Please disable your adblock and script blockers to view this page
Search the Elsmar Cove!
**Search ALL of Elsmar.com** with DuckDuckGo including content not in the forum - Search results with No ads.

ISO 9001:2008 Surveillance Audit - No Internal Audits

C

Curlz

#1
Hello everyone! First post. :bigwave: Been browsing for awhile and gleaning from all the awesome information here in the Cove.

Here's my problem: I am the only 'quality' person on staff and my surveillance audit for ISO9001 is coming up and I have no internal audits to show. I have been keeping track of our KPIs and we have informal meetings to review our performances but nothing has been formalized.

I was hired little over a year ago as a Quality Manager for 2 companies to lead the charge in becoming ISO certified. Did that from scratch in 3 months due to the fact that the companies were already 'quality minded' and all I basically did was put on paper the processes already in place (businesses are service shops with 1 process each). In the meantime, another company was added to the mix and I was pulled in a different direction to handle getting that under way. (these are all small companies- about 30 people in total)

How bad am I going to get 'dinged' for not conducting internal audits?

Any ideas for how to handle the Quality department with no budget and no time?
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#2
Re: ISO 9001:2008 Surveillance Audit

Welcome to The Cove.:bigwave:
How bad am I going to get 'dinged' for not conducting internal audits?
It totally depends on your external auditor. Some are so bad they might miss the fact you have missed your internal audit. On the other hand, an attentive and competent external auditor will identify the issue as a major nonconformity.

Any ideas for how to handle the Quality department with no budget and no time?
Yes, get rid of the archaic mind set of the need for a quality department and move into the XXI century where quality is supposed to be embedded in the organization's operational processes and truly be everybody's responsibility.
Quality should not be a department, but the outcome of well designed system, comprised of business processes which take into account customer satisfaction and product regulatory needs.

Even the ISO TC 176 SC2 recognizes that as they created a new requirement in ISO 9001 which stipulates that top management of the organization must ensure that the QMS requirements are "integrated" in the company's business processes. Now, if every 3[sup]rd[/sup] party auditor out there paid attention to this requirement and "enforced" it, the life of quality managers would be so much easier....
 
Last edited:

oldmanian

Starting to get Involved
#3
We have just been through our triennual audit and because of a 60 % increase in business between new year and july we were only able to conduct three audits. The auditor was not impressed at all however because we had had a management meeting where this was discussed and the outcome was to get more people trained to do audits ( we only have one fully trained and one learning) we were "let off". however the auditor stated that it would have been a major non conformance to have so few of the planned audits carried out.
I can only suggest you explain the reasons and hope for the best. Good luck
 
#4
As you said, informal meetings are conducted. Nothing is formal.
I think which means no Management reviews conducted.

Even if Internal audits were not conducted, this issue was supposed to be highlighted in Management reviews.

But if both (Management reviews and Internal audits) are pending. Then this is a big issue. This will be considered as a total breakdown of the system by auditor. Auditor may even decide not to conduct the audit.

You need to have both of them.

If Management review was conducted, and this issue was highlighted there - then you should get the Internal audits conducted immediately. (Auditor might still raise a minor nonconformity).

:2cents:
Thanks,
Amit
 

howste

Thaumaturge
Super Moderator
#5
Re: ISO 9001:2008 Surveillance Audit

...an attentive and competent external auditor will identify the issue as a major nonconformity.
^ This. Even at this late date if you complete all of the internal audits the week before the surveillance audit, you would likely still get a minor NC for not completing them at the planned intervals.
 

Ninja

Looking for Reality
Trusted
#6
Re: ISO 9001:2008 Surveillance Audit

In your position, I would likely do the following:

1. Do your internal audits now.
2. Write up a N/C on yourself (you just did on your OP, put it in your system).
3. Bring it up in your opening meeting of the surveillance audit.
"We found that internal audits were not being done at planned intervals and here is the CA plan and internal audit plan for the next year"

You should get dinged...there is a level of performance required and you didn't do it.

Ding yourself to show that your self-policing system isn't totally missing.
It obviously isn't totally missing...you saw it.
Dinging yourself hard is a lot easier to take than having an external auditor ding you hard for finding it by surprise.
:2cents:
 

oldmanian

Starting to get Involved
#7
Curlz We are small medium with 23 employees and a small budget and little time however if you can get 1-2 hours per day to concentrate on just quality issues then there should be no problems like you are having now.
The size of the budget is not a major problem there will be money made available if as you say the companies are quality minded. I find that time is the crucial problem because as with any small company most management people wear multiple hats and those hats all eat into the time you have to do quality. My suggestion is to find that 1-2 hours per day to only do quality related work, the load becomes less stressful in the long run.:2cents:
 
C

Curlz

#8
Thanks to all for your comments and suggestions. They really helped and have given me a basis for starting over again understanding the I need to get rid of that 'archaic mind set of the need for a quality department and move into the XXI century where quality is supposed to be embedded in the organization's operational processes and truly be everybody's responsibility.' - Sidney Vianna

Found some people willing to audit my department that had internal quality training and they dinged me pretty bad for not conducting internal audits as planned. We shall see what my external auditor says.

Issue brought up in MRM and determined that resources are lacking (people, time).

:thanx:
 

Ninja

Looking for Reality
Trusted
#9
So you now have a NC, found by internal audit, that will become a Corrective Action...and get fixed.

Sounds like your system is working... keep it up!
 

Coury Ferguson

Moderator here to help
Staff member
Super Moderator
#10
Hello everyone! First post. :bigwave: Been browsing for awhile and gleaning from all the awesome information here in the Cove.

Here's my problem: I am the only 'quality' person on staff and my surveillance audit for ISO9001 is coming up and I have no internal audits to show. I have been keeping track of our KPIs and we have informal meetings to review our performances but nothing has been formalized.

I was hired little over a year ago as a Quality Manager for 2 companies to lead the charge in becoming ISO certified. Did that from scratch in 3 months due to the fact that the companies were already 'quality minded' and all I basically did was put on paper the processes already in place (businesses are service shops with 1 process each). In the meantime, another company was added to the mix and I was pulled in a different direction to handle getting that under way. (these are all small companies- about 30 people in total)

How bad am I going to get 'dinged' for not conducting internal audits?

Any ideas for how to handle the Quality department with no budget and no time?
If I was in your situation, I would select the most critical parts of your System Processes and perform an Internal Audit on those.

But make sure that you have identified the planned intervals somewhere in your documentation, take the Minor NC and put some type of Root Cause/Corrective Action (RCA) in place and show (objective evidence) to the Auditor at the time of their audit.

The other side of this, is that you need to get with the appropriate Management and assure that this isn't repeated in the near future. Increase resources or hire an audit firm outside of your Registrar and have them perform the internal audits for the Organization.

Just my opinion.
 
Top Bottom