Who are supposed to be the auditees/auditors in a small organization?

C

cmfugen

Hi,

Since last many days few doubts are pecking me, we are a small organization, recently we certified for ISO 9001:2000, we have a president and Vice president, President himself is The Quality management representative and even the employees are also few in number.My doubts are as follow:

1. For management review who should be the auditees, either employees or President and Vice president

2. Is it a must that for every internal audit we must have auditees or without auditees also can we do the audit of the topic?

3. Even for the audit of internal audit topic who should be the auditees either employees or internal auditors

4. If we have very few employees how many times each employee can be used as an auditee if employees can be used as auditees?

5. Is it a must that auditees must have awareness about the audits like internal audit, management review and corrective and preventive actions?

The reason for asking about auditees is that in the internal audit report there is a column for the signature of the auditee and a column for auditor

Please guide me,
Thanks
cmfugen
 

Stijloor

Leader
Super Moderator
Hi,

Since last many days few doubts are pecking me, we are a small organization, recently we certified for ISO 9001:2000, we have a president and Vice president, President himself is The Quality management representative and even the employees are also few in number.My doubts are as follow:

1. For management review who should be the auditees, either employees or President and Vice president

An employee can be the auditor and can audit the management review process.

2. Is it a must that for every internal audit we must have auditees or without auditees also can we do the audit of the topic?

Well, someone has to answer questions and show relevant evidence. That person would be the auditee.

3. Even for the audit of internal audit topic who should be the auditees either employees or internal auditors

The person that "owns" the audit process would be the auditee.

4. If we have very few employees how many times each employee can be used as an auditee if employees can be used as auditees?

No limit.

5. Is it a must that auditees must have awareness about the audits like internal audit, management review and corrective and preventive actions?

It would be very helpful if these folks understand the intent and purpose of the internal audit process and subsequent activities.

The reason for asking about auditees is that in the internal audit report there is a column for the signature of the auditee and a column for auditor

There is no requirement for an auditee signature. How you process this information is entirely up to you.

Please guide me,
Thanks
cmfugen

Keep it very simple, make it work for you. What works in a larger organization, may not work for you. Too many times, small companies try to emulate what large companies do.

Hope this helps.

Stijloor.
 

Jen Kirley

Quality and Auditing Expert
Leader
Admin
Managing a QMS in a small organization can make one feel like a juggler.

1. The process is audited, not the people. As few as one person can represent the process. This could mean the president or VP--whoever is in charge of the process.

2. There is no explicit requirement to have an auditee in every audit. Most of my audits include a "desk audit" element: checking records from my computer. In rare cases, such as a records audit, this desk audit involves an interview only if an issue is discovered.

3. The internal audit process owner should be interviewed for the audit if the audit process. If the auditor does not "own" the audit process but is doing the work part time, he/she and the process owner should be interviewed. Some qualified person, who is not a part of the audit process, should do this audit. This is the only specifically listed requirement in ISO standards I am familiar with.

4. How many times a given person is audited is determined by how many processes that person is involved with a process, especially how many processes that person "owns". I have never seen a limit except this person cannot audit his/her own process.

5. For the sake of being audited, the auditee only needs awareness of the process he/she is being audited on. These people do not need knowledge of the auditing process unless they are auditing it. However, all process owners need to know how the corrective action and preventive action processes work, as well as continuous improvement.

All process owners need to know how they can tell if the process is doing well or not; some performance metric, and certainly if there is any management review of that particular metric. Even if someone else provides management with performance data, the process owner needs to understand what it is, how to impact it, and what actions have been taken to correct problems.

I hope this helps!
 
C

cmfugen

Hello

Thanks for your prompt replies. Again my concern is question no.3, because the owners of the company(2 no.s) are the internal auditors, they were trained by the consultancy company, so when they do the audit of the topic internal audit then who they have to question for the audit, i mean whom they have to interview, as you guys said somebody has to answer questions and they are the auditees, as these are the gues who owns the process of the audit whether they have to questiont themselves or they have to question the employees of the company, really these things are confusing, i hope you understand my confusion.

Thanks a lot
 

Stijloor

Leader
Super Moderator
Hello

Thanks for your prompt replies. Again my concern is question no.3, because the owners of the company(2 no.s) are the internal auditors, they were trained by the consultancy company, so when they do the audit of the topic internal audit then who they have to question for the audit, i mean whom they have to interview, as you guys said somebody has to answer questions and they are the auditees, as these are the gues who owns the process of the audit whether they have to questiont themselves or they have to question the employees of the company, really these things are confusing, i hope you understand my confusion.

Thanks a lot

I understand.

One solution is to team up with another ISO 9001 registered company in your area and have them come out to audit processes that would be in conflict with "auditors shall not audit their own work." Your local ASQ (or Canadian equivalent) may be able to "broker" such an agreement because there are always quality professionals who are looking for enhancing their audit experience.

Just some ideas.

Stijloor.
 
D

dhammonds

Hello

Thanks for your prompt replies. Again my concern is question no.3, because the owners of the company(2 no.s) are the internal auditors, they were trained by the consultancy company, so when they do the audit of the topic internal audit then who they have to question for the audit, i mean whom they have to interview, as you guys said somebody has to answer questions and they are the auditees, as these are the gues who owns the process of the audit whether they have to questiont themselves or they have to question the employees of the company, really these things are confusing, i hope you understand my confusion.

Thanks a lot

Why not have your auditors audit each other. If you Pres and VP are both your auditors, then have your Pres audit your VP, then have the VP audit the Pres. Don't over complicate things, and don't get bogged down in the bureaucracy (alleged) of the standard. You can do the auditing any way you want as long as you are verifying you are doing what you have documented and that what your processes stipulate. Internal auditing is just self checking and documenting that you are meeting the standard when external auditors aren't around.
 
M

meongroup

Internal audit is a litle more than verifying that systems are working as documented. the management processes of the company require information, some of which come from the audit process. Business managers need to know - and the ISO Standard implies that hey need to know - the answers to just three questions.



1. Are the systems adequate to support the business plans and objectives for which they were established
2. Are they being applied as intended
3. Are they achieving the rsults expected

When audits are conducted and reported to provide such information the issue of who audits whom becomes irrelevant.
 

Randy

Super Moderator
You know what? It really doesn't matter and nobody really cares as long as you can show competency of the auditors and ensure that ....

"Selection of auditors and conduct of audits shall ensure objectivity and impartiality of the audit process. Auditors shall not audit their own work."

It's as simple as that.
 

Raffy

Quite Involved in Discussions
Hi cmfugen
We are also a small organization and certified to ISO/TS16949.
In our end, 1. The auditees are the different department manager including the Top Management, i.e. Operation’s Director, Sales and Marketing Director and Engineering Director; 2. Internal audit must have an Internal Auditor and Auditee; 3. In our end, Our Internal Auditor comes from QA Department, she is independent on other task, she is just doing purely internal audit. She can audit all department or processes except for the Internal Audit Process. She must audited by the QMR or the QA Manager.; 5 IMHO, the auditees should be aware of the Internal Audit Process, likewise the Assigned Internal Audit must send an Audit Notice 1 week prior the scheduled audit. During Audit, the Internal Auditor shall conduct an Opening Meeting between the auditor/team and auditee representatives, where appropriate. Discuss the scope of the audit and review the proposed audit agenda. Types of Nonconformance. Conduct the Internal Audit, During audit, nonconformance should not be cited without agreement of the issue from both auditee and auditor. If additional objective evidence is needed to resolve issues, a specified time will be given to the auditee to provide the evidence. If the evidence is not provided within the specified time limit, a nonconformance report will be cited. After the audit, Closing Meeting must be conducted to inform the auditees of the audit result. Nonconformance (if any), highlights, concerns and other issues should be reviewed.
Hope this helps.
Best regards,
raffy:cool:
 

Big Jim

Admin
I understand.

One solution is to team up with another ISO 9001 registered company in your area and have them come out to audit processes that would be in conflict with "auditors shall not audit their own work." Your local ASQ (or Canadian equivalent) may be able to "broker" such an agreement because there are always quality professionals who are looking for enhancing their audit experience.

Just some ideas.

Stijloor.

I see this quite often. The most common form I see is to ask help from a very close customer or supplier that you feel has a well developed quality management system. Many are flattered to be asked and are very willing to help, often for free.
 
Top Bottom