Changing the Frequency of Internal Audits - ISO/TS 16949 Internal Audit Requirements

F

Filip M.

Hi,

we are an ISO/TS certificated company. Yearly, we audit all the production departments, staff functions, ... With other words, all the defined processes (SOP, MOP and COP) will audited at least once a year. That cost a lot of time. Is it mandatory, cfr. one or an other rule to audit each process yearly or is it allowed to spread it over three years ? And if yes, where it's describes that it is allowed to spread it over three years. Perhaps, just like in ISO/TS a few items must be audited at least once a year. Thanks in advance for a reply. Best regards, Filip
 

John Broomfield

Leader
Super Moderator
Re: Frequency of internal audits - ISO/TS

Hi,

we are an ISO/TS certificated company. Yearly, we audit all the production departments, staff functions, ... With other words, all the defined processes (SOP, MOP and COP) will audited at least once a year. That cost a lot of time. Is it mandatory, cfr. one or an other rule to audit each process yearly or is it allowed to spread it over three years ? And if yes, where it's describes that it is allowed to spread it over three years. Perhaps, just like in ISO/TS a few items must be audited at least once a year. Thanks in advance for a reply. Best regards, Filip

Filip,

You may need to start by making sure your management system is based on your organization's cross-functional processes. Make sure everyone knows they are meant to be monitoring their processes for conformity (includes effectiveness).

Then stop auditing departments and staff functions.

Audit your system's processes instead. Include the relevant procedures, control plans and ISO/TS standards as audit criteria.

Schedule the process audits according the importance and status of the process and the results of previous audits, problems and customer feedback.

Some processes may need a quarterly audit, others every six months or once a year. You get the idea. I question the value of a process that needs auditing only once every three years.

Ensure leaders cause at least 80% of the corrective actions to come from directors, managers, supervisors, team leaders and operators monitoring their processes and making suggestions.

All the best,

John
 

AndyN

Moved On
Re: Changing the Frequency of Internal Audits - ISO/TS 16949 Internal Audit Requireme

In addition to John's comments, please look here: http://www.nqa-usa.com/resources/articles_detail?id=48

As you will see, once a year is going to be less than effective, especially when you consider the risks. I'm not sure why your certification body auditor allows you to do this, but I don't believe they understand 'status and importance'...
 
V

vanputten

Re: Changing the Frequency of Internal Audits - ISO/TS 16949 Internal Audit Requireme

To add some confusion thanks to TS 16949, in clause 8.2.2.4 it states that internal audits shall be scheduled according to an annual plan.

ISO 19011:2011 defines "audit plan" as:

3.15 audit plan
description of the activities and arrangements for an audit (3.1)

Based on that definition and the text in ISO 19011 related to audit plans, I get the understanding that audit plans are specific to a single audit. I don't understand how one can have an annual audit plan and meet the definition of 3.15 in ISO 19011, unless you do one audit a year.

Maybe they meant Audit Programme?

3.13
audit programme
arrangements for a set of one or more audits (3.1) planned for a specific time frame and directed towards a specific purpose

I think once a year for some processes can be effective. How would Cove members know if an audit frequency of once a year, for a specific process, is effective or not?

If a frequency of once a year is not effective, does that mean only a frequency more often than once a year is effective? Or do you mean that a frequency based on risk and not time is more effective, where the resulting frequency could be monthly, every 2 years, etc.?
 

AndyN

Moved On
Re: Changing the Frequency of Internal Audits - ISO/TS 16949 Internal Audit Requireme

Hi Dirk!

I've taken (and had it registered to TS) the idea that the audit frequency was defined (as monthly) and that about 30 days before the next 'due date', consideration was given to scope, audit criteria etc, based on what's going on at that moment in time - changes, newness, customers, risk, impact - you know the drill! If nothing's going on and the process is still delivering - and, crucially - if you have nothing 'better' to audit (higher priority), then a simple compliance check is all that's needed...(and it would be waaaay down the list.)
 

John Broomfield

Leader
Super Moderator
Re: Changing the Frequency of Internal Audits - ISO/TS 16949 Internal Audit Requireme

To add some confusion thanks to TS 16949, in clause 8.2.2.4 it states that internal audits shall be scheduled according to an annual plan.

ISO 19011:2011 defines "audit plan" as:

3.15 audit plan
description of the activities and arrangements for an audit (3.1)

Based on that definition and the text in ISO 19011 related to audit plans, I get the understanding that audit plans are specific to a single audit. I don't understand how one can have an annual audit plan and meet the definition of 3.15 in ISO 19011, unless you do one audit a year.

Maybe they meant Audit Programme?

3.13
audit programme
arrangements for a set of one or more audits (3.1) planned for a specific time frame and directed towards a specific purpose

I think once a year for some processes can be effective. How would Cove members know if an audit frequency of once a year, for a specific process, is effective or not?

If a frequency of once a year is not effective, does that mean only a frequency more often than once a year is effective? Or do you mean that a frequency based on risk and not time is more effective, where the resulting frequency could be monthly, every 2 years, etc.?

vanputten,

Yes, the annual plan is part of the audit programme but the ISO/TS 16949 drafters chose not to duplicate or contradict ISO 19011.

Audits scheduled according to an annual plan does not mean each audit is done once a year.

It means the plan at any time would show the current year's worth of planned audits according to the audit programme.

The audit programme addresses the risks when updating the annual schedule of audits.

A 12 month forecast updated quarterly according the demands of the audit programme would conform to ISO/TS 16949.

I agree that 8.2.2.4 may confuse some readers who are not up to speed on the recommendations for audit programmes.

John
 
Top Bottom