Internal Audit Schedule Conformance


We are certified to ISO 9001 and I was wondering what you guys think about this?

In the past we have published our Internal Audit Schedule to the organization and if for one reason or another the audit was not done on the scheduled date, we would just update the schedule with a new date and complete the audit.
Moving forward, I want to track and measure the audits that are not completed on the scheduled date leaving the completed date as "Late". I am curious if this would cause a nonconformance during or Surveillance Audit. (Per 8.2.2 - "The organization shall conduct internal audits at planned intervals") If I identify it and maybe create a Corrective Action will this suffice, or can I leave it, and during Management Review identify the issue but not require a CAR? Or should I just keep updating the schedule?

Just looking for some opinions.



In keeping with the spirit of things, follow your business process and let IS09001 be a guiding factor for you rather than following the ISO9001 keeping business outside.
Remember that like all other activity, internal audit is also a planned activity and plans can change under changing circumstances.
Be true to yourself and do not show undue delay in any of these.
Or should I just keep updating the schedule?
A plan vs actual will just be good. ...again no undue delay

Sidney Vianna

Post Responsibly
Paul, don't overlook (as the vast majority of organizations do) the REQUIREMENT from the standard which reads:
An audit programme shall be planned, taking into consideration the status and importance of the processes and areas to be audited, as well as the results of previous audits.
In the real world, it is very unlikely that all business processes have the same degree of criticality and importance, in terms of product conformity and customer satisfaction.

In the real world, it is very unlikely that all business processes/departments have the same degree of discipline in terms of sticking to the QMS.

Without using the word risk, ISO 9001 intends organizations to have a risk-based approach to scheduling their internal audits. Many times, there will be very little residual risk if an internal audit gets delayed/postponed, but sometimes, when audits are conducted effectively and there are significant risks to be mitigated, internal audits should not be rescheduled willy nilly, since that practice would be (unintentionally) conveying the message that internal audits are not that important.

If internal audits are conducted in a way to really identify business risks and (as importantly) identify/trigger opportunities for improvement in effectiveness and efficiency, top management would be on top of the program and resist excessive rescheduling. It all boils down to the degree of (perceived) value and importance the organization places on the internal QMS audit program.

insect warfare

QA=Question Authority
Trusted Information Resource
In my experience it should not incur a NC, if you have established a plan of action (corrective action) which can be demonstrated or shown to your CB as being implemented and/or followed up on.

Maybe your internal audit procedure(s) are creating constraints, or maybe your auditors are doing this on purpose, or maybe there is just lack of incentive, but somewhere there a fundamental reason exists for your current situation and corrective action will eliminate the root cause and get you back on track.

Brian :rolleyes:
Last edited:


Like Jim suggested, I have mine scheduled during a month. No dates. I have never had anyone question this so far.


Thanks guys for the feedback. I believe there is an issue and that is why I want to start tracking the audits that are late, bringing the issue to Upper Management's attention.
I realize that other departments may not see the value of the internal audit system. I want to determine if this is happening in certain departments, with certain auditors, or with certain auditees on a regular basis.
One reason I didn't want to change the dates or open the dates up to allow flexibility was because I want to see what the trends are (Who, what, when, why). But, at the same time, I do not want to open the system up for a nonconformance.


Moved On
Paul, in all practicality you are going to track something which is, frankly, a waste of time! As Sidney correctly posted, your emphasis should not be on trying to predict when to do audits by calendar, but by those things which present risks. You don't need a crystal ball to do the risk-based thing. And, more importantly, you are NOT required to determine a whole calendar of audits - despite what an external auditor might believe!

Far better time is spent working with your management team to find out what's keeping them awake at night! You won't find too many times when the audits are missed. In fact, you may find you are the reason - trying to play catch up!:cool:


Currently, I am using a weighted scoring template to calculate the risks for our audits. This is based on Upper Management request, business impact,
any changes to the management system, findings from last audits(Internal/External) and date of last audit occurance. This is then transfered to our audit schedule calendar.

The problem is that the missed audits have never been reported and I am sure that the Upper Management has not been aware that the audits have been rescheduled. (Maybe the system could get some support.)
Although you maybe right, and it is a waste of my time because the audits are getting completed and there are definitely bigger fish to fry. It is just something that would be easy to track and drill deeper into determining if there are any commonalities.


IMHO, I think what would add MORE value to the organization is to track the nature of internal audit finidngs. Is it happening over and over in a particular department, is the kind of issue spreading through all departments, is it the same auditee all the time.
Internal audits at planned intervals does not necessarily mean doing it in the specified date, well its good if it is. The most important date is the actual date the audit was conducted.
Missing the right time to conduct an audit could possibly lead to a business risk - as long as there is no foreseen risk changing the date won't matter too much. So don't worry about it, focus on what adds value to the organization.
Last edited by a moderator:
Thread starter Similar threads Forum Replies Date
D Opinions on internal audit schedule adjustment Internal Auditing 23
T AS9100D Risk-Based Internal Audit Schedule AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 10
J Internal Audit Schedule IATF Internal Auditing 4
A Add MDSAP to Internal Audit Schedule Medical Device Related Regulations 0
M ISO 9001 Major Nonconformance Internal Audit Schedule/COVID-19 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
N Internal Audit Schedule – Who gets to set the schedule? Internal Auditing 16
T Internal Audit Schedule when Hiring Out Internal Auditing 7
R How far apart can you schedule separate areas or departments in your internal audit? Internal Auditing 4
A API Spec Q1 9th Edition - 12 month Internal Audit Schedule Audit Nonconformance Oil and Gas Industry Standards and Regulations 10
J AS9100D - Good ways to document an internal audit plan / schedule Internal Auditing 25
D Please share your IATF 16949 Internal Audit Plan and Schedule Internal Auditing 13
P Internal Audit Schedule Complexity (ISO 9001:2015 ) Internal Auditing 3
A Developing a ISO 9001:2015 Internal Audit Plan and Schedule Internal Auditing 50
M Example Internal Audit Schedule wanted Internal Auditing 47
S No Audit Schedule and Internal Audit not Performed ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 20
L R2 Certification Internal Audit Plan, Audit Sheet, and Schedule Manufacturing and Related Processes 2
S Help me with preparing Internal Audit Schedule based on Risk analysis 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
L ISO 13485 Internal Audit Schedule example needed Internal Auditing 9
M QSIT-Based ISO 13485 Internal Audit Schedule Internal Auditing 8
C Does anyone have an example of an ISO 14001 Internal Audit Schedule ISO 14001:2015 Specific Discussions 2
J Timing of an Internal Audit Schedule ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
R Receiving inspection and Internal Audit schedule ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 20
J Internal Audit Schedule - Please review my Internal Audit Schedule Internal Auditing 19
S Internal Audit Procedure and Schedule example Internal Auditing 2
T Internal Audit Plan/Schedule wanted Internal Auditing 19
J Internal Audit schedule & Process Audit Checklists Internal Auditing 3
U Internal Audit Schedule for Multi-site certificate? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 15
S Internal Audits not performed - Useful data from internal audit schedule Internal Auditing 31
V Creating an ISO 14001 Internal Audit schedule Internal Auditing 13
GStough Internal Audit Frequency Schedule: Monthly, Quarterly, or Bi-Annually? Internal Auditing 46
V Is there a requirement for Internal Audit Schedule to be Approved? Internal Auditing 11
P The Optimal IA Schedule - How should the Internal Audit Schedule be set up? General Auditing Discussions 26
N Creating an Internal Audit Schedule Internal Auditing 48
B TS16949 internal audit schedule template Internal Auditing 4
A Internal Audit Schedule Updates - Necessity of a revision date on the schedule Internal Auditing 8
B ISO 13485 Internal Audit Schedule needed Internal Auditing 2
R ISO19011 Internal Audit Schedule - Should it have to be approved? General Auditing Discussions 12
W Internal Audit Schedule - Seeking Examples - Quality Audits Internal Auditing 14
R Internal Audit Schedule samples Document Control Systems, Procedures, Forms and Templates 9
L Internal Audit Schedule - Frequency of internal audits Internal Auditing 9
Crusader Internal Auditing to ISO 9001 - How to schedule/plan and perform an ISO audit Internal Auditing 31
T Developing TS-16949 Internal Audit Schedule - Seeking Example and Advice Internal Auditing 9
F AS9100 Internal Audit Schedule - Seeking Example AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
C Internal Audit Schedule - Documentation requirements for Internal Audits Internal Auditing 10
R Problem interpreting Element 4.17.1 Internal Audit Schedule Internal Auditing 3
R Internal audit schedules - Where does it say that I need an annual schedule? Internal Auditing 13
M Changing the internal audit schedule Internal Auditing 11
T AS9100 Internal Audit (Quality System) Program AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
K VDA6.3 as internal audit tool VDA Standards - Germany's Automotive Standards 8
H Internal Audit on Third-Party Logistics (3PL) Warehouse ISO 13485:2016 - Medical Device Quality Management Systems 4

Similar threads

Top Bottom