Internal Audits performed by another local business

S

scottjoh1412

My company is having some issues with not auditing our own work. The easiest way to fix this situation is to bring in outside assistance. The owner suggested that we could call another local company and offer to swap auditing services.

The problem is our registrar auditor said that doing something like that would not fly. Reading the standard my assumption is as long as they can show some sort of training (I would prefer 3rd party training) then we should be good to swap with whomever we choose. Help?
 

Mike S.

Happy to be Alive
Trusted Information Resource
"Show me the shall I would be violating" is what I would ask the registrar auditor.

I would personally try to do as much as I could "in house" but in areas where there may be an issue with auditing one's own work, I don't see where your plan would violate the standard. Maybe I will be "edumacated" differently.
 

qualprod

Trusted Information Resource
You can do it.
Preferably, it is to have internal auditors.
Because In some way, more internal people know In deep the processes, and could find more important issues when auditing.
Other point , have the 'iso perfume " inside, more frequent audits, more people feel the audits,etc.
You may give bonus to auditors, so that , results may be better, than external auditors.
Hope this helps
 

Sidney Vianna

Post Responsibly
Leader
Admin
The problem is our registrar auditor said that doing something like that would not fly. Reading the standard my assumption is as long as they can show some sort of training (I would prefer 3rd party training) then we should be good to swap with whomever we choose. Help?
It is pretty well established that organizations can outsource the internal auditing function. The main question is about the competence of the outsourced internal auditors. Training alone has never made anyone competent to perform in the capacity of internal auditors.

So, in principle, the proposed arrangement could be exercised, but, if the goal is just to have an audit done to pass the external audit, you are missing a great opportunity to improve the system.

Unfortunately, too many organizations never realize and extract the benefit of high performance internal audits. For them, internal audits are a total valueless event.
 
S

scottjoh1412

Thank you every one for the help.

We have had some roles change and I have more involvement in each operation than I did a few years ago. It has made it more difficult to be as objective as I need to be to perform good audits.

Adding an outside source for some of the audits would keep us from overloading the other auditors we have in house.

I didn't want to have another disagreement with the auditor yesterday at the closing meeting. I had enough of those through the audit. :nope:
 

yodon

Leader
Super Moderator
Here in the Dallas area, we have an ASQ Audit Special Interest Group that offers free auditing that enables companies like yours to have a qualified (competent) auditor conduct the audit and also helps the auditors get audit time credit for recertification. You might check your local ASQ chapter to see if they have anything similar.
 

Sidney Vianna

Post Responsibly
Leader
Admin
offers free auditing that enables companies like yours to have a qualified (competent) auditor conduct the audit and also helps the auditors get audit time credit for recertification.
I don't want to be excessively picky, but the aspect of auditor competence goes beyond that. Do the "volunteers" have an understanding of the audited organization's context, it's regulatory exposure and stakeholders? An auditor who is very familiar with machining of commercial parts might be totally ignorant about the challenges of a medical device manufacturer or an engineering firm; so could s/he be deemed competent as an auditor for that organization?

Further, if the organization will outsource the internal audits, it would be highly advisable they check the individual's references and establish a Non-Disclosure Agreement, as some of the most sensitive information might be part of the discovery, typical of a well executed management system audit.
 
Last edited:

itsbiodiversity

Involved In Discussions
Sidney, you do seem to be excessively picky in this situation, but I do agree with you at the same time. I'll just bring some simplicity to the table here.

If you can prove than an effective audit is taking place, then you have satisfied the standard. Only a trained and competent individual can perform an effective audit. The training level and competency is easy to judge by looking at the quality of the audit.

Now if you are not performing quality internal audits, regardless who is conducting the audit, a corrective action should be issued and outside reinforcements should be brought in with the correct knowledge.

It is perfectly acceptable to have ASQ trainees with a background in your standard and industry to conduct the audits. Again - was an effective audit conducted? That's all that matters.

I have been a one man lab and conducted my own for ISO/IEC 17025.

I have conducted ISO 9001 audits although my specialty is 17025.

I have paid advisors with ISO 9001 specialty to audit our 17025 lab.

I have paid advisors with 17025 specialty to audit our 17025 lab.

I have had trained employees from another area of the facility conduct an internal audit.

All audits were effective. I use the registrar's audit checklist as a guideline, and as long as all objective evidence for meeting the requirements is there then that would be an effective audit. Of course you can always push further...I'm just trying to give some of my experience.

Also - someone from another facility can audit just one portion of the system - like the management system - without requiring knowledge of the production process itself. And be sure to have NDA for anyone you work with, just as Sidney Vianna mentioned above.
 

AndyN

Moved On
I tend to agree with Sidney. I recently saw the results of some outsourced internal audits and I was appalled at the immature way they had been conducted. Worse, of course, was the fact that the CB auditor had accepted that. They are also a consultant and it makes me wonder what they have been telling/training their clients to do... Not competent at all.
 
Top Bottom