Consistently Late Internal Audits- Any Suggestions?

[John Broomfield]

No, they cite our company's requirement. The corrective action team is informed of which of our company requirements were not met.

Product nonconformities are reported citing the applicable requirements to guide their correction or disposition.

Likewise with system nonconformities to facilitate any necessary corrective action.

System requirements may or may not be completely specified by the organization. Organizations intending to develop and maintain their system in conformity with a system standard tend to refer to the applicable standard(s). Is this what you mean by “company requirement”?

As I see it the requirements may be internal and/or externally sourced.

 

[John Broomfield]

Not in my experience. They send them to a course and that's it. Internal auditing is NOT seen an a career enhancement in many organizations. Management cannot desc

So much for the world’s most reliable accredited certification!

 

[AuditFan]

So much for the world’s most reliable accredited certification!

Huh?

 

[John C. Abnet]

Remember all. It is the auditor's job to "provide information" (ISO 9001 9.2.1) and utilizing a process approach (vs the specific clause) helps the internal auditing focus on what actually does vs. doesn't take place specific to the intended operation and removes the audit from a "silo" allowing (encouraging) the broader understanding of how the process being audited sequences and interacts with upstream and downstream processes.

Deep knowledge and understanding of the standard can indeed be valuable, however, most internal auditors (consistent with the points made above), do NOT have this understanding and they also have a "day job" which keeps them occupied otherwise.

In my experience, having the auditors simply "provide information" and then allow the local "management rep"(or..whatever term is given to the individual(s) with the intimate understanding of the standard(s) ) to parse the "provide(d) information"...determine the need (or not) for nc and resultant corrective action.....identify the relevant internal/or international rule (clause) being violated, unencumbers the internal auditor.

These are as result of my experiences utilizing internal auditors in a manufacturing setting.

Hope this helps.
Be well.

 

[bbuss]

This may seem like a "no brainer" for some, but you have to be in a similar position as I am to understand the difficulty I am having. Our Internal Auditors are not full time auditors. Auditing is the "second job." They do receive external and internal training AND are given $1,000 a year to perform 2-3 audits per year. The audits must be submitted on time (I give them 30-45 days to complete) to receive the bonus. I have a meeting prior to the 2 audit cycles (March and September), assigning the audits and providing the auditors with information about the process they will audit. I have five auditors, four of them complete one audit and one auditor has to complete two in each of the cycles. Over the last two years audits have been late ever cycle. For 2020, it was one or two late. In 2021 I had 2-3 late for the both cycles. We DO NOT have a separate Quality department (yes, there lies the problem) and I also have full time role beside Lead Assessor. So my question: does anyone have suggestions on what I can try to get auditors to complete their audits on time? I have tried talking to auditors prior to due dates (I get the standard answer, "yeah, I'm almost done" answer). I have asked the management representative (that passed along this role to me) for assistance multiple times. I have lobbied for a Quality "department" with me and two others that could perform audits throughout the year along with other QMS related tasks. I spelled it out the roles and responsibilities, but it was rejected (I've brought it up in two of my last three yearly reviews). Our next Surveillance Audit is in March, so the late audits will be (Major?) Finding (was one in 2020.2 audit). Having responsibility with no authority is not fun, so any insight or suggestions would be appreciated.

I am a professional Lead Auditor, specializing in ISO9001 and AS9100 (aerospace). I also get paid to do them by my clients. I can assure you that if any of the following happened:
1) My audits were not conducted in line with the internal audit plan my client agreed on.
2) My reports were finished late
3) I ever told my client "I'm almost done" without providing a commitment date to complete the report.
4) My activities (justifiably) ever resulted in a non-conformance or major non-conformance

I would lose the client and my reputation as an auditor.

I think you just need to take the same action. Relieve the auditors as a result of them not meeting agreed deadlines, select new auditors who will happily get paid $1000 to deliver what they themselves agreed to, or hire a third party who has already decided they will make a career out of customer service, satisfaction, and making clear commitments.

 

[AuditFan]

Relieve the auditors as a result of them not meeting agreed deadlines, select new auditors who will happily get paid $1000 to deliver what they themselves agreed to

Brian: Isn't this a band-aid?

 

[Jen Kirley]

I would appreciate the extra money, but is the time-scale audit bonus rewarding, compensating, or reminding someone of how little control he/she has over his/her workload? It seems like punishment for something they can't control, if their manager(s) aren't placing any support on this necessary process and they just don't have the time to complete the audit - or if the process is complicated or something happens too slow things down.

In the end, that lack of management support is what this is about.

 

[Big Jim]

The requirement cited is the internal requirement, which should be in line with the requirement(s) of the standard. Like @Mike S., except in the very beginning (1990ish) I've always done it this way. CB auditors don't like it in the main because they have to do some cross-referencing, but it's the organization's responsibility to meet the requirements of the standard, and the CB auditor's responsibility to verify that.

That be true but it is not to your advantage to make the CB auditor's job any harder than it needs to be.

 

[Big Jim]

The internal auditor must be familiar with the organization's process requirements. Isn't this always the case?

Sadly no.

 

[Big Jim]

Really?

My internal auditors, I think every one of them I've ever had, would disagree with you. Maybe they, and I, are just incompetent.

If they don't understand the standard how on earth are they going to be able to determine if your documentation meets the requirements of the standard? Are you just trusting the consultant that set it up a few years ago? What do you do when you revise how you are doing something to ensure you haven't drifted away from the standard?

Education is needed for as many as need it.