Who can perform ISO 9001:2008 Internal Audit prior to our Registration Audit?

[Lincole]

Hi guys,

I am the Quality Control Manager of the company, and we are at the internal audit stage before we can submit our manual to the API agent.

Here's my question, can I conduct an internal audit to audit the company? Or do I have to find someone else to do it? (I assume "internal" means within the company audition, and if finding someone else then it's consider as "external").

 

[mguilbert]

Re: ISO 9001:2008 Internal Audit

1) You can perform your own internal audits. You will just need someone else (other than you) to audit the internal audit process,

2) You do not need to have an external party perform your internal audits. According to a statement made by our CB auditor, you can have a third party as your internal.

Hope this helps.

 

[John Broomfield]

Re: ISO 9001:2008 Internal Audit

Lincole,

Now that you have an internal audit programme (driven by top management's objectives) you should arrange auditing to execute the programme.

You can be the auditor to invoke any necessary corrective action and to report on the status of the management system to management.

If your management system has evidence of your competence and you avoid auditing your own work, your audits will also count as part of the management system's audit record.

John

 

[qusys]

Hi guys,

I am the Quality Control Manager of the company, and we are at the internal audit stage before we can submit our manual to the API agent.

Here's my question, can I conduct an internal audit to audit the company? Or do I have to find someone else to do it? (I assume "internal" means within the company audition, and if finding someone else then it's consider as "external").

You should have formalized the internal audit program , supported by top management. To perform the internal audit you should be competent and not audit your own job.
"Internal" is referred do the company and not on the resources that you used for auditing. You should also "outsource" the internal audit to a consultancy organization . It will performed the internal audit for you as well, but you shall control it.
At the end of the story you can have a double choice. An advice could be to have a group of internal auditors ( competent and and trained), so that you can have the opportunity to share ideas and knowledge among more personnel and not concentrate the job in unique hands.

 

[inspector625]

Can I ask a question on top of a question? I am doing our internal audits here as well. My question is whether our manufacturing lead hand can audit my departments if I in turn report to him? Is this a conflict?

 

[AndyN]

Can I ask a question on top of a question? I am doing our internal audits here as well. My question is whether our manufacturing lead hand can audit my departments if I in turn report to him? Is this a conflict?

The simple answer to your question is, yes, you can - the only requirement is that you don't "audit your own work". Since you aren't actually supposed to audit people, as you are auditing process(es) there shouldn't BE a conflict. Now, of course, the other parts of the standard come into play where it talks about the audit process being free from bias etc. If, as personalities, you believe there could be some loss of objectivity or even a bias going in to the audit, then you should also consider that. The real issue here is that of "independence", which isn't being from another department, but being free of bias etc.

 

[ISO911]

Hello,

Do you have anyone who has gone through an auditing program such as ASQ or AQS and has received an auditing certificate? IF not do you have some type of auditor training program in place internally or have someone within the facility who has been trained to audit to a standard. In your case it would be ISO 9000. As long as you can show the person auditing has the verifiable knowledge to conduct an ISO 9000 compliant audit you are good. Even if your auditors were trained while working for another company they can still perform the audit there as long as you can prove they are qualified. Remember, it's not what you know, it's what you can prove you know in the eyes of "The ISO"

Hope this helped,

ISO911

 

[AndyN]

Hello,

Do you have anyone who has gone through an auditing program such as ASQ or AQS and has received an auditing certificate? IF not do you have some type of auditor training program in place internally or have someone within the facility who has been trained to audit to a standard. In your case it would be ISO 9000. As long as you can show the person auditing has the verifiable knowledge to conduct an ISO 9000 compliant audit you are good. Even if your auditors were trained while working for another company they can still perform the audit there as long as you can prove they are qualified. Remember, it's not what you know, it's what you can prove you know in the eyes of "The ISO"

Hope this helped,

ISO911

Hello and welcome! In actual fact, all that's needed is a competent auditor. As you say, they may have brought some experience from another company. Training isn't a requirement, however,neither is "qualification. Generally, training - however it was given - is just one part. Think of the training taken by new drivers. It's just makes them a little less scary on the road, really.

And I'm not sure what you mean by the "eyes of the ISO"... We're really talking about making sure management get an accurate report on their management system. "ISO" doesn't have anything to do with it.

 

[Reg Morrison]

We would not let an incompetent machinist touch a lathe. We would not allow an incompetent engineer develop a product design, etc. but we have no problems allowing incompetent internal auditors making a mockery of the function. A certificate does not make anyone qualified nor competent. Attending a class, either. Why? Because for most organizations, internal audits are inconsequential events, waste of time and effort.

Competence, not qualification, not certification, not training is what the 9001 document requires.