Internal Audits in a Small Company

C

Connie

#1
Internal Audits

ALSO BEING IN A SMALL COMPANY AND HAVING A DIFFICULT TIME GETTING AUDITS DONE BY PEOPLE WHO DO NOT HAVE SOMETHING TO DO WITH A PARTICULAR DEPT, I WAS WONDERING IS THERE A WAY AROUND INTERNAL AUDITS AND HOW TO GET THEM DONE WHEN THERE IS A CONFLICT OF DEPARTMENT PERSONAL INVOLVEMENT.

hEY IT'S GOOD TO BE BACK!!!!
 
Elsmar Forum Sponsor
A

Al Dyer

#2
How about hiring an external auditor to do your internal audits! perfectly acceptable and more than likely very cost effective!

Al...
 

howste

Thaumaturge
Super Moderator
#3
I agree with Al - that's one way to do it. You're sure to get an impartial look at the system, and avoid having auditors auditing their own work. You also don't have to worry about internal auditor training.
 
#4
Hi Connie,

Maybe you have the opportunity to trade auditors with a neighbour company or something?

Could you expand a bit on the "DIFFICULT TIME GETTING AUDITS DONE BY PEOPLE WHO DO NOT HAVE SOMETHING TO DO WITH A PARTICULAR DEPT" bit?

/Claes
 
G

Greg B

#5
Re: Internal Audits

Originally posted by Connie
ALSO BEING IN A SMALL COMPANY AND HAVING A DIFFICULT TIME GETTING AUDITS DONE BY PEOPLE WHO DO NOT HAVE SOMETHING TO DO WITH A PARTICULAR DEPT, I WAS WONDERING IS THERE A WAY AROUND INTERNAL AUDITS AND HOW TO GET THEM DONE WHEN THERE IS A CONFLICT OF DEPARTMENT PERSONAL INVOLVEMENT.

hEY IT'S GOOD TO BE BACK!!!!
Connie,

My company understands the reasons behind the QMS and auditing - from Management down. We have always had a number of 'registered auditors' but now we are progressing with audit teams. One department audits another. The guys get some training from me and I often act as lead. They have no outside training and I don't think they need it. They get a greater insight into other parts of the company and they network with their peers. It is in its infancy but the operators like it and their observations are not preconceived - they are usually black and white. We are also combining Safety and Environemental audits in the same basket. So these guys do the whole thing in one. Management likes it because it is saving money and time and for the other reasons I mentioned. At an operational level we are a small company with 4 to 6 man crews but we understand the value of this so people are seconded to audit teams the same as they are for scheduled training. It is another resouce that we need to manage.
You really need to sit down with senior management and explain it to them. Show them the clause and the requirement about conflict of interest. Maybe get them to view these threads it might open their eyes.
Jim Wade had some good thoughts on this but I cannot remember the thread. Do a search of 'Auditing'.
Stick with it it is not always easy

Greg B
 
Last edited by a moderator:

gpainter

Quite Involved in Discussions
#6
Connie the 00 standard has helped to some extent by saying that "Auditors shall not audit their own work." Most are saying you can audit your department but you can not audit something you are doing. You can hire an outsider, which is becoming popular or you could auditor share with a local company, which is a benefit to both companies.
 
A

Al Dyer

#7
I really believe that switching auditors with another company is very beneficial, and not only from the audit standpoint. A deal with another company will give a fresh view and differing methodologies that can be learned. Possibly a very important benefit would be benchmarking activities.

And why stop at just one company, how about a group of companies??

Al...
 

MrPhish

ISOLove to Dance
#8
Is This Possible??

gpainter is correct. The new 00 standard has helped a bit with the "can't audit your own work" clause. However, in trying to accomplish internal audits without a lot of resources (only those needed to add value) I've been wondering does this scenario work"

1. Management Rep can audit entire system except for the work he/she directly performs.
2. most actions of the MR are audited by the third party auditor every surveillance audit as SOP.
3. 8.2.2 says, "an audit programme shall be planned, taking into consideration the status and importance of the processes and areas to be audited, as well as the results of pervious audits." I read this to include surveillance audits (by not excluding them).
4. Hypothesis: the direct actions of the MR are audited by the third party auditor as noted above. Providing the pervious surveillance results are mostly favorable, why does the activity of the MR need to be reviewed during every internal audit by another party/department/subcontractor? By using the previous surveillance audit results (favorable) the MR will be able to avoid auditing their own work, and should still be able to answer the question whether or not the MR functions are being performed properly by using the data obtained during the last surveillance audit.

Not trying to "legal weasel" the standard, but am trying to get the most out of limited resources. Have I missed something from 8.2.2 that does not permit this to occur?

Just trying to be creative and add value, and reduce cost (if that's possible).
 

howste

Thaumaturge
Super Moderator
#9
Well, I have to admit that it is creative. :rolleyes: It still doesn't get around the requirements of 8.2.2 though. It requires that internal audits be used to determine a) if requirements have been met, and b) if the QMS has been effectively implemented. For any part of the system that you don't audit, you have not determined either of these. I could extend your logic to say that as long as there are acceptable external audits, I have no need to do internal audits at all! :D
 
Last edited:

MrPhish

ISOLove to Dance
#10
Thanks for the reply howste.

I totally agree that internal audits are used to a)determine if requirements have been met and b) if the QMS is effectively implemented. I fail to see your point. Let me clarify mine.

1. Just because someone internal to my company has not audited a certain process, (process X) but someone external to my company has audited process X and reported their findings in writing, why can I not make a determination of meeting requirements based on the findings at hand? Data is data. Based on the previous replies to this thread how come subcontracted auditors fit this bill (i.e. external auditor who reviews process X and writes a report), yet the results of the registrar (who by the way is a subcontracted auditor) can not be used in the same exact manner. Remember ... where in the standard does it say this is not allowed?

2. I think the same is true for point b). It is the data/audit findings that are being used to help make the determination if the QMS has been effectivly implemented. Where does it say in the standard that only data from internal audits can be used to make this determination? I don't see it (that's why I'm looking for help here on the Cove).

Now before a Sea Lawyer gets a hold of this, let me further clarify my interpretation by saying I 100% agree that you can not use the results of any surveillance audit to "take the place" of conducting any internal audits at all, as required by 8.2.2. Internal audits are needed as a value added function ... no disagreement there. My point is since by the standard I am allowed to "take into consideration status, importance, and previous audit results" (reguardless of where the audit results come from) when selecting those areas or process I want to audit, why can I NOT select to audit those functions of the MR since previous audit data tells me those functions are OK?

I would agree at a minimum, I would need to have the MR functions that can not be audited by the MR (i.e. can't audit his/her own work) reviewed during an internal audit at least ONCE during the life of the certificate, but not every time an internal audit is conducted. Again, not looking for minimums or weasel methods ... just asking who sees it this way as a possible method to save resources and still add value to the QMS and the business process.
 
Thread starter Similar threads Forum Replies Date
T Internal Audits in very small manufacturing operation. Internal Auditing 8
I Internal Audits - Auditing own work in a small shop Internal Auditing 17
M Major vs. Minor for Internal Audits? Internal Auditing 1
C Internal Audits in a tiny Dx Company Internal Auditing 33
N Sampling Plan for Internal Audits - ISO 2859 or 3951 - Or Neither? Internal Auditing 6
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
O Informational Scaling back internal audits due to corona virus while avoiding a NC Internal Auditing 7
G Internal Audits and Employee engagement Internal Auditing 16
S Internal audit discrepancy - We missed a few audits that were scheduled Internal Auditing 12
F ISO 17025 8.8 Internal Audits in a segmented company ISO 17025 related Discussions 5
qualprod Internal Audits - Categories of non conformances Internal Auditing 12
G Non Conformance During ISO 9001 Audit - Not All Internal Audits Completed General Auditing Discussions 19
K A way to monitor our Internal Audits as a KPI AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
blackholequasar Internal Auditing Inspiration - Getting volunteers to perform internal audits. Internal Auditing 22
A External Auditor issue with Internal Audits Internal Auditing 7
W Internal Auditing carried out by a 3rd party - Review of previous audits AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
E Informational Internal Audits - Wear multiple hats what can and can't I audit (so I'm not auditing my own work) Internal Auditing 144
Gman2 Quality Record Retention (Internal Audits, CA's) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
T Informational What is the purpose of Internal Audits? Internal Auditing 27
F API Spec Q1 9th Edition Surveillance Audit - Questions about internal audits. Oil and Gas Industry Standards and Regulations 23
Pmarszal ISO 19011:2018 - Risk Based Approach for planning, conducting and reporting of internal audits Internal Auditing 8
R ISO 13485:2016 Registration - NC on full cycle of internal audits ISO 13485:2016 - Medical Device Quality Management Systems 7
J Internal Audit clarification - How to perform the audits IATF 16949 - Automotive Quality Systems Standard 6
S Corrective Action from Internal Audits not performed ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
W FAA Advisory Circular (AC) Requirements (FAA AC 00-56) - Internal Audits AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
B Going into IATF 16949 transition without Internal Audits IATF 16949 - Automotive Quality Systems Standard 4
S Internal Audits performed by another local business ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 26
K No Internal Audits For Upcoming IATF Trans Audit IATF 16949 - Automotive Quality Systems Standard 5
J Supporting Processes - Internal Audits - Need help settling a debate IATF 16949 - Automotive Quality Systems Standard 4
K AS9100 Rev. D Transition - Internal Audits & Gap Analysis Requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14
J Internal Audits - Closing Audit Deficiency Reports (ISO 13485) Internal Auditing 4
S Is Audit Plan / Agenda required for Internal Audits? Internal Auditing 2
J ISO 9001:2008 - Can I still conduct Internal Audits in my company? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
F What is your favorite software for ISO 9001:2015 Internal Audits? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
C ISO 9001:2008 Surveillance Audit - No Internal Audits Internal Auditing 9
J Dinged on Internal Audits for supervising an auditor I was training Internal Auditing 10
Marc ISO 9001:2015 vs. 2008 - Internal Audits - What changes are you making? Internal Auditing 44
M Are auditing checklists required for Internal Audits? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
dubrizo Internal Audit Value - What is the point of conducting internal audits to a checklist Internal Auditing 40
D Using consultants for Internal Audits Internal Auditing 24
O New Job 1 Month from Recertification Audit - Missing Documents, no Internal Audits ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 25
R How do I conduct my API Q1, ISO compliant internal audits? Internal Auditing 1
F Is it good to outsource the Internal Audits? Quality Manager and Management Related Issues 16
S Advice for ISO17025 First Round of Internal Audits ISO 17025 related Discussions 10
S Engineering Audits - Internal Audits IATF 16949 - Automotive Quality Systems Standard 7
L Time Allocation for Internal Audits Internal Auditing 5
A A Guide to Effective Internal Management System Audits Book, Video, Blog and Web Site Reviews and Recommendations 2
M Utilizing ISO and Customer Audits for Internal Audits Internal Auditing 14
N Internal Process Audits - 7.1 Planning - How do YOU audit it? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
G Scope of External & Internal Audits General Auditing Discussions 10

Similar threads

Top Bottom