Internal Auditing and Police Action

Randy

Super Moderator
#11
I guess I'll have to bow out of this one because I'm apparently venturing into an area in which I have absolutlety no background or experience to draw from.

It's a shame to think there are tons of folks out there auditing that I must have incorrectly instructed over these last few years. I never realized that people and organizations would want to and could embrace a process that focuses on the downside, the broken and the negative. I now understand what precipitates all the yelling and hollering you have previously wrote about. What a remarkable way of doing things, to use our audits as a way of beating each other up until we all get happy, obtain buy-in and cooperation. Halleleujah, we could write a book and title it "Beat your organization to success and improvement".
 
Elsmar Forum Sponsor

Jim Wynne

Staff member
Admin
#12
Randy said:
I guess I'll have to bow out of this one because I'm apparently venturing into an area in which I have absolutlety no background or experience to draw from.

It's a shame to think there are tons of folks out there auditing that I must have incorrectly instructed over these last few years. I never realized that people and organizations would want to and could embrace a process that focuses on the downside, the broken and the negative. I now understand what precipitates all the yelling and hollering you have previously wrote about. What a remarkable way of doing things, to use our audits as a way of beating each other up until we all get happy, obtain buy-in and cooperation. Halleleujah, we could write a book and title it "Beat your organization to success and improvement".
This is a load of cr*p, Randy, and your failure to address any of the points I raised is noted. One of the hallmarks of a lame argument is an attempt to mischaracterize your opponent's position. Who said anything about wanting to "...embrace a process that focuses on the downside..."? Not me. Not the OP, either. That was your little fanciful construction. Go back to my post immediately prior to this one, read my responses, and tell me where I'm wrong.
 
Last edited:
D

David Hartman

#13
JSW05 said:
What if I refuse to kowtow to conventional wisdom and refuse to acknowledge a difference between preventive and corrective? One has to involve the other, and I refuse to play bullsh*t semantic games while being eaten by the crocodile (or is it an alligator with my head in its mouth?) If I encounter a problem, I have a responsibility to contribute to fixing it, and to do what's possible to prevent it from happening again. Without failure, there would be no need for improvement.
You may refuse to ackowledge a difference if you want, but the fact of the matter is that preventive maintenance performed on machinery is done so NOT after a machine fails but as a way of extended the meantime between failure. Corrective action (repair of a broken machine) should include some form of preventive action, but the CA is ONLY performed once the machine is broken.


JSW05 said:
You seem hung up on a false dichotomy--that it's either/or. It's not. Of course we expect doctors to offer preventive advice, but that doesn't mean we shouldn't expect doctors to provide therapeutic services. Illnesses, like manufacturing problems, are sometimes unpredictable. You seem to think that if the doctor identifies a bacterial infection, he should educate us on ways to avoid infection in the future, and forget about the antibiotics. I'd rather have both, thank you.
See above: Yes, it actually IS either/or; but it MAY also be "either/and".


JSW05 said:
Time, chance and gravity happen to all of us. In the case under discussion, the obvious root cause is not the audit system, or the auditor, or some inane discussion of prevention vs. correction. The root cause is failure of leadership, and if there's a downward slide, you need to be careful in identifying who's pushing the sled.
You are so correct that the root cause is a failure of leadership, but as Randy has pointed out the leadership should have understood and communicated the fact that the internal auditors are there as a part of the team, and as such are a tool to be used to not only find where the system is broken but to point out where improvements can be made.

Along the lines of the original post, I also have been in situations where company personnel (middle managers, engineers, technicians, and hourly workers) have gone to the auditors with request that the auditor take the charge in gaining corrective action to problems that this individual (or group) has been dealing with for X-amount of time. This is NOT the responsibility of an internal audit organization, and in-fact I have responded to some of these requests by stating that I would handle the matter by first writing a Corrective Action request to the "requestor" of my services asking for CA to the the problem of them being aware of an issue and NOT seeking Corrective Action. The audit organization is NOT there to help those that are simply afraid to handle conflict. They should deal with their problems.
 
J

jmp4429

#14
Randy said:
The auditor, or anybody else should have identifed the potential for failure and kept it from occurring. Failure can happen, but don't wait for it or focus your efforts on it.
Randy, I'm with you on most of what you're saying, and yes, our corrective action requests do outnumber our preventive action requests at this point. I'm working to change that, but like I said, it's my first trip round the plant. I'm identifying a lot of things that weren't broken during the last audit, but have broken since.

As far as preventive action, sometimes you just don't see failure modes until the first time the failure occurs.
 

Jim Wynne

Staff member
Admin
#15
ddhartma said:
You may refuse to ackowledge a difference if you want, but the fact of the matter is that preventive maintenance performed on machinery is done so NOT after a machine fails but as a way of extended the meantime between failure. Corrective action (repair of a broken machine) should include some form of preventive action, but the CA is ONLY performed once the machine is broken.
Isn't "preventive maintenance" a redundancy? As I said earlier, maintenance (prevention) is preferable to repair. Why not just call them "maintenance" and "repair" so that there's no confusion over "preventive" and "corrective"? The same two terms can be applied to any system, not just machines.

ddhartma said:
You are so correct that the root cause is a failure of leadership, but as Randy has pointed out the leadership should have understood and communicated the fact that the internal auditors are there as a part of the team, and as such are a tool to be used to not only find where the system is broken but to point out where improvements can be made.
No, Randy didn't say that at all. That's what I was saying. Of course internal auditors are "a part of the team," and the OP was at pains to explain that he had tried to explain that his was not a fault-finding mission.

ddhartma said:
Along the lines of the original post, I also have been in situations where company personnel (middle managers, engineers, technicians, and hourly workers) have gone to the auditors with request that the auditor take the charge in gaining corrective action to problems that this individual (or group) has been dealing with for X-amount of time. This is NOT the responsibility of an internal audit organization, and in-fact I have responded to some of these requests by stating that I would handle the matter by first writing a Corrective Action request to the "requestor" of my services asking for CA to the the problem of them being aware of an issue and NOT seeking Corrective Action. The audit organization is NOT there to help those that are simply afraid to handle conflict. They should deal with their problems.
If I understand this correctly, you're saying that a request was made to an auditor, or audit organization, to help with a continuing problem and the response was a CAR against the person who had issued the cry for help? This seems akin to throwing a bowling ball to a drowning man, and just the sort of negativity Randy got excited about. I can't speak directly to the situation(s) you're referring to, having no knowledge of the political climate in the company, but I thought that one of the basic rules was that CARs should never be used as weapons.
 
#16
I have found there are times where I have to act as a "Cop". In fact, almost every nonconformance I've written, the auditee knew of the nonconformance prior to the audit! However, the pain of change did not exceed the pain of staying the same until after the nonconformance was written. To me, this means that the organization is not “living” the quality policy. However, my experience is that most folks in an organization really don’t care about things, until they feel the pain.

There are other times, where I acted as an agent of improvement (which I separate from preventive actions). In one case, that I've written about before, was where a trucking company had to track something to meet 4.20. Although it was not helpful, they tracked sales. During the audit, the Safety Director indicated that a particular driver just got another ticket. I suggested they track tickets instead. It would meet the 4.20, and give them something to make decisions and improvements on.
 
#17
A bit of a debate here, eh? Ok, here's my take:
jmp4429 said:
The philosophy of internal auditing here has always been not to come across as a “police force” trying to catch people screwing up.
Agreed. The police type audit does not add any value whatsoever.
jmp4429 said:
We try to take the stance of “We’re the team that’s going to help you prepare for the external audit.”
Our aim is to dig up improvement potential... Plain and simple.
jmp4429 said:
And I’ll admit, we don’t always write up every nonconformance that we find – if it’s a minor problem that is not likely to occur again, we may at our discretion just pull whoever is responsible aside, tell them what we found, and say it needs to be fixed.
Sounds good to me.
jmp4429 said:
When I took the NCR to the head of maintenance, he was furious and wanted names. I tried to explain that the people weren’t at fault, but that something in the check system allowed the checks to be occasionally overlooked. He acted like he understood, but when I walked away from his desk he started shouting for the setup guys to come over to his desk.

When I went a few weeks later to verify the corrective action was completed, I went to the same setup guy I had talked to during the audit and said “Can I ask you a quick question?” He said “Last time you did that, I got yelled at.”
A thoroughly poor show by the mgr in question. If that is his normal management style, I would hate to work for him. Others have already pointed this out, but really: It's his area of responsibility, and it would seem that he is the one not having his act together. I'm not suggesting any yelling at all, but maybe he is the one most in need of it?
jmp4429 said:
Now when I even walk by that area, the setup guys get nervous. Even though I don’t act like a police officer, the result is the same. Now chances are, next time I audit the setup area, the guys will hide paperwork, try to avoid me, and lie about what’s going on to cover their butts. That doesn’t make for an effective audit.
Yep. the trust went out the window, and it will take a lot more time to regain it, than it did losing it.
jmp4429 said:
Anyone have these kinds of problems, and how did you handle them?
Actually no... Not these days. When I came here, however, people were very much on guard. It would seem that they had been subjected to something like this before my time, so why should they trust me?

Today most of them do. It took years to earn that trust, and if anyone should shred it with a performance like in the example given I would most definitely have a very grave talk with that person.

/Claes
 
Thread starter Similar threads Forum Replies Date
S ISO 9001:2015 Internal Auditing Internal Auditing 8
A What are the pros and cons of using an audit software for internal auditing? General Auditing Discussions 7
S Risk based internal auditing Internal Auditing 6
F AS9100D Internal auditing requirements Internal Auditing 11
R Does any here use an internal auditing tool that works on different platforms? Internal Auditing 3
W Does anyone have an API Q2 checklist for internal auditing? Oil and Gas Industry Standards and Regulations 1
blackholequasar Internal Auditing Inspiration - Getting volunteers to perform internal audits. Internal Auditing 22
W Internal Auditing carried out by a 3rd party - Review of previous audits AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
S Internal Auditing for API Spec Q1 - auditor qualification requirements Oil and Gas Industry Standards and Regulations 6
E Informational Internal Audits - Wear multiple hats what can and can't I audit (so I'm not auditing my own work) Internal Auditing 149
N Online Internal Auditing Course for ISO 13485 - Suggestions ISO 13485:2016 - Medical Device Quality Management Systems 8
U Internal auditing - Company employees or contract second party Internal Auditing 10
K Internal Auditing - Umbrella QMS and Multiple Standards Oil and Gas Industry Standards and Regulations 4
D Auditing Our Outsourced 2nd-3rd Party Internal Audit Company ISO 13485:2016 - Medical Device Quality Management Systems 6
G AS9101 Rev F - Worksheets for internal auditing AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 11
S ISO 13485:2016 and MDSAP internal auditing ISO 13485:2016 - Medical Device Quality Management Systems 6
S ISO 9001:2015 - Internal Auditing - Audit to the Standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
R Internal Auditor auditing Internal Audit Procedure (AS9100) Internal Auditing 18
M Is Automated Internal Auditing Possible? Internal Auditing 13
C Internal Auditing Requirements (ISO 9001:2008) Internal Auditing 3
L Auditing Design and Development in ISO 9001 (Internal Audit) Internal Auditing 1
sswaim Auditing Internal Laboratory Personnel for Competence General Auditing Discussions 4
K Internal Auditing a previous Nonconformance? Internal Auditing 19
P Recommended books on ISO 27001:2013 Implementation and Internal Auditing IEC 27001 - Information Security Management Systems (ISMS) 4
M Are auditing checklists required for Internal Audits? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
B ISO/TS16949 Internal Auditing - How many auditors? Internal Auditing 4
B PFMEA, Internal Auditing, Corrective Action Training In Native Language (China) Training - Internal, External, Online and Distance Learning 1
Gman2 Internal Auditing Requirements before ISO 9001 Registration ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
S Auditing TS 16949 Cl. 7.6.3.1 - Internal Calibration Laboratory Requirements IATF 16949 - Automotive Quality Systems Standard 8
T ISO 9001 Internal Auditing Auditor Training in Amsterdam Training - Internal, External, Online and Distance Learning 1
S In an internal auditing desert and I'm the only one here.... AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 15
G Internal Auditing in a Multi-Site Environment ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
B Internal Auditing of MDD and CMDR Requirements Other Medical Device Related Standards 5
O Internal Auditing in small Engineering company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
T Looking for a webinar on Internal Auditing General Auditing Discussions 3
R On Auditing Internal Audit Process - How Independence can be Established Internal Auditing 4
D Auditing Abroad - Internal Audits of our European Sister Companies ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 16
R Auditing a process outside the realm of the formal Internal Audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
G New to Internal Auditing - Best questions to ask? Internal Auditing 17
M Auditing the Internal Audit Process - 8.2.2 General Auditing Discussions 2
J Auditing the Internal Auditing Process - Audit Nonconformance General Auditing Discussions 3
S Internal Auditing related to RISK Internal Auditing 9
W Internal Auditing - Observational Checklist for a Behavior Based System Internal Auditing 3
R Internal Auditing Checklist - Major NCR because the Checklist was not Completed Internal Auditing 17
V Depth of Internal Auditing and Training aspects in Research & Development (R & D) Internal Auditing 4
N Good Internal Auditing Training Courses Training - Internal, External, Online and Distance Learning 13
L Internal Auditing Reports / Documents - Design and Content Document Control Systems, Procedures, Forms and Templates 1
N Recommend internal auditing training 101 please (Tucson or Phoenix, AZ) Training - Internal, External, Online and Distance Learning 1
L Internal Auditing - How can I audit my QMS independently? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
C Internal Auditing - How to make it useful? Internal Auditing 36

Similar threads

Top Bottom