Which ISO document provides guidelines for auditing management systems?

The most appropriate choice is ISO 19011 because it specifically outlines guidelines for auditing management systems. This standard provides a framework for auditing management systems, including principles of auditing, managing an audit program, and conducting audits. It focuses on the skills and competence required by auditors, the planning and execution of audits, and approaches for addressing various types of management systems or processes.

In contrast, ISO 9001 is primarily centered on quality management systems and specifies requirements for organizations to demonstrate their ability to consistently provide products and services that meet customer and regulatory requirements. ISO 31000 addresses risk management principles and guidelines, focusing on creating a framework for managing risk effectively. ISO 27001, on the other hand, establishes requirements for an information security management system (ISMS), which is concerned with protecting sensitive information.

Understanding the unique purpose of each ISO standard is crucial in selecting the right one for specific needs, such as auditing management systems, where ISO 19011 stands out as the relevant document.