"Customer Specific" Internal Audit suggestions needed

[TROQC]

Hi folks! Thanks for all the helpful info posted here. Our last registrar audit states that the "effectiveness of our internal audits could be questioned", even though all systems are covered, and non-conformance's are found (&CA taken) when they are conducted . It was also suggested that our internal audits include an audit of "customer specifics". We basically have taken the ISO standard, and turned it's requirements into questions for each system of our manufacturing, then answer them with evidence. Is this an auditor trying to justify his paycheck, or can anyone makes suggestions on additions or changes that could be made? What is a "customer specifics" internal audit? Any suggestions on how to conduct one? Thanks in advance!

 

[Sidney Vianna]

We basically have taken the ISO standard, and turned it's requirements into questions for each system of our manufacturing, then answer them with evidence.

Your quality system should not exist to "satisfy a standard", but, consistently and cost-effectively satisfy customer expectations because that's what is going to drive them to keep doing business with your organization.

So, your internal audit should, in an intelligent way, assess if your systems and processes are designed to ensure that customer expectations and requirements are being addressed. To that effect, indeed, your internal auditors should be digging into how particular requirements are being handled. Using RBT and a pareto approach, specific requirements of key customers should be prioritized, during internal audits.

You mentioned audit of manufacturing. A true QMS exists way upstream and downstream of manufacturing. Are those processes also being audited? The (ISO 9001) standard requires your internal audit to go beyond the requirements of the standard itself.

 

[TROQC]

 

[JoShmo]

Hi folks! Thanks for all the helpful info posted here. Our last registrar audit states that the "effectiveness of our internal audits could be questioned", even though all systems are covered, and non-conformance's are found (&CA taken) when they are conducted . It was also suggested that our internal audits include an audit of "customer specifics". We basically have taken the ISO standard, and turned it's requirements into questions for each system of our manufacturing, then answer them with evidence. Is this an auditor trying to justify his paycheck, or can anyone makes suggestions on additions or changes that could be made? What is a "customer specifics" internal audit? Any suggestions on how to conduct one? Thanks in advance!

No they ARE trying to be helpful! The auditor is doing what all the previosu auditors should have done but at least someone finally did it! Doing an audit to the standard ONLY isn't really an internal audit! Your supposed to audit youre qms FIRSTLy and the focus should be on the processes - the auditor is addiing customer requirements because they heard that's done in TS and AS audits. It's good to do, but you might have bigger fish to fry.

 

[TROQC]

 

[BoardGuy]

Ideally audits should cover:

1) Requirements of the applicable QMS Standard
2) Internal documentation created by the organization
3) Regulatory/statutory requirements
4) Customer requirements
5) Other applicable requirements

However, most organizations audit reports do not indicate that they have considered these items during audit planning. My organizations audit reports address these items by having dedicated section which is completed as the auditor plans his or her audit.

The sections are:

a) International Standards requirements
b) Internal documentation requirements
c) Customer Requirements
d) Regulatory / Statutory Requirements
e) Other Requirements

If there is no additional requirements then the Standards or internal documentation, the other sections of the form is marked “None”. Once requirements are understood we then verify that documentation meets the requirement before moving on to the process area to verify actual work performance to the document requirements.

 

[JoShmo]

Ideally audits should cover:


2) Internal documentation created by the organization

What happens when the organization chooses not to document? Isnt auditing about "process" not "documentation"?

 

[howste]

What happens when the organization chooses not to document? Isnt auditing about "process" not "documentation"?

This sounds like a rhetorical question. All certified organizations have documentation. Documentation is part of the controls used in a QMS for effective implementation. If I audit a process and don't look at any documentation, I probably haven't done an effective process audit.

Maybe not every process will have procedures or work instructions, but most will have records. In addition, there are system documents that apply to all processes in the QMS.

 

[BoardGuy]

I would add to Howste's comment on this section of ISO 9001:2015:

9.2.1 The organization shall conduct internal audits to provide information on whether the QMS

a) conforms to (1) the organizations own requirements for its QMS, (2) requirements of this International Standard…

The requirements, however communicated, (written procedures, flow charts, pictographs, etc.) have to be verified by the internal audit process. Most organizations processes, such as Control of Nonconforming Outputs (product/service), have a number of documents related to control, review and disposition which describe the process.

 

[JoShmo]

This sounds like a rhetorical question. All certified organizations have documentation. Documentation is part of the controls used in a QMS for effective implementation. If I audit a process and don't look at any documentation, I probably haven't done an effective process audit.

Maybe not every process will have procedures or work instructions, but most will have records. In addition, there are system documents that apply to all processes in the QMS.

"All certified organizations have documentation." - under 2008 maybe.

"Documentation is part of the controls used in a QMS for effective implementation." and...

"In addition, there are system documents that apply to all processes in the QMS." - only where the organization has determined them to be necessary under 2015