Categorizing Internal Audit Findings

L

lljungberg

#1
We are trying to agree on one common process for internal audits for the whole of the organization, where there at the moment are something like 10 different processes!
At the moment we are discussing how to categorize audit findings and most have major, minor and observation. But how would YOU define these?
From earlier training in audits my definitions are something like:
Major finding: a requiement in the standard is not fulfilled at all, basically never.
Minor: a requirement is sometime not fulfilled (where is the breaking point between major and minor...).
Observation: something that is typically not working as it should, e.g. not efficient.

/Lars Lj
 
Elsmar Forum Sponsor

somashekar

Staff member
Super Moderator
#2
Categorizing internal audit findings as major or minor and feeling happy by terming many a findings as minor is common. . . . . . :biglaugh:
As it is internal audit, your categorization must assist you in giving proper directions to the corrective action approach. CB's have a different purpose in categorization as minor / major to derive time needed for response by company based on sevearity of findings. You need not enumerate the CB in your internal categorization.
We have a different system to rate them and this does not have anything about a major or minor. We have
a. System is not defined
b. Implementation failure
c. Procedures or practice not effective
and this is working well for us ....
 
Last edited:

Colin

Quite Involved in Discussions
#4
What does it matter what you call it? If there is a problem, it needs fixing, no matter whether you call it major, minor or whatever. For me the importance can be dictated by the timescale you attach to resolving it.
 
L

lljungberg

#5
The mail reason for the categorization is to turn up the heat on findings that are more important. If there is an "old" finding that has not been fixed we can raise the finding from minor to major to get more attention. As far as I know there is no requirement on this but in our experience it can help.
/Lars
 
T

trainerbob

#6
I prefer not to use categories for internal audit findings. But if you choose to do so think in terms of a major as not only a non-fulfillment of a requirement of the standard but also as the possibility of non-conforming product or service going to the customer as a result of the non-conformance. Anything else would be a minor.
 
N

needimprovement

#7
The mail reason for the categorization is to turn up the heat on findings that are more important. If there is an "old" finding that has not been fixed we can raise the finding from minor to major to get more attention. As far as I know there is no requirement on this but in our experience it can help.
/Lars
Experience has shown me that a lot of time wasted naming "minors" and "majors" but since your reason of doing so is to prioritize nonconformitites with significant impact on the organization, or maybe cost of taking action etc, go ahead. If that will work for you, "why not?".

 

Colin

Quite Involved in Discussions
#8
The mail reason for the categorization is to turn up the heat on findings that are more important. If there is an "old" finding that has not been fixed we can raise the finding from minor to major to get more attention. As far as I know there is no requirement on this but in our experience it can help.
/Lars
Fair point - but does that lead people to think that they only have to really do something once it has been upgraded? ;)
 
#9
We are trying to agree on one common process for internal audits for the whole of the organization, where there at the moment are something like 10 different processes!
At the moment we are discussing how to categorize audit findings and most have major, minor and observation. But how would YOU define these?
From earlier training in audits my definitions are something like:
Major finding: a requiement in the standard is not fulfilled at all, basically never.
Minor: a requirement is sometime not fulfilled (where is the breaking point between major and minor...).
Observation: something that is typically not working as it should, e.g. not efficient.

/Lars Lj
Unless the CONTENT of the audit reports is significant to management, it won't matter what you call them, they still won't get attention. Calling them 'major' doesn't make them 'major'. Don't waste your time coming up with terminology, focus more on the scheduling of audits as a service to management, so that when you do have something serious to report, they take action...
 

Randy

Super Moderator
#10
Call the more important ones "Apple findings" and the less important ones "Orange findings", or better yet how about "Red & Yellow" or "level 1 & level 2" or "Bad & not so bad"

As others have said call them anything you want or call them nothing other than "nonconformity"

Oh yeah...A "finding" by definition can be conformity as well

In the end you may find that time may have been better spent trying to develop a solid cause analysis process than worrying over a term.
 
Thread starter Similar threads Forum Replies Date
M Deficiency Taxonomy - Categorizing Deficiencies within my Organization Problem Solving, Root Cause Fault and Failure Analysis 4
Q Use As Is, Repair, Rework - Useful when categorizing? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
Q ISO 9001-2015 Internal audit finding Internal Auditing 12
lanley liao How to understand this words that the planning of internal audit shall take into consideration the results of previous audits? Oil and Gas Industry Standards and Regulations 10
A Add MDSAP to Internal Audit Schedule Medical Device Related Regulations 0
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
M ISO13485:2016, MDSAP and Internal Audits ISO 13485:2016 - Medical Device Quality Management Systems 8
S IATF 16949 Internal Audit Example IATF 16949 - Automotive Quality Systems Standard 7
R AS9100D internal audit checklist or ISO 9001 2015 to AS9100 D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
S Would this be a second site for the purposes of internal and third party audits? General Auditing Discussions 4
V Internal Auditor Competency KPI IATF 16949 - Automotive Quality Systems Standard 14
J ISMS - Internal Audits Internal Auditing 3
M ISO 13485:2016 internal audit checklist Medical Device and FDA Regulations and Standards News 5
S ISO 9001:2015 Internal Auditing Internal Auditing 8
A Internal Audit Questions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
L Documented Information in Internal Audits Process (9.2) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
salaheddine96 Internal audit planning Internal Auditing 2
D CB and customer audits considered as internal audits? General Auditing Discussions 9
M ISO 9001 Major Nonconformance Internal Audit Schedule/COVID-19 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
E MDR internal audit Internal Auditing 1
B Internal Auditor Competency - Product Auditors Internal Auditing 9
U Internal Auditor not trained but done Audit for some process Nonconformance and Corrective Action 5
F Internal transfer of work from one line to another? Qualification and Validation (including 21 CFR Part 11) 3
B Looking for 10 Internal Audit Online Training Participants ISO 17025 related Discussions 2
R Monitor production quality - Internal KPIs Manufacturing and Related Processes 5
R IATF 16949 - Outsourcing of internal audits Internal Auditing 10
M Major vs. Minor for Internal Audits? Internal Auditing 10
T Internal Nonconformance procedure thoughts (AS9100) AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
M Tips on preparing for IATF 16949 Internal Lead Auditor exam Manufacturing and Related Processes 1
C Internal Audits in a tiny Dx Company Internal Auditing 33
H AS9100 Checklist for Internal Audit needed AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
A What are the pros and cons of using an audit software for internal auditing? General Auditing Discussions 7
F Internal Audit before Pre-Assessment ISO 17025 related Discussions 2
Q Internal audit plan template Internal Auditing 12
E PEMS Hazards - IEC 60601 Clause 14.6 - Internal data use - Pressure sensor IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
L Internal audit during COVID-19 restrictions ISO 13485:2016 - Medical Device Quality Management Systems 5
A QMS Overhaul - Reorganizing and Renaming Documents - Internal References Document Control Systems, Procedures, Forms and Templates 24
N Sampling Plan for Internal Audits - ISO 2859 or 3951 - Or Neither? Internal Auditing 6
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
B Using Unreleased Documents & Process Maps for Internal Audit purposes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
M Help me improve the definition for internal PPM Manufacturing and Related Processes 3
S ISO 13485 Lead Auditor - Debate between our Quality Team and Regulatory Auditor - Internal Auditor Training ISO 13485:2016 - Medical Device Quality Management Systems 17
S Risk based internal auditing Internal Auditing 6
O Informational Scaling back internal audits due to corona virus while avoiding a NC Internal Auditing 7
N Small Company - Internal audit process - Who does the audit? Internal Auditing 16
J Does anyone have an excel IATF 16949 Internal Audit checklist I could use? IATF 16949 - Automotive Quality Systems Standard 7
G Addressing Non-Conformances from an Internal Audit that are not product related ISO 13485:2016 - Medical Device Quality Management Systems 11
S Software for Supplier Charge back and internal PPM General Information Resources 2
G Internal Audits and Employee engagement Internal Auditing 16
I What direction do you provide your internal auditors on OFIs? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 38

Similar threads

Top Bottom