Organizing internal audit program for an Integrated QHSE Management System

Graciel

Involved In Discussions
Hi, I was recently surprised in a new Company I just started. They asked me all of the sudden (due to the absence of one employee responsible for QMS) to be responsible for the next internal audit which needs to happen during mid of next month.
I am new to this responsibility and this company has a total of 47 internal auditors.
From where should I start dividing the internal auditors and organizing the audit?
The standards are: ISO 45001, ISO 14001, ISO 9001.
Thanks!
 

Randy

Super Moderator
Hi, I was recently surprised in a new Company I just started. They asked me all of the sudden (due to the absence of one employee responsible for QMS) to be responsible for the next internal audit which needs to happen during mid of next month.
I am new to this responsibility and this company has a total of 47 internal auditors.
From where should I start dividing the internal auditors and organizing the audit?
The standards are: ISO 45001, ISO 14001, ISO 9001.
Thanks!

What does your internal audit program/procedure require?

Have you taken the time to look at what has been done in the past?

Do you have any background or training at all with the standards and/or internal auditing? (If no to this question there's your 1st nonconformance)

What are the capabilities/competencies of your internal auditors?
 

Graciel

Involved In Discussions
What does your internal audit program/procedure require?

Have you taken the time to look at what has been done in the past?

Do you have any background or training at all with the standards and/or internal auditing? (If no to this question there's your 1st nonconformance)

What are the capabilities/competencies of your internal auditors?

I have training with this standards.
They had 0 non conformities during last integrated audit.
I still have to check the standard about internal audit.
 

Johnny Quality

Quite Involved in Discussions
Graciel,

Why do you "need" to do an audit in the middle of next month?

Are you responsible just for the next audit or are you the lead auditor now? If you are I recommend grabbing your boots and meeting your team if you can.
 

Jim Wynne

Leader
Admin
h.
I am new to this responsibility and this company has a total of 47 internal auditors...
The standards are: ISO 45001, ISO 14001, ISO 9001.
Thanks!
Are you saying that 47 people will be concurrently auditing against three different standards ?
 

Graciel

Involved In Discussions
Graciel,

Why do you "need" to do an audit in the middle of next month?

Are you responsible just for the next audit or are you the lead auditor now? If you are I recommend grabbing your boots and meeting your team if you can.
It was already scheduled for next month by the manager.
I don't understand the question about being lead auditor. The thing is, that the internal audit needs to happen according to the schedule, in one month and we have 47 people trained to do it. But I'm not lead auditor.
 

Sidney Vianna

Post Responsibly
Leader
Admin
They had 0 non conformities during last integrated audit
Wow....that sounds like a wasted effort; unfortunately not very surprising as most internal audit programs are exercises in waste.

ISO 19011 provides very good guidance on the management of audit programs and, if possible, should be reviewed. As a potential starting point, you could duplicate last year's internal audit program and make changes based on status and risks of activities for the last 12 months.

Boa sorte.
 

Graciel

Involved In Discussions
Wow....that sounds like a wasted effort; unfortunately not very surprising as most internal audit programs are exercises in waste.

ISO 19011 provides very good guidance on the management of audit programs and, if possible, should be reviewed. As a potential starting point, you could duplicate last year's internal audit program and make changes based on status and risks of activities for the last 12 months.

Boa sorte.

When you say considering risks, should I use for example a customer complaint indicator for example? Or specifically use a risk management tool?
 

Sidney Vianna

Post Responsibly
Leader
Admin
When you say considering risks, should I use for example a customer complaint indicator for example? Or specifically use a risk management tool?
Customer complaints are an indicator of bad performance in the quality management aspect of the system. Since you have an integrated QHSE system, you should be looking at indicators of poor performance for all aspects of the system and context issues, such as COVID-19 (as an example). If you want to have a high performing internal audit program, you have to focus on issues of relevance to the organization and it's stakeholders.

But a zero-nonconformity audit result from an integrated management system audit, for an organization that has 47 trained (not necessarily competent) internal auditors is a huge red flag.
 
Top Bottom