Good morning everyone,

Had an item I was working on and was hoping some of you more experienced with process auditing could make suggestions or additions. I'm working on generating a document which briefly outlines the benefits of a process approach vs an audit by element approach.

The first portion is benefits listed in the process approach document available as an attachment on this site...I forget who posted it but thank you, I found it quite useful. Anyhow, here's what I have so far, any additions comments would be useful...it's part of a pitch to sell the idea of internal audits by process to management.

:D

Hi Benjamin,

That's a nice list of potential benefits of process auditing, and it's pretty long.

I'd use caution when including itens like:

•Provision of confidence to customers, and other interested parties, about the consistent performance of the organization.
•Transparency of operations within the organization.
•Lower costs and shorter cycle times, through the effective use of resources.
•Improved, consistent and predictable results.

You'd need to be ready to describe just how these would be accomplished by a different auditing method.

When you address that, please consider your auditor's abilities and talents. Will he/she be able, and have time, to analyze a process instead of using the current checklist approach? Management will need to understand that resources would be needed to build strength in the audit function.

It might help if the auditor is able to do some things besides audit, but could also help people understand what proper process documentation looks like, and how to design data analysis tools so they can track progress and results.

The move away from police work and into some provision of services can be helpful in getting management support.

Good luck with this.

Thanks Jennifer,

As your post suggests, in your usual insight, the initiative would be to improve the internal audit function by improving not only the method of auditing/approach but also improving auditor skill (myself in this scenario). It is quite obvious that certain processes in our organization are lacking standardization (i.e. procedures are vague or don't exist where they should).

It is my hope that this approach to auditing, will encourage management to address these processes. And frankly, this approach makes 100 times more sense to me than auditing by element. I can go down a checklist and yes, maybe all items are addressed...but if the process is not robust and appropriately defined, will all items be addressed everytime, not likely.

As for being able to elaborate on the details of these potential benefits, I don't think it will be too difficult. I think the difficulty, in my case, will be getting management to take action when process inefficiency or opportunities for improvement are identified. I expect to get "we've done it this way, it works, we'll continue doing it this way" as a response, if I get a response at all that is.

One can only try their best ;)

One thing that a process audit can do is show how one part of a process impacts another one, especially across departments. The interdependency of contributing functions can be near-unnoticeable in a compliance audit. That's no doubt why TS mandates a process audit approach. Selling the potential exposure of weaknesses can be tough when managers believe that sales and returns rates are satisfactory.

The selling point not so much the audit function, but the internal consultant potential. The difference in expertise can be especially noticeable where process documentation is involved. For example, support people like software engineers may not be very comfortable with writing procedures that process people can use. A good process auditor can help with document editing and even making flow charts if one does not feel one is interfering or getting too closely involved. However, these services can be a lot of added work.:caution:

If you can show examples that support the theory that tidying up processes would result in, say, less product returns or shorter cycle times, management would probably listen. The language of money is the one that gets the best support. But be careful with this language! One should only offer examples, speculations grounded in reality, and be ready to help support the efforts to assess for success. It's a whole other Genie bottle...

Frankly, auditing by process vs. element is just another view of the same thing ... both have advantages and disadvantages.

Imaging you are auditing by process ... you'll cover many elements of the standard, but less depth. If you audit by element, you get greater depth of that element, but less breadth of the system. If you have 1000 gages in your calibration system, a process audit will likely see only a small number, whereas doing a calibration element audit would see a larger number.

For purpose of preparation of such summary I would strongly recommend taking a reputable input and making a digest of it.
See for example this one:
http://www.iso.org/iso/en/iso9000-14000/addresources/articles/pdf/toolC_2-01.pdf

(ISO 19011 is to provide the "Guidelines for quality and/or environmental
management systems auditing" for process-based QMS.)

Looking for some feedback...

As I stated I have been attempting to augment our internal audit process by transitioning the focus from audit by element to audit by process approach. The difficulty is that the internal management structure isn't a process management system in the true sense. With that in mind I'm thinking it would not be a successful venture to simply do an internal audit of each of the processes here, the result would be an avalanche of non-conformances which would most likely result in unhappy staff and little action.

So what I'm thinking now is that the best approach may be to take smaller steps towards this goal. In that respect I was thinking that perhaps I could integrate a form of process auditing into our current structure (audit by element by department). The idea is to continue the internal audit system as it is now, but to put more of a focus on identifying inputs and outputs, and resources in each department, from there we could trace inputs/outputs to better establish process linkages, dependancies, and general interaction.

I have no doubt that the best opportunity for improvement here lies in transitioning the management system to a process oriented one. Out of 43 errors in a year 34 occurred within supporting processes, only 9 were caused by the testing & analysis process...that's my 80/20 right there.

Anyways, the feedback I'm looking for...has anyone here experienced such a transition? What are the pitfalls? What worked best?

We are a small company so for in order for this to work I think we'll need to slowly identify processes on a 1:1 basis and fully define them and enhance their procedures accordingly before moving onto the next. Once that's done we can begin to look at their interaction in more detail and start down a road to improvement and more robust internal auditing.

Your thoughts and suggestions would be most welcome :thanx:

It's not a surprise if most nonconformances are in support processes. It's easy to lose focus on what goes into a process when the fixation is on making stuff.

One big source of discomfort in transitioning is the amount of what I'll call churn with the process auditing method. It opens up opportunity for more conconformances than simple compliance. Viewing larger numbers of nonconformances can make people unhappy.

It's been worthwhile to recogognize that the process nature of nonconformances may require a process approach to correcting them. Thus, the CA Project was born. It allows a CA owner to plan around the fact that more than one department is needed, and it can show justification for taking longer than 30 days for a fix so something that works can be put in place.

Looking for some feedback...

The difficulty is that the internal management structure isn't a process management system in the true sense.
I would not suggest you to even try to change something in the existing system just for purpose of auditing it; any business system is process-based by its nature; it takes only to describe the system as a process-based one. Also it is possible to determine each department as a process, if this approach is logical (e.g. engineering / production / logistics / maintenance / QC - why not?).

The idea is to continue the internal audit system as it is now, but to put more of a focus on identifying inputs and outputs, and resources in each department, from there we could trace inputs/outputs to better establish process linkages, dependancies, and general interaction.
I think that is not a bad idea; however in a small organization it could be possible to first identify inputs, outputs, and resources for each process (not department! why would you do it for departments?!) and then start the audits.

I have no doubt that the best opportunity for improvement here lies in transitioning the management system to a process oriented one.
For me this transition has taken exactly the time needed to draw the chart of the process-based QMS for our Company (for reference see Figure 1 of the ISO 9001-2000).

We are a small company so for in order for this to work I think we'll need to slowly identify processes on a 1:1 basis and fully define themWay to go!: )

Not trying to change something just for the sake of auditing, the intent is to drive further improvement of the processes by better scrutinizing them in the internal audit function, however, a full on process audit would be rather scary.

I'll give an example to elaborate on this:

Document Control Process

*ISO 17025 procedures pertaining to this process do not exist, the QMS addresses document control but does not address all required items.

*Electronic copies of documents are scattered throughout the intranet, some are outdated, or simply not controlled.

*Not all documents are identified with required elements.

*Master index does not identify all system documents

*QMS makes reference to documents which do not exist

*Lab Work Sheets-there is no procedure/process in place describing how these are controlled.

*Material/Industry/Client Specifications-there is no process/procedure in place describing how these are controlled.

*Spreadsheets utilized for data control/transmission/validation are not controlled, formulas are not validated, multiple versions are available to technicians.

*Company utilizes tags/forms/logs which are not included in document control.

*No procedure for periodic review of documents (procedures/work instructions,etc.) exists.

This goes on and on....so if I were to audit this process the result would be a mountain of work. Therefore the idea is to correct smaller portions of this in each department. Yes it's a backwards approach, but at least a step in the right direction. For an analogy, this approach would be similar to cleaning your house before rearranging the furniture. From my chair here as quality support/internal auditor this seems the best option to proceed with, mainly because I cannot get the resources to correct the process, but I do have the resources to begin correcting the symptoms, once I do this I will have cleaner systems and an abundance of evidence to hopefully motivate management to correct the processes (root causes).

Everyone-

The person coordinating the audit program here (who has NO previous experience with ISO 9001-2000) is forcing down our throats a system of auditing by departments. I and one of the other ISO veterans here have tried to point out the departments are composed of resources whereas processes are composed of activities but all to no avail. I have to ask, am I making sense?

Regards -John

"Against stupidity, the very gods themselves contend in vain." -Friedrich Schiller

a full on process audit would be rather scary.
I remember having a list of some 350+ requests for (major!) corrective action when working on QS-9000 at a start-up company few years ago.
I truly believe that the worse a situation is, the more it helps Quality Manager for purpose of justification of her existence.
Output of an audit are the identified nonconformities and opportunities for improvement; so, try getting bigger output on smaller input!: ))
Also everything in Quality shall be done right at the first time; then I would not suggest to ever think about doung a "half-audit" bearing in mind to acomplish it later when a situation will improve a bit; it's job of a manager to come to know all the problems and to arrange ppl to take care for; also any problem a Quality Manager knows about without addressing it will very likely turn into his professional or personal issue.
In a "bad" situation as you've described (exactly the same as for any better situation) I'd recommend the Quality Manager to adhere to the following common plan:
1. establish model of the process-based QMS,
2. describe COP's and assign responsibilities for the COP's,
3. create QM and procedures per the requirements of the standard; address the requirements to relevant managers, when encouraging the managers to review and propose updates to the procedures;
4. conduct circle of comme il faut audits of the processes of the QMS vs. common sense and ALL the requirements of the standard (as addressed in the procedures); then follow up on implementation of a comprehensive CAPA to the benefit of the Company!: )

The person coordinating the audit program here (who has NO previous experience with ISO 9001-2000) is forcing down our throats a system of auditing by departments. I and one of the other ISO veterans here have tried to point out the departments are composed of resources whereas processes are composed of activities but all to no avail. I have to ask, am I making sense?
I guess that items to be audited are the processes comprising the QMS (in these terms the departments may be defined as the processes, e.g.: "welding" or "purchasing" processes) .
So I'd suggest to check in the Quality Manual: which processes are comprising the QMS and that in order to verify justification for an approach to conduct of the internal audits.