Internal Audits specific to a Mature System

  • Thread starter shaggy1812 - 2011
  • Start date
S

shaggy1812 - 2011

#1
I have been using the same internal audit checklists that go way back to our pre-certification days (we are getting ready for our first audit after RE-certification). This checklist was designed by someone at another facility who was about 3 months ahead of us in their planning. It is basically a regergitation of the standard (ISO9000:2000) in question/comment form.

As one works thru the checklist, I find "we just answered that up here" comes up a lot. I was wondering how others perform internal audit on mature systems.
 
Elsmar Forum Sponsor

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#2
Re: Internal Audits specifc to a Mature System

Oh my. If I did that I would expire from boredom and my people would have received no benefit - so long as they view what I do as benefit. :rolleyes:

As I go along, I am learning what to look for as I learn more about how everything works, how to find issues and what points to what else. I learn to connect the dots and pursue larger subjects such as the entire process realization process (APQP) when a new process was started up.

It is kind of sloppy I guess, but I have stopped using all those defined checklists. I look into the regular things for each process, but I have conversations with auditees and see where they lead - maybe a tangent, but that can bring the critical value.

Often I don't go into the same level of detail on the same subject as last time. If I "catch a whiff" of something I'll excavate. Next time I may look in particular detail about something that seemed so-so, especially if they've been working on it so we can see if the benefits of what's been done extend to their internal customers - none of that "penny wise, pound foolish" stuff.

I hope this makes sense. It's getting a little late here.
 

Randy

Super Moderator
#3
Re: Internal Audits specifc to a Mature System

The same checklist? That's not auditing, that's just burning hours and company $$.

When was the last time that you just grabbed a process at random and verifyied it's functioning from top to bottom?

When was the last time you said "Hey, lets go backwards from shipping to customer orders" ? From output to input?

When was the last time you latched on to a procedure or work instruction and said "Prove it"?

All that has been happening is walking down the same path expecting and seeing nothing but the same scenary.

Wanna save time and trouble? Just sit in the office and fill out the checklist.

How do others perform audits on mature systems? They actually look at stuff and for stuff and don't use some lame, old, wore out, gap analysis type checklist.

Take that thing, roundfile it and then go out and verify that you are actually doing everything that you are supposed to be doing, in the manner that it is supposed to be done and are achieving planned results and meeting expectations in an effective manner.
 
S

shaggy1812 - 2011

#4
I actually do look at the processes myself and have done much of what has been mentioned above. Our management seems to think that has to be something more formal. I fear that we may be a victim of our own process and procedures and unwillingness to change. "Our registrar likes it therefore we must do what the registrar likes"-mentality.

I think this comes from the initial comment 8.2.2 "planned intervals", "planned arrangements", "records of the audits".

I agree it tends to be a waste of time. Little good comes from it.
 

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#5
Your management says the registrar likes your using the same bland, canned checklist year after year? Or is this a general statement?

The audit program is supposed to be planned and audites defined, but Randy suggested audit plans that can also fit into the term "defined."

Oftentimes management doesn't understand how fluid an audit process can, and should be - and it can still be objective, with scopes defined - and how important that can be to determining effectiveness of a management system.

Stepping outside the box your people have built does require some imagination and decent record keeping.
 

Randy

Super Moderator
#6
Ask your management what they prefer for breakfast, cold oatmeal without sugar or something more tasteful and different? Sticking rigidly to some bland, channelized checklist because it is liked is tantamount to having nothing more to look forward to that the oatmeal.....YECH!!!

Checklists tend to do little more than put blinders and barriers around the auditor and the audit...I like to say the auditor and the audit process becomes "Tunoptic"- Tunnel vision and myopia at the same time.

And if your 3rd party "likes" your checklist, then you're probably getting short-changed....To me, when I see them used over and over again, I think "YUCH" and I comment on the lack of sufficient and effective coverage of the MS and its related processed, especially when I uncover a nest of snakes hidden out in the open that a blind auditor could see from a distance.
 
Last edited:
S

shaggy1812 - 2011

#7
I have trained auditors that are decent. I have instructed them in the past to use these as guideline only, to rely on your insticts and follow the path wherever it may lead. Jump around. If you get stuck...

I sat in a staff meeting a few months ago and mentioned our next surveylance audit was on such and such a date, my next internal audit would be on a certain date with 1 particular auditor. President stepped in and said I want your boss to be the lead auditor because there is no-one else in the company more qualified. Since he's new to the company and they use a very similar process in the plant where he works, I got overruled on a process audit. for a day and half, we painstakingly went thru the list, mostly in the conference room. Most of my documents are electronic and could be called up right there. not fun.

I really want to implement a process approach but feel some sort checklist (maybe just a statement, clause, and a check box) something to provide my auditors with as a guide, a prompt for questions and to use as a record.

We are a small company without a lot of resources, so I struggle with how to convert my archaic audit system to one that is really beneficial to the company.
 

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#8
You can make checklists that are specific to the processes you work with. But I will say I soon also get very bored with these, and the process becomes ineffective very quickly because the same middle ground gets trod on over and over while the non-mainstream stuff is left unaddressed. Also, such defined audit plans to not take into account results of previous audits - that would need to be an add-on.

I also struggle with time resources, but that has meant my audits turn to activities like making turtle diagrams, flow charts and process maps that show hot spots needing extra focus. Even when I write specific checklists, during time of audit I usually find myself fumbling with them and losing valuable time that could be spent actually exploring the process.

Let me ask you this: Do your registrars use a canned checklist when they come audit you? Mine don't.
 

JoCam

Trusted Information Resource
#9
Hi Shaggy1812,

I compile our ISO 13485 audit schedule in a way that specifies the processes, the associated procedures and the clauses of the standard that I wish to be considered during each audit. For example, an audit of Goods-In Inspection may be performed against clause 7.4.1 and 7.4.3 in May, and in September against clause 8.3. This doesn't mean that other clauses are ignored, it just gives a starting point. My internal auditors begin with reviewing the procedures against the clauses specified, followed by the actual task as it is peformed. For completion they then perform an audit trail, just as Randy has mentioned, where an output is selected and the system traced back to the input. So there you have it, a structure to work to. All that you then require is a team of adequately trained auditors.

Audits performed to checklists are only ever as good as the checklist itself, and as Randy has further mentioned, distract Auditors from what is actually happening.

I hope this helps in some way.
 
Last edited:
S

shaggy1812 - 2011

#10
Thanks everyone for your insight. Looks like I have get thru this last one then I'm definitely scrapping it. I have some great input and have ideas on where to go after this.

The registrar does not have a checklist. They did initially for the pre-assessment but soon after gave up on them. Perhaps mine has a touch of "old-school" left in him ;-) or it just makes things easier.

Thanks again everyone your comments.
 
Thread starter Similar threads Forum Replies Date
A Internal audits on CSR (Customer Specific Requirements) - Look at Ford's Behemoth Internal Auditing 1
J Generic or Specific Checklists for Internal Audits Internal Auditing 15
L Scheduling Internal Audits - Chrysler-specific Requirements Internal Auditing 7
lanley liao How to understand this words that the planning of internal audit shall take into consideration the results of previous audits? Oil and Gas Industry Standards and Regulations 10
M ISO13485:2016, MDSAP and Internal Audits ISO 13485:2016 - Medical Device Quality Management Systems 8
S Would this be a second site for the purposes of internal and third party audits? General Auditing Discussions 4
J ISMS - Internal Audits Internal Auditing 3
L Documented Information in Internal Audits Process (9.2) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
D CB and customer audits considered as internal audits? General Auditing Discussions 9
R IATF 16949 - Outsourcing of internal audits Internal Auditing 10
M Major vs. Minor for Internal Audits? Internal Auditing 10
C Internal Audits in a tiny Dx Company Internal Auditing 33
N Sampling Plan for Internal Audits - ISO 2859 or 3951 - Or Neither? Internal Auditing 6
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
O Informational Scaling back internal audits due to corona virus while avoiding a NC Internal Auditing 7
G Internal Audits and Employee engagement Internal Auditing 16
S Internal audit discrepancy - We missed a few audits that were scheduled Internal Auditing 12
F ISO 17025 8.8 Internal Audits in a segmented company ISO 17025 related Discussions 5
qualprod Internal Audits - Categories of non conformances Internal Auditing 12
G Non Conformance During ISO 9001 Audit - Not All Internal Audits Completed General Auditing Discussions 19
K A way to monitor our Internal Audits as a KPI AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
blackholequasar Internal Auditing Inspiration - Getting volunteers to perform internal audits. Internal Auditing 22
A External Auditor issue with Internal Audits Internal Auditing 7
W Internal Auditing carried out by a 3rd party - Review of previous audits AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
E Informational Internal Audits - Wear multiple hats what can and can't I audit (so I'm not auditing my own work) Internal Auditing 149
Gman2 Quality Record Retention (Internal Audits, CA's) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
T Informational What is the purpose of Internal Audits? Internal Auditing 27
F API Spec Q1 9th Edition Surveillance Audit - Questions about internal audits. Oil and Gas Industry Standards and Regulations 22
Pmarszal ISO 19011:2018 - Risk Based Approach for planning, conducting and reporting of internal audits Internal Auditing 8
R ISO 13485:2016 Registration - NC on full cycle of internal audits ISO 13485:2016 - Medical Device Quality Management Systems 7
J Internal Audit clarification - How to perform the audits IATF 16949 - Automotive Quality Systems Standard 6
S Corrective Action from Internal Audits not performed ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
W FAA Advisory Circular (AC) Requirements (FAA AC 00-56) - Internal Audits AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
B Going into IATF 16949 transition without Internal Audits IATF 16949 - Automotive Quality Systems Standard 4
S Internal Audits performed by another local business ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 26
K No Internal Audits For Upcoming IATF Trans Audit IATF 16949 - Automotive Quality Systems Standard 5
J Supporting Processes - Internal Audits - Need help settling a debate IATF 16949 - Automotive Quality Systems Standard 4
K AS9100 Rev. D Transition - Internal Audits & Gap Analysis Requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14
J Internal Audits - Closing Audit Deficiency Reports (ISO 13485) Internal Auditing 4
S Is Audit Plan / Agenda required for Internal Audits? Internal Auditing 2
J ISO 9001:2008 - Can I still conduct Internal Audits in my company? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
F What is your favorite software for ISO 9001:2015 Internal Audits? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
C ISO 9001:2008 Surveillance Audit - No Internal Audits Internal Auditing 9
J Dinged on Internal Audits for supervising an auditor I was training Internal Auditing 10
Marc ISO 9001:2015 vs. 2008 - Internal Audits - What changes are you making? Internal Auditing 44
M Are auditing checklists required for Internal Audits? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
dubrizo Internal Audit Value - What is the point of conducting internal audits to a checklist Internal Auditing 40
D Using consultants for Internal Audits Internal Auditing 24
O New Job 1 Month from Recertification Audit - Missing Documents, no Internal Audits ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 25
R How do I conduct my API Q1, ISO compliant internal audits? Internal Auditing 1

Similar threads

Top Bottom