One of the requirements listed in ISO 9001 is to conduct internal audits regularly in order to stay up to date with the requirements of the ISO 9001 standard. not only will this allow you to stay certified it will also ensure that you are competitive.
To maintain and meet the requirements, companies need to constantly review and assess their quality management system to:
- Ensure its continuing suitability and success
- Reveal gaps in their system
- Suggest possible improvements
- Eliminate the wastes and cut costs
- Check the effectiveness of management at all levels
- If methods can achieve the objectives
With so many aspects to focus on internal auditors need to be competent in multitasking and managing several areas at once. They need to understand the activities of the company and it’s processes. auditors need to at least have the following traits and show aptitude in:
- ISO 9001 and related terminology
- Customer focus
- Continual improvement
- A system approach
Types of audits
There are many different types of internal audits, each focused on targeting different aspects of a management system and the organization. As an internal auditor it is expected that you are able to choose the right type for the right situation:
1. Quality system audit
2. process audit
3. System audit
What is the purpose of an audit
The main reason for conducting an audit is to allow the organisation to evaluate the quality management systems and it’s relating process. Used to measure the organizations ability to achieve the goals that they have set for themselves.
Usually Internal quality audits are prepared and instituted by the quality manager, who will then communicate the status and the importance for conducting the internal audit. Depending on the scale of the audit the quality manager may choose to do it himself and can assign a team to complete certain tasks if the scope is too large for him to handle alone.
The quality manager or lead auditor is then responsible for organising an agenda which will include the:
- Scope and objectives of the audit
- People having direct responsibilities for the procedures to be audited
- Reference documents
- Name of lead auditor and names of assigned auditors
- Date when the audit is to be concluded
Following a review of earlier audit reports on the same section or subject, the assigned auditors will prepare an audit check-list containing all the items to be covered, together with an audit programme.
The type of any internal audit will vary depending on the size of the organization and like mentioned above it is done to identify the deficiencies within the already implemented quality management system and if found implement corrective action to improve the system.
To meet the aims, the internal auditor must prepare pre-planned steps to assess the effectiveness of the quality management system. The procedures used to perform audits must be documented and all relevant quality control staff should be involved.
The plan should:
- Make sure the specified area for conducting the audit is covered
- Provide a reason for conducting the audit
- Delegate and specify the task to select employees
- Describe the layout and final form of the internal audit report.
When and if a deficiency is found, it is crucial that management take corrective action as soon as possible and at times this could mean that certain methods have to be reviewed. Additionally any follow up action taken in response to the deficiency must be reported and verified. In line with the ISO 9001, all organisation need to document the procedures used to conducting the internal audit. This is done in order to assist the internal auditor in identifying whether if it was a standard internal audit or procedures internal audit. A standard internal audit is used to evaluate the effectiveness of the implemented ISO while the procedures internal audit evaluates the methods used to implement ISO 9001 or any ISO system.
Once all the appropriate observations have been made the auditors will meet to acknowledge the deficiencies and will write up a formal report which needs to be signed by all members of the internal audit team. This report will outline the problems identified and the suggest methods to fix said problems. this will then be sent to the auditees and the company management.
Once the meeting has ended a request to take corrective action will be prepared, outlining what will be fixed and who will fix it. Once approved, the company being audited must make sure that corrective actions are implemented.