Internal Audits For Multiple Sites - 80 locations but only one is ISO 9001:2000

M

MarilynJ6354

#1
#1
Internal Audits For Multiple Sites

We have 80 locations but only one is ISO 9001:2000 certified. However, every location follows the same quality system. Many customers are auditing the non-certified locations and writing nonconformances for not doing internal audits. At non-certified locations, is it possible to do partial audits or maybe audits at each location every few years? Also, if the documentation is being audited annually for the certified location, I don't think we should have to do an internal audit on the documentation every time we audit another location since the documentation is the same for every site (this is an online quality system with forms, SOPs, Quality Manual, etc.). Can I change the procedure to indicate only full audits are conducted at certified locations? Please advise...thanks!:ca:
 
Download Free White Paper
Elsmar Forum Sponsor
J

Jim Biz

#2
#2
Thoughts to ponder

Hmmmm???

First impression is what level of customers do you have??

Why? would a customer
1) Do any type of "Formalized audit" of a non-certified facility?
(Other than for their own informational purposes)
2) Feel it necessary to issue a written nonconformance??

In situation one - nothing that I know of would make an "audit anything more than a "Lets look see what you are doing"
Oh sure there are customers out there that have heir own definitions of "Audits" but IMHO if they know their business that should "Rule Out" the formalization of the process.

In situation two - ok so a customer writes a nonconformance on a situation that you have recognized from past history - what's the penality ?? - It might make the customer feel better - you can put the remarks into a customer comlaint file for future focus or customer satisfaction (informational) file - but unless/until the facility being "audited" is prepared to be registered - its "just an opinion" anyway.

Can you write into the system that says audits are conducted at certified facilities only - sure but usually thats a "given" --

Upon further reflection

?? Where did you write into the system that non-certified facilities would folow the certification documentation to begin with?? - Does the Scope of your manual state that the policys & actions apply to all facilities - certified or not?

Then again this all could change IF you are claiming somehow that "All facilities" are self certified or operating under certified systems documentation.
Havent looked latley but at least in ISO9000- there is NO clause or case for Exemption of auditing.
 
Last edited by a moderator:
M

MarilynJ6354

#3
#3
RE: Thoughts to ponder

These are mostly aerospace customers but for instance today it is Honeywell. They know these facilities are not certified but they require compliance. They hire outside companies or have inside auditors perform the audits, which are identical to ISO audits. I do the internal audits for our ISO facility but I can't fly all over the country doing each location and we don't have the manpower to train internal auditors for every location and manage separate audit schedules for each one.
 
J

Jim Biz

#4
#4
Well - there "May" be a way to satisfy them as long as they "know" the facilities are not certified.

Create an Internal audit completion checklist - post it on your companies network & require each facility to do a check-off report yearly (not a "formal ISO internal audit mind you) just an informal

a Yes/no we reviewed the System documentation Model dated __
b Yes/no we are in compliance with sections 4.1-5.X 6.X etc.
c yes/no We feel due to review the system could be improved at our site with the addition of _____ or change to _____

Gather the information at your site and use it as a benchmark for overall compay improvements.

:bonk: Only other thought is that IF they insist on pushing the issue you could also do a cost study and inform them what costs would be passed on to them with the demand for internal ISO audits be conducted at each "Non certified" facilitiy.
 
T

tomvehoski

#6
#6
Marilyn,

I don't see how you could claim an individual facility is compliant to ISO 9000 if there is no type of internal audit done. You could also be risking problems at your headquarters location since you are not following the customer requirement of being ISO compliant.

Also, if you are not doing audits, how do you know there are not other parts of the system that are not being implemented? How do you know if site # 79 complies with 100%, 50% or 0% of your corporate requirements?

Options I could see for you include:

1. Make up some checklists of the system requirements. Make these specific to your operations. Since all 80 sites are the same, you only have to make them once. Use questions built on your specifics - for example:

ISO Question: Is there a system to identify and segretage nonconforming material.

Your site question: Is nonconforming material in house identified with form # ABC-123 and stored in the designated holding area? Is there evidence the MRB board has met to disposition material as required by SOP-1234? Are monthly pareto charts of NC causes and dollars lost maintained as per SOP-9999? and so on.

Setting up checklists like this should make it pretty easy for your site people to audit their owns system without the need for much training.


2. Select a sample of sites to audit each year. Make it clear to your customers that it is quite possible each site will not be audited each year, but a sample is taken throughout the company and as long as the system seems to be working elsewhere, all locations are covered. This would basically be the same as the corporate registration scheme.

The negative with this plan is that if one site fails, you need to consider that all have failed since it is not clear if the system is implemented or not. Nonconformances or other issues could be a trigger for an audit, but can also show that the site is not in compliance with the requirement.

3. Consider your customer audits the same as an internal audit. This does not meet the true intent of auditing your own system, but it is better than saying you don't do any auditing at all. I doubt this would pass your customer's review, but you could give it a shot.

I agree that if you documentation is the same everywhere, you only have to audit it once.

My suggestion would be a combination of #1 and #2 above. Implement a site self assessment checklist and have them communicate them back to HQ. Based on findings, schedule audits from corporate for A. all facilities that rated themselves low and B. some facilities that rated themselves perfect/high. This will help you improve the "honest" facilities and also weed out of the system the potential of pencil-whipping the audit for the sites that think nobody will check up on them.

I have a client now with close to 400 sites that uses this basic system. They do have a team of about 25 full time auditors that perform on-site audits, but it could be a few years between audits for a single facility. They still have to do a self assessment at least annually.

Hope this helps. Let me know if you could use any additional help.

Tom
 
M

MarilynJ6354

#7
#7
Thanks for the additional suggestions. This particular location use to do internal audits but the person who did them left. I was not made aware that they were suppose to be compliant until 3 weeks ago, and they basically are except for the audits. I will let management decide how to proceed. I appreciate your input!:bigwave:
 
J

Joe Cruse

#8
#8
Marilyn,

If your company has videoconferencing capabilities, that can help you get with personnel at other sites to work on some of your internal audit work. Our corporate office and customer service center is several hundred miles away, and we started doing our internal audits via this route, along with fax machine to send requested document/records sampling. Our registrar likes this approach, and it saves us money/time in the long run.

"First impression is what level of customers do you have??

Why? would a customer
1) Do any type of "Formalized audit" of a non-certified facility?
(Other than for their own informational purposes)
2) Feel it necessary to issue a written nonconformance??"

We've been ISO certified for nearly 10 years, and still have 1-3 customers per year come in and audit us, sometimes to QS or TS standard. We audit any major supplier that is not certified, once every 3 years.
Most of our customers send us surveys every year. If you are not ISO/QS, then they want you to have some kind of formal QMS in place, which usually includes self-auditing.

I would agree with the suggestions on implementing internal audits at your other facilities.

Regards,

Joe
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
E Informational Internal Audits - Wear multiple hats what can and can't I audit (so I'm not auditing my own work) Internal Auditing 151
G Performing Internal Audits by Phone? Multiple International Sites Internal Auditing 6
D What are the rules regarding coverage in internal audits? IATF 16949 - Automotive Quality Systems Standard 0
D What are the IATF rules regarding doing internal audits remotely? IATF 16949 - Automotive Quality Systems Standard 2
A Internal Audits - skipped clauses? Internal Auditing 11
L Internal Audits during the MDR Transition Period EU Medical Device Regulations 5
L Internal audits for IATF IATF 16949 - Automotive Quality Systems Standard 7
E FDA & Internal Audits US Medical Device Regulations 3
G NC criteria during internal audits ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
B Consistently Late Internal Audits- Any Suggestions? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 116
cgaro62 Using internal audits as part of document reviews Document Control Systems, Procedures, Forms and Templates 21
S Is it required to complete Internal Audits within one year? ISO 13485:2016 - Medical Device Quality Management Systems 29
C First Round of QMS Internal Audits - Ethical Dilemma Internal Auditing 10
T How to conduct combined internal audits (9001 and 13485) Internal Auditing 1
A ISO 9001 Internal Audits - No production right now due to furloughs Internal Auditing 5
lanley liao How to understand this words that the planning of internal audit shall take into consideration the results of previous audits? Oil and Gas Industry Standards and Regulations 10
M ISO13485:2016, MDSAP and Internal Audits ISO 13485:2016 - Medical Device Quality Management Systems 9
S Would this be a second site for the purposes of internal and third party audits? General Auditing Discussions 4
J ISMS - Internal Audits Internal Auditing 5
L Documented Information in Internal Audits Process (9.2) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
D CB and customer audits considered as internal audits? General Auditing Discussions 9
R IATF 16949 - Outsourcing of internal audits Internal Auditing 11
M Major vs. Minor for Internal Audits? Internal Auditing 10
C Internal Audits in a tiny Dx Company Internal Auditing 33
N Sampling Plan for Internal Audits - ISO 2859 or 3951 - Or Neither? Internal Auditing 6
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
O Informational Scaling back internal audits due to corona virus while avoiding a NC Internal Auditing 7
G Internal Audits and Employee engagement Internal Auditing 16
S Internal audit discrepancy - We missed a few audits that were scheduled Internal Auditing 12
F ISO 17025 8.8 Internal Audits in a segmented company ISO 17025 related Discussions 5
qualprod Internal Audits - Categories of non conformances Internal Auditing 12
G Non Conformance During ISO 9001 Audit - Not All Internal Audits Completed General Auditing Discussions 19
K A way to monitor our Internal Audits as a KPI AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 13
blackholequasar Internal Auditing Inspiration - Getting volunteers to perform internal audits. Internal Auditing 22
A External Auditor issue with Internal Audits Internal Auditing 7
W Internal Auditing carried out by a 3rd party - Review of previous audits AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
Gman2 Quality Record Retention (Internal Audits, CA's) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
T Informational What is the purpose of Internal Audits? Internal Auditing 27
F API Spec Q1 9th Edition Surveillance Audit - Questions about internal audits. Oil and Gas Industry Standards and Regulations 22
Pmarszal ISO 19011:2018 - Risk Based Approach for planning, conducting and reporting of internal audits Internal Auditing 8
R ISO 13485:2016 Registration - NC on full cycle of internal audits ISO 13485:2016 - Medical Device Quality Management Systems 7
J Internal Audit clarification - How to perform the audits IATF 16949 - Automotive Quality Systems Standard 6
S Corrective Action from Internal Audits not performed ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
W FAA Advisory Circular (AC) Requirements (FAA AC 00-56) - Internal Audits AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
B Going into IATF 16949 transition without Internal Audits IATF 16949 - Automotive Quality Systems Standard 4
S Internal Audits performed by another local business ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 26
K No Internal Audits For Upcoming IATF Trans Audit IATF 16949 - Automotive Quality Systems Standard 5
J Supporting Processes - Internal Audits - Need help settling a debate IATF 16949 - Automotive Quality Systems Standard 4
K AS9100 Rev. D Transition - Internal Audits & Gap Analysis Requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14
J Internal Audits - Closing Audit Deficiency Reports (ISO 13485) Internal Auditing 4

Similar threads

Top Bottom