Quality Management, Quality Management System, SHEQ Software, Uncategorized

ISO 9001:2015 Internal Audit the secret to success!

Posted by author-avatar
On November 22, 2021
2 comments
Internal Audit

ISO 9001:2015 Clause 9.1 Internal Audit

ISO 9001:2015 Clause 9.2 Internal Audit. Generally, we refer to 3 different types of audits i.e. 1st party audit, 2nd party audit and a 3rd party audit. A 1st party audit occurs when an audit is performed within your organization by your own auditing resource. This is often called an internal audit. A 2nd party audit is performed by a supplier, customer, or contractor, often against their own adopted requirements

A 3rd party audit occurs when a company has decided that they want to create a quality management system (QMS) that conforms to a standard set of requirements, such as ISO 9001 and hire an independent auditing company (3rd party) to perform an audit to verify that the company has met the requirements of the standard.

I have been auditing for over 20 years and for many of the Certification Bodies, I feel that auditing has developed a negative reputation since a lot of the feedback during the audits seems to focus on just the non-conformances. However, feedback should be provided on both positive and negative issues as an audit finding is evidence of conformity or nonconformity.

What is an Internal Audit?

1st off an Audit is a systematic, documented, independent process of comparing audit evidence with audit criteria in order to raise audit findings (which can be both conforming and non-conforming), having considered all the audit findings against the audit objective we raise an audit conclusion. Well, that was a mouthful, but it’s necessary to describe the process of auditing.

In order to be effective, Audits must be:

  1. Systematic
  2. Impartial
  3. Evidence-based

Why is an Internal Audit necessary?

In my opinion, one of the most value-adding aspects of an ISO management system is the Internal Audit, but few companies execute them in a way that adds value.

Internal Auditing is part of the performance evaluation of the Management System and will assist your organization in establishing the level of conformity to the ISO 9001 standard, your own adopted requirements, and relevant legal requirements.

Good levels of conformity confirm an effective QMS, whilst more nonconformances and of a major nature indicate deficiencies in the team and the QMS. Checking the health of your system regularly helps you to ensure continual improvement.

How do you perform an Internal Audit?

One of the most important parts of an audit is effective communication. Audits can be stressful and confrontational, so good communication and interview techniques helps put everyone at ease.  Ensure that your auditors are competent to audit your management system and are knowledgeable in the ISO 9001 Standard including regulatory requirements.

Step 1, start off with an Audit Objective i.e. what do you want to audit and what do you want to achieve, i.e. you could audit of your Quality Management System (QMS) to confirm that it is being established, implemented and maintained? Once you have established the audit objective, you can select the appropriate audit team and prepare for the audit, by developing a schedule and preparing the audit documents.

Step 2, communicate your plans and schedule to the Auditee. After the opening meeting, you could perform a site visit followed by an audit the QMS and the business processes. Regular feedback should be given to the auditee in terms of levels of conformity and nonconformity.

Step 3, the closing meeting allows you to provide feedback on both positive issues and non-conformities, whilst agreeing on a time frame to review and close off the audit findings.

The above is a very cursory overview of the auditing process. You can use ISO 19011 as the framework for Internal QMS and ISO 17021 for the framework for certification audits by 3rd parties. Both standards define the process of auditing from auditor competency to audit preparation and onsite audit activities in greater detail.

Use SHEQ software

To design and implement a Quality Management System, SRM and many of our clients use Mango Compliance Software – www.mangolive.com  Mango makes it easier to obtain ISO 9001:2015 certification and to perform your internal audits.

In Summary

  1. Internal Audits can add massive value to the effectiveness of your QMS
  2. Make sure you use competent auditors
  3. Make sure that they communicate well
  4. Most importantly take timely action to investigate and address audit findings to ensure the continual improvement of your QMS

SRM is ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018 certified. Contact our consultants today. Let us know if we can help you with the development and implementation of your Quality Management System.

 

Associated Blogs:

https://srmc.co.za/iso-9001-clause-4-context-of-the-organisation/

https://srmc.co.za/iso-9001/

Links to our services:

https://srmc.co.za/services/consulting/

https://srmc.co.za/iso-certifications/

 

Newer Management Review
Back to list
Older The Effectiveness Of SHEQ Controls

Related Posts