Definition Audit - Definition of what an audit is - Is there more to auditing?

Mike S.

Happy to be Alive
Trusted Information Resource
#21
Richard Olson said:
However, we do verify things with the standard so that we can say we are checking comliance, but the primary focus of the audits are looking at effectiveness and areas for improvement.
Richard,

What "things" do you verify with the standard during internal audits? Do you only check CHANGED things to verify they conform?

As I run things thru my little mind I can see the possibility where if a company allows department managers, process managers, etc. to change procedures and, at the time of the change, no one audits them for ISO compliance, then periodic internal audits would need to check for compliance. If no changes are made, I cannot see a need for audits for ISO compliance. Am I off base?
 
Elsmar Forum Sponsor
C

Craig H.

#22
Mike S. said:

I can see the possibility where if a company allows department managers, process managers, etc. to change procedures and, at the time of the change, no one audits them for ISO compliance, then periodic internal audits would need to check for compliance. If no changes are made, I cannot see a need for audits for ISO compliance. Am I off base?
Mike, I think you have it. The only thing I would add at this point is something our Engineering Department does to me every now and again: adding procedures without letting me know, and with no signature, rev. date, etc. Somehow, even with our internal audits, our external auditor has a way of sniffing them out. Internal audits are another chance to catch that kind of thing (didn't you call them "unauthorized changes" a few posts ago, come to think of it?).

Craig H.

:eek:
 
J

Jimmy Olson

#23
Mike S. said:
What "things" do you verify with the standard during internal audits? Do you only check CHANGED things to verify they conform?
We basically cross reference to the procedure in case the question comes up about checking compliance to the standard. Each of our written procedures indicates the relevant element of the standard and we periodically check it against the standard.

As far as checking any changes, that is done when the change is made, to make sure it still satisfies the standard. We do everything we can to prevent people making unauthorized changes. Any changes have to go through the relevant people and through quality so that it is checked, and everything is protected against unauthorized changes. Basically, it has to be signed off and agreed on before it's changed in the system. Of course it's impossible to prevent anything from ever happening, but we control it as much as possible.
 
J

Jimmy Olson

#24
Jim Wade said:

Unless, of course, your organization is one of the many that believes that reducing the number of discovered nonconformities is a meaningful objective!
Are you saying that it's not a good thing to strive for improvement? Or perfection (even though that's impossible)?

I think it's a good thing to shoot for reducing the number of non-conformances. That shows that you are playing by the rules (even though you might not agree with or like the rules). If you get through an external audit without any non-conformances, that means you have a very good QMS in place (or you're good at hiding stuff :vfunny: ). Granted, just having a good QMS doesn't mean much on its own, but it's still a pretty good accomplishment.
 
J

Jimmy Olson

#25
Something is going on today. This is the second time today that someone has responded to one of my posts and called me the wrong name. I don't think I have an alter-ego personality on here. Or do I? :confused: :bonk: :confused:


I agree that using the internal audit process as a tool to avoid NCs during the external audit is a waste, but realistically, isn't that sort of what you're doing? You look for problems during the internal audit and fix them. It just happens to work out that you find the problems before someone else does. But, that shouldn't be the focus of your audit.

You should be looking for problems so that you can improve the effectiveness of the company, not so you can improve your external audit reports. The fact that your external audits get better are coincidence.
 
J

Jimmy Olson

#26
Jim Wade said:

Sorry Richard, I have no idea how that happened. But I do know who was to blame and I shall punish him.

I think our views on this point are close enough, don't you? :agree:

rgds Jim

No problem. I've been called plenty of other names that can't be mentioned here :vfunny:

I would agree that we are expressing the same point, just saying it differently. :agree:
 
M

M Greenaway

#27
Mike

Can you elaborate on how you would formally approve a procedure where there is no formal procedure ?

Is this reliant on you holding in your memory the way everyone does their job ??

Jim

You say checking ISO9001 compliance is a waste of time and money, with deepest respect that is just your opinion isnt it ?

Isnt ISO9001 supposed to be a good and effective model for quality management, thus by complying with it arent we ensuring our system continues to be good and effective ?

The only answer to this, as I see it, is that ISO9001 is not a useful model for anything, in which case why re-invent the audit process ? Why not just jack it all in ??
 
M

M Greenaway

#28
Jim

Sorry to be repetative, but how do you control the changes.

I do agree with your argument to an extent in theory, i.e. if our third party auditors say our system is OK then it will continue to be OK unless we change something, no need to keep re-checking - sure.

But how do we control the changes, particularly in an ISO9001:2000 company where documented procedures might be minimal ?

Can we rely on our external auditors picking it up, where they often operate systems that audit the entire QMS over the period of the three year certificate duration, as such a process might only get audited once in three years against the standard ?

Isnt it perhaps the purpose of internal audit to pick up on these changes, due to perhaps 'natural drift'.
 
M

M Greenaway

#29
Jim

These changes, quote:-

"The registrar gives us a certificate that we comply. We then, as long as we actually operate our own system, continue to comply. We no longer need to check (until the system changes and then a quick deskcheck does the trick). "

If the system changes, and it is not a documented part of the system, how do we do a desk check ?

Checking compliance IS a requirement of ISO9001:2000, and was also a requirement of the 1994 standard. In fact the whole concept of an audit, in its broadest definition and encompassing all its variants, including financial audits, includes checking compliance.
 
M

M Greenaway

#30
Jim

You are forgiven.

Cant figure out how to quote properly in my posts, but you said:-

"I guess the answer is that the checker asks herself "does this change (that I've heard about but no-one cares enough about to document) mean that we no longer meet a requirement of ISO 9001?" and then acts according to the answer she gives herself. "

OK, so we are reliant on hearsay to identify system changes, which seems pretty weak, however you then go on to say that the checker asks whether the change meets ISO9001 requirements and acts accordingly.

Thats internal audit, that is what it does and what it is there for !!

So in order to strengthen the capture of system changes, lets schedule visits to all areas of the business over the course of the year, just in case the hearsay network is not functioning effectively.

Sounds good to me !

Sorry isnt that what we have done for years ?
 
Thread starter Similar threads Forum Replies Date
R Critical suppliers (Definition of) and MDSAP (Medical Device Single Audit Program) ISO 13485:2016 - Medical Device Quality Management Systems 15
M Inputs on definition of very similar processes for multi site audit sample - IAF MD1 2018 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
S Definition Would a wrong definition constitute an Audit Finding? Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 3
K Definition of Repeat Audit Findings Internal Auditing 11
W Definition Product Audit - Definition Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 2
K Definition Audit - Time for a new definition of the word Audit? Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 15
B Definition of Calibration Frequency - Dispute during Audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
A Audit "Finding" Definition and Significance General Auditing Discussions 7
S Audit Trails - Definition, Description and Software Internal Auditing 9
D Definition Major Audit Nonconformance - Definition of Major Nonconformance Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 9
J Definition of Special Characteristics Delta C and Delta S - Need for Customer Audit Capability, Accuracy and Stability - Processes, Machines, etc. 2
L Audit Definition in ISO 9000:2000 includes "documented process"? General Auditing Discussions 2
E Definition Audit Finding - In 'Registrar Language' what is the Definition of a 'Finding'? Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 11
A Definition Major vs. Minor Nonconformance (Finding) - Internal Audit - Definition & Differences Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 38
Marc Definition Process Audit - Internal and External - ISO9000 - A Definition Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 7
N Definition Discovery Audit - Can someone give me a text book definition? Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 4
Q ISO 9001-2015 Internal audit finding Internal Auditing 12
lanley liao How to understand this words that the planning of internal audit shall take into consideration the results of previous audits? Oil and Gas Industry Standards and Regulations 10
P Audit check for IT company (ISO 9001) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
D Supplier audit Medical Device and FDA Regulations and Standards News 2
M Go Live With New ERP System before Recertification Audit General Auditing Discussions 6
A Add MDSAP to Internal Audit Schedule Medical Device Related Regulations 0
A Define timeline for Major and Miner Audit finding General Auditing Discussions 4
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
A API Monogram audit review process Oil and Gas Industry Standards and Regulations 4
S IATF 16949 Internal Audit Example IATF 16949 - Automotive Quality Systems Standard 7
B Remote IATF 16949 audit preparation General Auditing Discussions 10
M AS9100D Registrar pre-audit requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 15
I Do I need to sign off my annual audit calendar? Internal Auditing 2
R AS9100D internal audit checklist or ISO 9001 2015 to AS9100 D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
M Nice and simple invitation email to an audit kickoff meeting Internal Auditing 1
M IATF 16949 - Audit of Remote Location/Support Site and IT IATF 16949 - Automotive Quality Systems Standard 4
Q IATF audit - Root Cause Analysis results IATF 16949 - Automotive Quality Systems Standard 5
Q Self-assessment audit information Quality Management System (QMS) Manuals 6
Le Chiffre Online training available for ISO/IEC 17021-1: Requirements for bodies providing audit and certification of management systems Training - Internal, External, Online and Distance Learning 3
xfngrs NIOSH Audit for N95 respirators US Food and Drug Administration (FDA) 1
Sidney Vianna IATF 16949 News Risked Based Audit Day Calculation IATF 16949 - Automotive Quality Systems Standard 2
T AS9100 audit due to facility move AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
M ISO 13485:2016 internal audit checklist Medical Device and FDA Regulations and Standards News 5
A Internal Audit Questions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
B SAP Audit trail Periodic Review EU Medical Device Regulations 1
N What are the software audit and control steps Reliability Analysis - Predictions, Testing and Standards 2
R Gap Audit Aerospsace and Rail QMS Quality Manager and Management Related Issues 0
salaheddine96 Internal audit planning Internal Auditing 2
A MDSAP Audit Questionnaire Medical Device and FDA Regulations and Standards News 7
H Obligations as a contract manufacturer during an MDSAP audit ISO 13485:2016 - Medical Device Quality Management Systems 5
M What are the basics of Medical Device Single Audit Program (MDSAP)? ISO 13485:2016 - Medical Device Quality Management Systems 7
Sidney Vianna IATF 16949 News Update on the IATF CARA Project (“Common Audit Report Application”) - 12/2020 IATF 16949 - Automotive Quality Systems Standard 1
R ISO 17025 vertical audit checklist wanted Document Control Systems, Procedures, Forms and Templates 2
Z Rapid audit template for plastic parts manufacturing process Manufacturing and Related Processes 12

Similar threads

Top Bottom