastructure).
- Limited sensory input (e.g., no tactile or olfactory feedback).
- Data security risks if not properly managed.
- Challenges in observing physical processes, especially in manufacturing or labs.
- Competency requirements for auditors using remote tools.
Certification bodies must assess these risks and determine whether a fully remote, hybrid, or on-site audit is most appropriate.
When Is a Remote Audit Appropriate?
According to ISO 17012 and IAF MD 4, remote audits are suitable when:
- The audit objectives can still be met.
- Both parties have the technical capability.
- The processes being audited are conducive to remote observation.
- There is mutual agreement and proper planning.
For example, document reviews, interviews, and system walkthroughs can often be done remotely, while physical inspections may still require on-site presence.
What This Means for Clients
If you’re preparing for ISO certification or surveillance audits, it’s worth discussing remote options with your certification body. Remote audits can offer convenience and efficiency — but only when used appropriately.
Our Certification Management Team can help you:
- Understand your options for remote, hybrid, or on-site audits.
- Choose certification bodies that follow best practices and international standards.
- Prepare for audits by ensuring your systems and teams are ready for remote engagement.
Conclusion
Remote auditing is here to stay — and with ISO/IEC TS 17012 and IAF MD 4:2025, the framework is now clearer than ever. By embracing these standards, certification bodies can offer flexible, secure, and effective audits that meet the needs of modern organizations.
If you’re unsure whether a remote audit is right for your business, get in touch with — we’re here to help you make the right choice.