Simpified ISO 9001 Internal Audit Questions

Marc

Hunkered Down for the Duration with a Mask on...
Staff member
Admin
#11
Rob Nix said:
and from Craig Cochran:

*** BAD LINK ReMOVED ***
I had to take out the link because it had a bunch of periods in it and would not resolve. Please repost if possible.
 
Elsmar Forum Sponsor
N

NAOTB

#12
Thank You to everyone !!

I want to thank everybody who posted to my original question. Thank you Claes for links and to Craig for more beneficial insight into audit questioning.
Although telling somebody to form their own questions is helpful, practical explanations and/or examples are more valuable. The production audit checklist and the Management audit checklist along with the Standard references have led me down the path that my initial question for help was intended. It points out matter of factly that no question is a stupid one.

This forum is fantastic and I look forward to exploring and using it often. :applause:
 
J

Jim Howe

#13
NAOTB said:
I want to thank everybody who posted to my original question. Thank you Claes for links and to Craig for more beneficial insight into audit questioning.
Although telling somebody to form their own questions is helpful, practical explanations and/or examples are more valuable. The production audit checklist and the Management audit checklist along with the Standard references have led me down the path that my initial question for help was intended. It points out matter of factly that no question is a stupid one.

This forum is fantastic and I look forward to exploring and using it often. :applause:

When ever I perform an internal audit I start at the top. Let say that we select Purchasing. We start with the QA manual and run copies of all sections pertaining to Purchasing. Then on to the QA Procedures and pull all that affect purchasing, next its detailed work instructions.

Now that I have my "stack" I begin the review of each of these documents taking notes and highliting as I go. Next I begin to write the questions, I the auditor, want answers to. Just remember not to try to ask questions of everything in the procedure, select what you think needs asking. It is rather easy. Take the requirement from the procedure and simply put it in question form.

In short it is called and an "audit plan". This plan is forwarded to the exec VP for review. Once approved by the VP the plan is issued to the department head with a scheduled audit date of 2 weeks.

In two weeks the audit begins and when it is over we issue the customary list of findings and concerns. Corrective actions are requested for all findings with a two week follow up.

I have not found an easier way that yields better results. All audits must be a learning experience and must contribute to the bottom line or they are a waste of time. I do however use checklist for all product audits.
:2cents:
 
A

AllanJ

#14
NAOTB said:
I want to thank everybody who posted to my original question. Thank you Claes for links and to Craig for more beneficial insight into audit questioning.
Although telling somebody to form their own questions is helpful, practical explanations and/or examples are more valuable. The production audit checklist and the Management audit checklist along with the Standard references have led me down the path that my initial question for help was intended. It points out matter of factly that no question is a stupid one.

This forum is fantastic and I look forward to exploring and using it often. :applause:
Returning to the original question, I have been steadfastly opposed to using preprinted checklists for many years. A competent auditor must be able to prepare his/ her own "Audit Guidance Tool", to quote from the book "Management Audits", (This book is written by the poster, HA) in which that subject is discussed at considerable length. Moreover, it is wrong for management to assign to an audit any person who does not understand the process or system to be audited. Whereas there are no "stupid questions", there are questions born out of ignorance or inadequate preparation that can irritate the auditee, whose time is generally at a premium. The audit must be productive and not waste time, especially given the fact that management frequently do not provide the proper amount of time an audit merits.

Value is not delivered when the auditor is groping his/her way around, unsure of what to say, unprepared, possessing an inadequate "Guidance Tool" or inadequately backed by the requisite expertise in the audit team.
 
Last edited by a moderator:
B

BRoberts

#15
I wish I had found this thread before! We have just completed our second series of internal audits since obtaining our TS16949 certification, and we have struggled through both of them to figure out the best way to make sure we address everything. We do not have full time internal auditors, so those of us who do it question if we are "forgetting something". We do use a checklist based on the IATF Checklist to ISO/TS16949:2002 (that they are discontinuing) that has an "interpretation" of the question. (What does it mean to our company?) We broke up the questions in groups that aligned them with our processes. (It's not cut and dry because some items should be looked at in multiple processes.) BUT we don't read the questions verbatum. We have questions prepared like the "Ten Essential Audit Questions" by Craig Cochran to gather information. Then we take the information we gathered and compare it to the audit checklist to see if we have found evidence of conformity/non-conformity to cover the clauses. We really use the questions to make sure we don't overlook things.

In addition to the questions, we added a section of "information to record for review in other processes" (based on linkages between the processes). As an example, when auditing the manufacturing process, we record information on gage numbers with dates of calibration to use in auditing our calibration system, and operating procedures for confirmation of document control and linkage to customer requirements.

Does anyone have any good ideas on how to improve on this given we are using part time internal auditors? It has been a hard transition from element auditing to process auditing so I'm open to any suggestions to make our system as effective as possible.
Thanks!
:rolleyes:
 

RoxaneB

Super Moderator
Super Moderator
#16
BRoberts said:
Does anyone have any good ideas on how to improve on this given we are using part time internal auditors? It has been a hard transition from element auditing to process auditing so I'm open to any suggestions to make our system as effective as possible.
Like you, we do not ask the questions verbatim. We do have a checklist to follow...the requirements written in plain-english questions, along with some possible expected answers. However, our p/t auditors are trained on how to develop their checklists, how to rephrase their questions, options for note-taking skills, and so on.

But the hard part is getting them to take off their "normal job" hat and put on the hat of "internal auditor." For this, I pair up the team auditors with strong leads and, as our internal audit process requires, a planning and preparation meeting is conducted a day or two in advance of the actual audit. This allows the audit team to sit down and discuss where they would like the audit to go and to fully understand the process and requirements of what is being audited. It ensures the necessary focus and attention is provided. We noticed a dramatic improvement in our audits with this kind of pre-audit meeting. Not only were auditors more comfortable (thus auditees were more comfortable), but the audit results were more beneficial.
 
B

BRoberts

#17
Thanks for the info. We kind of "informally" did a prep meeting with our less experienced auditors we used last time, but I can see where a more organized effort would have been helpful. We do use stronger leads with the weaker auditors. Actually, what we are doing is using one lead auditor to coordinate the audits to see that the everything is pulled together and the linkages between processes are checked.

Just out of curiosity, how many auditors do you have? We have two manufacturing plants with about 500 people and have 4 people trained as lead auditors and two internal auditors. Our intentions are to train a few more internals to work with the leads. I really don't think a large group of auditors is necessary or practical. In the days of element auditing it was easier to have a larger group of auditors, but with process auditing, it seems almost necessary to have a smaller group so that linkages observed in one process are checked in others.

:D
 
A

amr1234

#18
System Audit

Guidance is requested from you, the experts. I am having a bit of trouble actually grasping a solid technique while auditing the system portion of TS audits. It's a bit illusive to me. I almost "get it", then it drifts away again. CRS, perhaps. Information overload, more than likely.

For example, we have an area set on our audit schedule for auditing Customer Specific Requirements. Any recomendations for this?

:bonk:
 

E Wall

Just Me!
Super Moderator
#19
Process Auditing

Response to: amr1234

Let's remember to keep it simple. Basic functions can be broken down to: Input, activities, and output. When you audit (anything) - an auditor must ask or verify:
1) What are the requirements? (where defined, how controlled, etc...)
2) Ensure there has been effective communication of requirements to all levels, as appropriate. (keep notes to see if feedback is standardized)
3) How do you meet the requirments? (Walk through - Show-me)
4) Check for any evidence that requirements were met. (product, records, etc...)
5) What are your goals? (How applied to measure the process?)
6) If analysis shows actions are needed how is this done? verified? horizonally reviewed/launched for similar impact to other processes? etc...

Remember - we're all in business to succeed. Is what is being done adding value? Could value be added? Identify waste and remove it - if practicable!

Hope this helps (each of these can be broken down different ways and more can be added) - just meant as a generalized summary of auditing.
 
S

Sean Manning

#20
Cheers on the link to the free files. The Cove should prove very beneficial once I get the hang of it.
 
Thread starter Similar threads Forum Replies Date
chris1price Archiving of paper records - ISO 9001 7.5.3.1b Records and Data - Quality, Legal and Other Evidence 2
M Transferring ISO 17025 from one company to another ISO 17025 related Discussions 1
D Common practices in ISO 9001 deployment ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
Q ISO 9001-2015 Internal audit finding Internal Auditing 12
B ISO 17025:2017 risk management Risk Management Principles and Generic Guidelines 0
P Audit check for IT company (ISO 9001) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
M Label Making & Printing Standards ISO / ASTM ISO 13485:2016 - Medical Device Quality Management Systems 5
Sidney Vianna Interesting Discussion Should ISO 9004 be changed from a guidance standard to a requirements standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
Ed Panek ISO 13485:2016 Section 5.5.3 ISO 13485:2016 - Medical Device Quality Management Systems 3
Q Do these certificates of calibration meet ISO 9001 requirements for traceability to NIST? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
ebrahim QMS as per ISO 13485, Clause 4.2 Requirements for regulatory purposes for Medical Devices Authorized Representatives. ISO 13485:2016 - Medical Device Quality Management Systems 3
S ISO 2768-mk print call out Other ISO and International Standards and European Regulations 11
T ISO 17024, clauses 4.3.8. and 5.1.1. Other ISO and International Standards and European Regulations 4
C ISO 14001:2015 6.1.3 Compliance Obligations - Legal requirements monitoring ISO 14001:2015 Specific Discussions 0
C Requirement to link Quality Manual to ISO 9001 clause numbers? ISO 13485:2016 - Medical Device Quality Management Systems 13
D ISO 13485 scope (implantable) - Polymers for dental application EU Medical Device Regulations 9
W First time being audited (ISO 9001), asking for advice ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
John C. Abnet ISO 26262 ISO 26262 - Road vehicles – Functional safety 3
Marc ISO 26262- Road vehicles – Functional safety ISO 26262 - Road vehicles – Functional safety 0
John C. Abnet ISO 26262 IATF 16949 - Automotive Quality Systems Standard 0
A ISO/DIS 15223-1:2020 - Country of manufacture label (IEC 60417 No. 6049) - Which national law requires this symbol? Other Medical Device Related Standards 0
P ISO 14644 Class 8 Cleanroom Air Filter Requirements Other Medical Device Related Standards 4
K PDCA cycle and ISO processes alternative model Quality Management System (QMS) Manuals 14
N ISO 13485 7.3.9 Change control in medical device software ISO 13485:2016 - Medical Device Quality Management Systems 6
A ISO 13485 procedure change and reflect to legacy manufacture items ISO 13485:2016 - Medical Device Quality Management Systems 2
D ISO 13485 & CE Certification for Surgical Gloves CE Marking (Conformité Européene) / CB Scheme 0
S ISO 11137- Simulated product vs SIP Other Medical Device Related Standards 2
D Which ISO Standard to purchase? ISO 13485:2016 - Medical Device Quality Management Systems 7
V ISO 10360-5: 2020 Gap analysis and Action plan Excel .xls Spreadsheet Templates and Tools 1
Q ISO 9001 - Reseller Exclusions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
S Inventory Listing and ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 3
C ISO 45001 6.1.2.1 Hazard Identification Occupational Health & Safety Management Standards 1
T The difference between ISO 14644-3:2005 and ISO 14644:2019 Other Medical Device Related Standards 2
S Any ISO standards around Artificial Intelligence and Machine Learning? Medical Information Technology, Medical Software and Health Informatics 4
R AS9100D internal audit checklist or ISO 9001 2015 to AS9100 D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
M ISO 13485:2016 Certification Scope ISO 13485:2016 - Medical Device Quality Management Systems 2
N ISO 9001 - Training business with fewer than 5 employees ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
P Should eIFU link per ISO 15223-1:2016 be added to labels out of scope of Reg 207/2012? EU Medical Device Regulations 1
J Opportunity in ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 27
D Reports under change management | ISO 13485:2016 & ISO 9001:2015 ISO 13485:2016 - Medical Device Quality Management Systems 3
P ISO 8 classified medical manufacturing room Qualification and Validation (including 21 CFR Part 11) 1
Le Chiffre Online training available for ISO/IEC 17021-1: Requirements for bodies providing audit and certification of management systems Training - Internal, External, Online and Distance Learning 3
B ISO 6508 and portable hardness measurement instruments General Measurement Device and Calibration Topics 0
M Scope for ISO 13485 Certification of a Translation Service Provider ISO 13485:2016 - Medical Device Quality Management Systems 17
S Knee Implant (Femoral -Cobalt chrome)-Sub chronic toxicity test (ISO 10993-11)choice of root Medical Device and FDA Regulations and Standards News 2
Sidney Vianna Release of ISO 10013:2021, Quality management systems – Guidance for documented information Other ISO and International Standards and European Regulations 0
K Integrating ISO 9001:2015 with ISO 17025:2017 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
Q ISO 13485 7.5.6 Validation - Off the shelf Software ISO 13485:2016 - Medical Device Quality Management Systems 3
A ISO 13485 Certification for Resin Manufacturer ISO 13485:2016 - Medical Device Quality Management Systems 4
R Remote Audits for ISO 9001 (or any other standard) General Auditing Discussions 31

Similar threads

Top Bottom