ISO 9001 Audit

[Thestovers1]

I just became a Quality Manager and am having my first ISO 9001 cert audit next week already. The company I work for is new and the previous Manager never did an internal audit or had a management review. I figured out all Management review things but i am having a hard time with the internal audit things. Im looking for a list of what i need to audit and provide but not having much luck. I keep getting the ISO checklist for becoming certified i dont need that. Any help is appreciated.

 

[Ed Panek]

Your company was certified to 9001 but never presented an internal audit or MR to the auditor or is this the company's first audit? One week is not enough time and its likely you will have numerous findings. When you say "just became" how long is the word just? Do you have 9001 experience in setting it up and executing it?

I'm going to assume your leadership is supportive of the work to implement and maintain a QMS.

I assume you have the 9001 standard. Reading through the standard after any entry of the word "shall" write down how you meet that requirement in the form of a record, form, log, SOP, meeting minutes etc. If you dont think you meet that item note that and keep going. Once thats complete you should have a decent gap analysis. From there I would go to your boss and present the gap and an estimate of man hours to correct them all. Depending on the context of your company and your personal expertise with the processes you probably need some help. It may make sense to postpone your 9001 external audit.

 

[Big Jim]

ISO 9001 switched from using an audit checklist for certification body audits somewhere back around 2005. It was referred to an element based checklist because it marched through the standard one element at a time. Since the checklist was no longer used by the certification body auditors they became harder to find. The certification body auditors had to audit according to the organization's structure, usually determined from looking at their interaction of processes description (IOP) and recording the results on an audit working document (AWD).

Internal auditing is not restricted to auditing that way although it is generally considered as preferred. Internal audits can be done using an element based checklist even if it is discouraged. Such checklists can still be found but they are not as well developed as the ones used in the past. A current one would also need to have been developed around the new version of the standard (ISO 9001:2015.

Consultants sometimes use such a checklist to aid in performing a gap analysis to help an organization see what they are missing.

PM me and I'll provide a copy of such a checklist, but with the comment that it isn't the best way to conduct an internal audit.

 

[Golfman25]

So start by letting us know where in the ISO stage you are. First certification audit? Surveillance? Initial document audit?

If you need to do internal audits, you have your work cut out for you. Pick you most impactful processes and start reviewing them. You can make your own checklist based on your own and ISO requirements. For example, if you audit a manufacturing process you'll want to look at things like routings, inspections, signoffs, control plans, etc. Good luck.

 

[Johnnymo62]

If you search "audit checklist" inthe Attachment List tab at the top of the page you will find 81 items. You may be able to use one of them.

 

[Quality-Nation]

You can audit what you want, as long as you can show it was planned, you checked the implementation of the parts of the QMS and you brought the findings to the attention of management.
If you haven ever done an audit, I’d suggest you find an external help to do one before your Registrar arrives, to buy you some time. It will cost maybe $2000 but will get you some instant relief from worry. Trust me. Its worked for me every time.