Search the Elsmar Cove!
**Search ALL of Elsmar.com** with DuckDuckGo Especially for content not in the forum
Such as files in the Cove "Members" Directory

AS9100D Internal auditing requirements

#1
My AS auditor has stated my organization needs to audit every aspect and process in our QMS within the three year certification cycle. AS9100D, Section 9.2 does not state this as a requirement. We've defined five critical QMS processes that we plan to audit on a reqular basis. Based on the results of those audits, we may audit supportive processes in which issues were found.

Does anyone agree or disagree this approach meets the requirements of AS9100D, Section 9.2?
 

John Broomfield

Staff member
Super Moderator
#2
Sure, some of your processes are much more important than others.

But system thinkers remember that for the want of a nail the kingdom was lost.

So, cover all parts of your system with your audits but some parts less frequently than others - according to risk of course.

That 3-year rule you may find in the terms and conditions of your contract with your registrar.
 
#3
Unfortunately the content that you may select to be reviewed during an internal audit may come under scrutiny from different auditors. You're correct in noting that the standard does not dictate this, however that in it self will lead to different opinions from different auditors. In my experience it's best to go above the requirements (if it's not too time consuming depending on time frame, company size, manpower etc...) and satisfy the auditor then to argue the point.

Do you perform these internal audits every year before your yearly review audit or only once before your re-cert audit?
 

Kirby

Involved In Discussions
#4
I think that I learn something everyday.
Sure, some of your processes are much more important than others.

But system thinkers remember that for the want of a nail the kingdom was lost.

So, cover all parts of your system with your audits but some parts less frequently than others - according to risk of course.

That 3-year rule you may find in the terms and conditions of your contract with your registrar.
Thanks for the heads-up regarding the T&Cs . We recently had an auditor react to the answer to his question "Why didn't you audit every requirement?" Now, to be honest the internal audit was not a shining example of superior auditing / reporting. But when we answered that we had attempted to get a reasonable sample from each area / process he was not happy and advised in no uncertain terms that we should never think in terms of "samples". As I said before, every day I learn something that I didn't know. My experience had been that you start with a schedule and, based on the results of the initial audits, you may revise the schedule to address areas / processes where you had noted "indicators" or actual weaknesses. Apparently we need to eure that we cover all elements of our QMS / AS9100 at least once a year. OK.
 
Top Bottom