ISO 9001:2015 Internal Auditing
- Thread starter Seini1
- Start date
Johnny Quality
Quite Involved in Discussions
NASHII,
I would find it unhelpful to do an internal audit based on the standard clause by clause, that's more like a Gap Analysis.
If you have an established system it would be more effective to ask questions to verify the processes are effective, efficient and working as documented. I would start with a process flow of the process, follow it and ask questions from that.
I would find it unhelpful to do an internal audit based on the standard clause by clause, that's more like a Gap Analysis.
If you have an established system it would be more effective to ask questions to verify the processes are effective, efficient and working as documented. I would start with a process flow of the process, follow it and ask questions from that.
...and gradually, over perhaps a year of internal audits, you’ll have sampled your organization's management system for its conformity to the standard.
I use an internal audit form that includes some basic questions that apply to every process (i.e. are the people performing the process competent) but the bulk of the "checklist" used is created by the auditor directly from the procedures and work instructions associated with the process.
For example, if the governing procedure says "the Operator shall perform a first-piece inspection on the first part manufactured during every shift" I highlight that "shall" and during the audit I verify that it's being done. The procedure becomes an audit checklist.
For example, if the governing procedure says "the Operator shall perform a first-piece inspection on the first part manufactured during every shift" I highlight that "shall" and during the audit I verify that it's being done. The procedure becomes an audit checklist.
Johnny Quality
Quite Involved in Discussions
What do you mean you don't have a system? How do you work?
Do you mean you don't have a documented system?
Do you mean you don't have a documented system?
Yes. My bad. We do not have a documented (accredited) system as yet.
Randy
Super Moderator
You won't have an accredited system, but you can have a registered or certified system.
Now, other than a Gap Analysis checklist that only helps to determine what you have of have not got in place...and that's actually working, no internal audits are ever the same between different organizations, mine will not and can not be the same as yours............And why not? Because what you do and how you do it is different than what I do........
You're asking for something that does not, nor can not exist.
Once you've done a basic Gap, and corrected your lack of meeting all the basic shall's, then you have to audit what you really do and it's really quite simple........Grab a procedure, work instruction, SOP or whatever buzzword you use for documentation and prove that you really do it the way you say you will........
Now if you don't have stuff documented, then ask someone who's actually responsible and hopefully knowledgeable "who, what, where, when, how, and why" about what's supposed to be happening ........ and then verify that it's all happening.
Now that you recognize that your organization already works as a system to sustain itself by creating and satisfying paying customers (sometimes disguised as a mission statement) you may develop that system so everyone knows how it works and can see what needs to be improved.
Even though you may use your auditing skillls to do this I wouldn’t call it an audit or even a gap analysis.
Better to engage top management in determining the processes that are essential to their system for understanding customer needs, translating those needs into requirements, fulfilling the requirements and obtaining prompt payment to invest in improvement. Those processes that comprise the value stream are supported and directed by other processes in the system such as strategic planning, maintaining facilities and equipment, recruiting, training, purchasing, auditing and investing in improvement.
Ask top management to assign each process to the person best qualified to be its “owner”. With each process owner seek to understand how the inputs of data, information and materials are known to be valid, how value is added and that the results can be relied upon. You could record such facts in deployment flowcharts which could become the documented procedures where none already exist. Capture the “as-is”, and have the process owners arrange reviews for accuracy.
Then you can use your knowledge of the system standard to initiate discussion about the benefits of corrective action as and if required.
So, as you can see, developing the system you’re already part of is preferable to you suggesting that you are trying to impose something new “from ISO” via an audit.
Even though you may use your auditing skillls to do this I wouldn’t call it an audit or even a gap analysis.
Better to engage top management in determining the processes that are essential to their system for understanding customer needs, translating those needs into requirements, fulfilling the requirements and obtaining prompt payment to invest in improvement. Those processes that comprise the value stream are supported and directed by other processes in the system such as strategic planning, maintaining facilities and equipment, recruiting, training, purchasing, auditing and investing in improvement.
Ask top management to assign each process to the person best qualified to be its “owner”. With each process owner seek to understand how the inputs of data, information and materials are known to be valid, how value is added and that the results can be relied upon. You could record such facts in deployment flowcharts which could become the documented procedures where none already exist. Capture the “as-is”, and have the process owners arrange reviews for accuracy.
Then you can use your knowledge of the system standard to initiate discussion about the benefits of corrective action as and if required.
So, as you can see, developing the system you’re already part of is preferable to you suggesting that you are trying to impose something new “from ISO” via an audit.
Similar threads
