Can I audit processes I've established but do not implement or maintain?

Mark Meer

Trusted Information Resource
#1
There is a QMS requirement that internal audits "shall ensure objectivity and impartiality", and that "auditors shall not audit their own work".

Here's the situation: Years ago, I authored procedures for purchasing & supplier control based on our input quality system standard requirements (ISO 13485), and our own internal needs. I developed all supplementary training work instructions and forms, and was one of the persons responsible for authorising the documents for use.
I then delegated persons to train and implement so, for the last few years, I've not been involved with the process, with the exception of monitoring vis-a-vis internal audit outputs and management reviews.

Question: Can I justify performing an internal audit, given that I'm not involved in any of the actual activities at this point, but despite the fact that I am the original author of the current documents being used? Would this be a violation of the "objectivity and impartiality" or "not audit own work" requirements?

According to our ISO requirements, internal audits are intended to (paraphrased) (a) check conformity to the QMS standard, and internal & regulatory requirements; and (b) confirm effective implementation and maintenance. Perhaps I could do (b), but not (a)?
 
Elsmar Forum Sponsor

Mark Meer

Trusted Information Resource
#3
As an external auditor, I would have no problems with that setup. Actually, you as the process designer and subject matter expert would be in a prime position to ascertain if the process is working as intended.
That is my feeling as well...but am still not sure.

On the one hand, as you say, given that I established the process, and am very well-versed in all the requirements, I'm in arguably one of the best positions to audit. Also, as manager of the overall quality system, I have an invested interest in improvement, and ensuring things are operating correctly & efficiently.

However, on the other hand, the original Standard's requirements were presumably instated because people are sometimes not critical or bias to processes they have a hand in -- they can have "blind spots" that a completely impartial auditor would (presumably) not have.

Given that all the activities ultimately stem from procedures I developed, it may be difficult to argue impartiality...and insofar as I'm double-checking the procedures to confirm that all Standard, regulatory, and internal requirements are still covered, I would technically be auditing my own work. Tough to make a case that the ISO requirements are not being violated, despite the case for great qualification otherwise.
 
Last edited:
#4
Question: Can I justify performing an internal audit, given that I'm not involved in any of the actual activities at this point, but despite the fact that I am the original author of the current documents being used? Would this be a violation of the "objectivity and impartiality" or "not audit own work" requirements?
Objectivity? Impartiality? You might be too hard on your written work! As far as not auditing your own work? It's NOT your work is it? Make certain you demonstrate the former 2 requirements by careful planning (checklist preparation or similar) and the second won't be a problem.
 
Last edited:

Sidney Vianna

Post Responsibly
Staff member
Admin
#6
Given that all the activities ultimately stem from procedures I developed, it may be difficult to argue impartiality...and insofar as I'm double-checking the procedures to confirm that all Standard, regulatory, and internal requirements are still covered, I would technically be auditing my own work. Tough to make a case that the ISO requirements are not being violated, despite the case for great qualification otherwise.
Mark, authorship of the procedure is different from deploying it and performing the activities required. I don’t agree you would be auditing your own work in the context of the ISO standard.

As for the possibility of the process itself, as designed, failing to address some of the legal and voluntary requirements, you would think the external auditors would be doing their jobs.

Seems to me you are overthinking this.
 

John Broomfield

Staff member
Super Moderator
#7
Mark,

It seems to me that you’ve designed a process and written it’s procedure so others can work the process as specified by your procedure.

You are independent enough to audit the process (the work itself), but audit should not replace verification and validation of the process design.

And you are not independent enough to audit the effectiveness of the design as made manifest by your procedure.

What you could do is obtain independent verification and validation of the design and invest in monitoring of the process against your procedure.

But I could not truly audit (as in being impartial) a process that I had designed but you may be professional enough to still be an objective auditor.

John
 
Thread starter Similar threads Forum Replies Date
M Inputs on definition of very similar processes for multi site audit sample - IAF MD1 2018 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
G Audit of essential QMS processes General Auditing Discussions 11
Gman2 Processes sharing the same nonconformance during an audit General Auditing Discussions 13
D Shall the first Internal Audit cover all the processes of the company? Internal Auditing 17
A Where can I find the NADCAP Audit Criteria for all the processes? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
T Internal Audit - How to define the Importance of Departments and Processes Internal Auditing 8
C How to efficiently audit Suppliers Qualification Processes AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
M Monitoring of Processes - Audit of a Call Centre ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 14
H Understanding 8.2.3 M&M of Processes for our Internal Audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
E How to perform a DCC Audit (Document Control Processes) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
A 3rd Party Audit Finding Not Clear - 4.1 Outsourced Processes AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 36
S Audit on Manufacturing Processes - a) Audit Checklist, and b) Detailed Audit Report Process Audits and Layered Process Audits 13
X Audit Findings - The Process/Clause Matrix does not identify all the processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 30
D How to Audit Oracle used for Accounting Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
A Internal Audit-Customer Related Processes Internal Auditing 2
G Quality Audit on Designers and their Processes and Practices General Auditing Discussions 2
M Internal Audits - Audit Departments or Processes Internal Auditing 13
D Flowcharts of Processes Delayed my Internal Audit Plan ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
I Can we use layered process audit (LPA) for HR Processes? Process Audits and Layered Process Audits 9
T Records of New Processes for AS9100 - AS 9100 certification audit AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
J Which is correct: Audit elements of standard or QMS Processes? Internal Auditing 16
Q Internal Audit:Comparing Efficiency of Similar Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
D How to audit identical processes? TS 16949 Clause 8.2.2 General Auditing Discussions 2
Q Streamlining incoming audit - 2 separate inspection processes Inspection, Prints (Drawings), Testing, Sampling and Related Topics 2
J Does anybody have an audit checklist focused on Manufacturing processes? Manufacturing and Related Processes 8
S TS 16949 ?Audit observation Report? format or form with Input, Output, Processes Document Control Systems, Procedures, Forms and Templates 9
A Process audit - Is it necessary to audit the special processes like plating? Process Audits and Layered Process Audits 2
E Supplier audit checklists for special processes - Plating Process audit Checklist Process Audits and Layered Process Audits 2
Antonio Vieira The importance of some processes... Internal Audit, Management Review, Nonconformance Management Review Meetings and related Processes 3
P Special Processes Audit - Seeking review and comments General Auditing Discussions 7
S If I audit my Processes, Have I audited the Standard? General Auditing Discussions 28
R Process Audit vs. Element Audit - The auditor focused on 13 different processes. Process Audits and Layered Process Audits 5
CarolX Supplier Audit checklist for special processes Supplier Quality Assurance and other Supplier Issues 3
Q ISO 9001-2015 Internal audit finding Internal Auditing 12
lanley liao How to understand this words that the planning of internal audit shall take into consideration the results of previous audits? Oil and Gas Industry Standards and Regulations 10
P Audit check for IT company (ISO 9001) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
D Supplier audit Medical Device and FDA Regulations and Standards News 2
M Go Live With New ERP System before Recertification Audit General Auditing Discussions 6
A Add MDSAP to Internal Audit Schedule Medical Device Related Regulations 0
A Define timeline for Major and Miner Audit finding General Auditing Discussions 4
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
A API Monogram audit review process Oil and Gas Industry Standards and Regulations 4
S IATF 16949 Internal Audit Example IATF 16949 - Automotive Quality Systems Standard 7
B Remote IATF 16949 audit preparation General Auditing Discussions 10
M AS9100D Registrar pre-audit requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 15
I Do I need to sign off my annual audit calendar? Internal Auditing 2
R AS9100D internal audit checklist or ISO 9001 2015 to AS9100 D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
M Nice and simple invitation email to an audit kickoff meeting Internal Auditing 1
M IATF 16949 - Audit of Remote Location/Support Site and IT IATF 16949 - Automotive Quality Systems Standard 4
Q IATF audit - Root Cause Analysis results IATF 16949 - Automotive Quality Systems Standard 5

Similar threads

Top Bottom