A third-party audit occurs when a company has decided that they want to create a quality management system (QMS) that conforms to a standard set of requirements, such as ISO 9001, and hire an independent company to perform an audit to verify that the company has succeeded in this endeavor.
These independent companies are called certification bodies or registrars, and they are in the business of conducting audits to compare and verify that the QMS meets all the requirements of the chosen standard, and continues to meet the requirements on an ongoing basis. They then provide certification to companies that they approve. This can be used to give customers of the certified company confidence that the QMS meets the requirements of the chosen standard.
There are three types of audits used in this process, called certification audits, maintenance or surveillance audits, and re-certification audits. For an explanation of the relationship between certification, maintenance, and re-certification audits, see the section on “The Cycle of Maintaining ISO 9001 Certification for a Company” in ISO 9001 Certification: What is it for individuals and companies?.