Should Internal Audit Checklists be Controlled Documents?

Elsmar Forum Sponsor

somashekar

Staff member
Super Moderator
#2
Hi Guys; - As per the subject heading, should I make Audit Checklists Controlled Documents?

Thanks in advance
NO NO NO ... Its a ready reconer for the auditor and the auditor must be free to make more check points than the checklist contents. You must encourage the auditor to make his own checklist and you will see that as auditing standards mature these checklists will slowly become redundent.
 
J

Jeff Frost

#3
Hi Guys; - As per the subject heading, should I make Audit Checklists Controlled Documents?

Thanks in advance
The basic form should be controlled but the actual checklist for each process is subject to change and should not be controlled.
 

Meggsy

Involved In Discussions
#4
I agree that checklists shouldn't even be required, but managers are asking for them... so... what's a girl to do? :confused:

Our Internal Audit Procedure is written such that "Checklists may be used, however the auditor can used another method if preferred", plus I also have a spot for "additional requirements" at the bottom of each checklist so the auditor can add their own flavour.

I think I'll just stock them all in a folder and not control them.

Thanks :thanks:
 

somashekar

Staff member
Super Moderator
#5
I agree that checklists shouldn't even be required, but managers are asking for them... so... what's a girl to do? :confused:

Our Internal Audit Procedure is written such that "Checklists may be used, however the auditor can used another method if preferred", plus I also have a spot for "additional requirements" at the bottom of each checklist so the auditor can add their own flavour.

I think I'll just stock them all in a folder and not control them.

Thanks :thanks:
Meggsy .. you can do a lot. First let the checklist and the audit report not be a combined document if they are combined as of now. Make a set of audit questions that typically needs to be asked as a checklist and provide them to the auditors (managers) and encourage them to go beyond it since they are trained to do the internal audits. The best way one can acquire good auditing techniques after the IA training is by quickly conducting audits Try to use this list here and feel free to modify it for your requirement. Hope you will feel better .... :) <<< Good luck >>>
 

Attachments

#6
I agree that checklists shouldn't even be required, but managers are asking for them... so... what's a girl to do? :confused:
That is interesting. Why are they asking for them?

Anyway, there are many ways to do this, but I'll tell you what I do: I still go by the old school, preparing a unique checklist for each audit (I find them to be too good as tools go to omit them). Thus the form as such is not controlled, but I do add the completed checklist as an appendix to the report, so it is a record in our system. I should also add that our entire audit system (Planning, checklists, reports, improvement actions and follow up) is handled in an Access application we cobbled together many years ago, so we regard the entire database as a record.

Just food for thought.

/Claes
 
#7
I'm with Claes on this one. Why would a manager ask for one? Are they hoping to get a 'jump' on the internal auditors by looking at the checklist? If so, then I'd look at the way you are planning your audits or something similar.

When people feel the need to 'prepare' for an internal audit, there's something going on which needs to be addressed! If, for example, you are auditing from ISO 9001 (or a similar standard) then the terminology is strange to management, so they need to see the checklist so they can interpret and prepare for the audit.

Tell us more and we can help you improve your process, past this symptom...
 

ScottK

Not out of the crisis
Staff member
Super Moderator
#8
Managers like audit checklists so they know what to prepare for and have copy of the checklist in their hands as the audit is performed.

Most of the customers I host give me a copy of their checklist up front.
They are pretty vague and leave a lot of room for further exploration.
Even our CE marking body has a standard controlled checklist for the directives. It in no way hinders their effectiveness and I use it for internal directive audits.

I use checklists in internal audits. But they change from audit to audit so they are not controlled as a form.
I control the template, but part of the auditor's job is to create a checklist for each audit based on the standards and past audits.
 
Last edited:
J

JaneB

#9
Why are they asking for them?
Good question. While I agree to some extent that preparation 'shouldn't' be necessary, an organisation often doesn't reach that level of maturity for some time (some, alas, never do)

I've found managers often ask for checklists or the like in circumstances such as:
  • internal audit only just beginning
  • new managers, inexperienced with/new to the whole idea of internal audit, and thus a bit nervous or apprehensive
  • organisation with a command & control, fear-based culture, where mistakes are punished - what manager would not want to prepare as much as possible in such a culture?
  • someone who's had bad experience with audit in the past; this might be anything from audits always done to a rigid checklist, audit with incompetent auditor, poorly defined scope, no procedure to being punished based on poor results

Often, they're just seeking an idea of what might be covered - not so much to 'cover up' or 'prepare', as to understand what will happen. A good explanation beforehand, opening meeting, etc etc can do much to help. As Andy says, it's a symptom of something. What?
 
Last edited by a moderator:
D

donaokka

#10
The basic form should be controlled but the actual checklist for each process is subject to change and should not be controlled.
Yes,jeff is right, the form should be controlled by doucument center; but this action-internal audit should not controlled;
 
Thread starter Similar threads Forum Replies Date
T Should the Internal audit for ISO 9001 cover all elements of the standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
L Should Internal Audit CAPAs be kept separate from "normal" CAPAs? ISO 13485:2016 - Medical Device Quality Management Systems 6
C How should I present Internal Audit results to Management in Management Review Internal Auditing 18
T Who should provide information I ask for? Internal Audit question Internal Auditing 4
R Should Internal Audit criteria be a Controlled Document? Internal Auditing 5
K Should Internal Audit Plan be Approved by Top Management? Internal Auditing 19
O Should Staff have Access to see Internal and/or CB Audit Results? Internal Auditing 5
G Internal Audit Report Meeting - Who should be present? Internal Auditing 19
J Internal Audit Teams - How big the audit team should be and who should be on it General Auditing Discussions 6
Coury Ferguson Should a Registrar write a NC on something that was found during the Internal Audit Registrars and Notified Bodies 138
P Internal PPAP Audit - What should I ask? Plastic parts (automotive) TS 16949 IATF 16949 - Automotive Quality Systems Standard 7
P The Optimal IA Schedule - How should the Internal Audit Schedule be set up? General Auditing Discussions 26
R ISO19011 Internal Audit Schedule - Should it have to be approved? General Auditing Discussions 12
S Internal Audit Team - The number of internal auditors a company should have Internal Auditing 4
C Should I get an Internal Auditor Certification of Exemplar Global / RABQSA? Internal Auditing 17
R Should internal auditors be compulsorily certified as internal auditors ? Internal Auditing 11
R Full Time Internal Auditor - Where should I be looking for someone? Career and Occupation Discussions 15
R What questions should I ask during Internal Audits? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
Z Should we recertify our internal auditors as we transitioned to ISO 9001:2008? Internal Auditing 1
S Internal Auditor Training - How often should an internal auditor be trained? Training - Internal, External, Online and Distance Learning 3
S Who should do the CA's (Corrective Actions) from Internal Audits Internal Auditing 9
S Internal Auditor Qualifications - What qualifications should I include? Internal Auditing 49
I Auditing the CEO - How? What should our Internal Auditor ask? Internal Auditing 6
A Should Customer Complaints trigger Internal Audits? Customer Complaints 6
A Scheduling Internal Audits - What should I be auditing and when Internal Auditing 8
K Should QS/TS certified internal test/calibration labs be required to be ISO17025 ISO 17025 related Discussions 16
B Why the Greek god Hephaestus should have done a design FMEA (DFMEA) on his giant robot APQP and PPAP 1
J On PFMEA for danger labels - Label always should be assigned severity 10 ? FMEA and Control Plans 3
H Who should be listed as the manufacturer/distributor on the box? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 15
M MDR, RED and LVD - Should our device comply with them? EU Medical Device Regulations 2
BeaBea How Many Processes should be created for each Department? Process Maps, Process Mapping and Turtle Diagrams 5
M Should volume of sales be factored into risk probability assessments? ISO 14971 - Medical Device Risk Management 33
MrTetris Should potential bugs be considered in software risk analysis? ISO 14971 - Medical Device Risk Management 5
S Should safety checks be included in the Control Plan? IATF 16949 - Automotive Quality Systems Standard 5
M Which incubation condition should be selected to recover both bacteria and fungus effectively Miscellaneous Environmental Standards and EMS Related Discussions 3
D Is there a specific location for PPE such as safety glass holders and glove dispensers should be mounted Occupational Health & Safety Management Standards 10
Robert Stanley Which Registrar Should I Choose for ISO 9001:2015 registration? Registrars and Notified Bodies 10
M Who should receive the bills from suppliers and vendors, account payable or procurement? Consultants and Consulting 4
V IATF 16949 8.4.1 Control of externally provided processes, products and services - Should the CB be on our Approved Supplier List? IATF 16949 - Automotive Quality Systems Standard 10
A We are ISO 13485:2016 should we be audited to ISO 14971 ISO 13485:2016 - Medical Device Quality Management Systems 16
E Received a Major finding during IATF Surveillance audit for loss of BIQS Level 3 (more than 6 SPPS in 6 months)...how should we address SYSTEMIC CA? IATF 16949 - Automotive Quality Systems Standard 11
J Organization merger. Should we keep two separate ISO 13485 certificates? ISO 13485:2016 - Medical Device Quality Management Systems 6
S Companies that maintain your machine should be in ASL? AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 2
S Use of "Shall" versus "Should" in Procedures ISO 13485:2016 - Medical Device Quality Management Systems 21
D Class II medical device - When should a complaint be closed? Customer Complaints 6
Sidney Vianna IATF 16949 News Presentations from the latest IATF Stakeholder Event - Expectation that IATF 16949 certification should equate with product quality. Misguided? IATF 16949 - Automotive Quality Systems Standard 7
L Clause 0.4 of ISO 9001 and EHS - Where should I stop the inclusion of EHS in my QMS ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
Ed Panek Part 11 Self Certify Memo - What else should it cover? Qualification and Validation (including 21 CFR Part 11) 5
H Should I mention machine/Equipment password In SOP? Qualification and Validation (including 21 CFR Part 11) 4
D How long should we keep the spare parts available for our medical device, after we have stopped the production? ISO 13485:2016 - Medical Device Quality Management Systems 0
Similar threads


















































Top Bottom