Internal Audit Schedule - Frequency of internal audits

I would like to gather a consensus as to how often internal audits are scheduled at other organizations.

Our procedures states that all processes comprising the quality system, which involve procedures and work instructions, are audited at least once a year according to this procedure.

I'd like to reduce that frequency but wondered what others do - I'd love to have it say on an as-needed basis or that the frequency will be determined by the management rep (me).

little__cee said:

Our procedures states that all processes comprising the quality system, which involve procedures and work instructions, are audited at least once a year according to this procedure.

Click to expand...

Ours does not. We use the result of an audit to set the date for the next one. A total "meltdown" results in a re-audit of course, but I've only had to do that twice in the last ten years or so. The norm is the usual one year cycle, but a really crappy result means we'll be there again in six months, while a great performance could mean an 18 month respite. It rewards good shows and allows us to focus our efforts where they are needed.

The registrar auditors loves the set up... and so do I. It works.

/Claes

We require all processes to be audited at least annually. Schedule set by the Management Review Team based on the results of previous audits and processes considered more strategically important to the organization are scheduled for audits more often.

ERich

Basically, we audit all processes annually, with the option of increasing that frequency depending on the results of the audit, or other input such as a rise in customer complaints.

The option of increasing the frequency is assigned to the QA Director, and audit results/effectiveness are 1 of the items analyzed during management review. We also will increase audits if we have such a request from the process owner - which we have received. Similar to Claus, a meltdown would cause a quick audit schedule change that the audited party would not appreciate. We're still new enough as a company - roughly 4 years old, that processes are not mature enough to avoid auditing for a year.

We'll also small enough that we will reschedule during the year if we have an urgent need to apply resources to different areas.

internal audit frequency

During my time with QS9000, there were elements which only barely applied to our business, and as a result only impacted the business on very rare occasions. The procedures involved were invoked only a handful of times over a 3 year period, and as the Mgt. Rep, I saw no good reason to spend resources auditting them on an annual basis.

In my discussions with registrars and auditors, I found no 'shall' that stated that each element and procedure had to be audited via internal audit once a year. Many many recommendations for an annual full system audit, but no absolutes. I therefore planned to have the low-change, low -impact elements /procedures audited only once in a 3 year cycle by internal auditors, and once in a 3 year cycle by the surveillance auditors. Worked for us at the time.

Barb

Frequency of internal audits

I beleive that organization is the one who should decide the frequency of the audits since she is the one who knows the systems, processes, products, culture of the organizatin etc, etc.
But to the frequency should be deceided so that inprovement can be made, n audit CPAs could be closed.

Frequency of audits

We have just changed our system from each department being audited twice a year (twenty audits) to a process audit ten times a year. This means that some departments are being done up to 10 times a year. Our department managers like it because it shows up problems across the process rather than in departments, our external auditor likes it because it is process based and I like it becuase it is less audits but more auditing time.

c-

Our audit program is controlled by me (LIA) and currently features 21 auditors with a schedule for some 53 audits this year. While this may sound like overkill, I should mention that 1) we use a hybrid of process / element audit scopes (7 major processes under 7.5.1 for example), 2) there were at least 7 elements not audited last year that I am doubling up on and 3) we are a young company (18 mos) certification-wise.

I think that your audit program is yours; yours to define and conduct as it suits your QMS. Ultimately you have to defend / justify the effectiveness of the program several times per year, so you should have a very good handle on what works. Good luck with your choice.

We audit every process annually, though it may be a different department within that process each time. If we suspect something is amiss, or if a department has gone through a lot of changes, or if a department requests it, we may do a follow-up audit to recheck them or make sure that they are still OK after making the changes, etc… Works for us, we do 1-2 audits per month, plus the month before our external audit we do an “Audit Blitz” where we audit every process.
The audit blitz is really more to give people last-minute practice on answering an auditor’s questions and to calm their nerves about being ready for the audit than it is to actually catch last minute problems. Seems to work well for us and department managers are usually more confident in dealing with the external audit with this “trial run” a few weeks before.

Continuous process. Why you ask?

If it ain't being looked at it ain't gonna be managed.