SBS - The best value in QMS software

Why internally audit ISO clauses for ISO 9001:2000? (Small company)

B

Bob_M

#1
Why internally audit ISO clauses for 9k2k? (Small company)

My thinking may be a bit off here but I'll post it anyways...

With the change from ISO 9001:1994 which was very element and checklist oriented (typically) to 9k2k which is suppose to be process, flow and effectiveness based...

Why would you want/need to audit your company's compliance to the ISO standards ASSUMING YOU'VE PASSED REGISTRATION AND BUILT A GOOD SOLID SYSTEM THAT TRULY FOLLOWING ISO?

Shouldn't "good" systems really just be audited based on internal processes, procedures, and flow?

In theory the Quality Manager/ISO Coordinator/Someone should be verifying that all new/changed procedures/processes follow ISO BEFORE they are implemented.
-----------
This question stems the fact that we/I need to schedule our next "round" of Internal Audits in the not-to-distance future and our small company's auditors really don't 100% understand ISO but do know OUR requirements...

We don't want to focus just on ISO like our our 1994 style audits which really didn't do us any good... (Different Quality Manager)

Why waste time teaching/auditing to the ISO standards, when we are suppose to be focusing on the processes during IA?
-----------
If I'm way off please straighten me out!
I'm not quite sure how we're going to run our next round of IAs.
The last round was used as mainly a document auditing process while we were re-writing MOST of our procedures and work instructions (for our OWN needs), and it just happened to work well with our ISO upgrade process.
Our auditor was OK with this round's FOCUS, but we definately need to focus on the processes and objective evidence the next time...
 
Elsmar Forum Sponsor

Randy

Super Moderator
#2
You're nowhere near being off track, in fact you so much on it's scary! :eek:

Your audit should be against the implementation and continuing operation of your system that was established to meet the requirements of the standard. Your internal auditors needn't concern themselves with walking around looking for conformance to 7.whatever, they need to focus on the system and the system requirements (what we say vs. what we do). Now where it gets tricky is to show that the audit process is effective and that you are addressing all the 4.-8. stuff. You've got to audit the audit so-to-speak.

You're asking good questions and you're answering them at the same time.
 
J

Jimmy Olson

#3
Our internal audit system is set up to look for performance rather than compliance and we haven't had any problem. Of course compliance to the standard is in the back of our mind so no surprises come up during our regular audits.

Our schedule is broken down by areas and departments and we look at the processes for that area as well as our own procedures. As part of the planning for each audit we look at the standard and see what clauses apply for that area and that way we can claim that we are adressing the standard, but the focus is looking for improvement opportunities.

Based on what you mentioned so far it sounds like you're on track for a good system without any problems. Just make sure that you keep the standard in the back of your mind so you can keep the external auditors happy :D
 
B

Bob_M

#4
Re: Why internally audit ISO clauses for 9k2k? (Small company)

Randy said:
You're nowhere near being off track, in fact you so much on it's scary! !:eek:

Your audit should be against the implementation and continuing operation of your system that was established to meet the requirements of the standard. Your internal auditors needn't concern themselves with walking around looking for conformance to 7.whatever, they need to focus on the system and the system requirements (what we say vs. what we do). Now where it gets tricky is to show that the audit process is effective and that you are addressing all the 4.-8. stuff. You've got to audit the audit so-to-speak.

You're asking good questions and you're answering them at the same time.
Well at least I'm on track... It may be slightly to get our auditors to understand the "new" concept, but at the same time I still have some tweaking of our manual and process maps before our Upgrade Audit so maybe it will be easier to figure out/schedule/explain later...
(Maybe I'm worrying to soon again:bonk:)
-------------
If we are able to sucessfully audit our system to check
what we say vs. what we do
and judge the effectiveness of OUR systems
then in a (BSI) auditor's eyes we should be OK for covering internal audits?
 
#5
The only time you might need to reference the standard is when something changes, or in some rare instances you have no documentation that is directly auditable.

An example might be the designation of a Management Rep -- You might have who the management rep is documented [a record], but no where in you documentation is the "shall", that you would audit against. Without referencing the standard, you would not even be aware that a MR is required.
 
B

Bob_M

#6
Re: Why internally audit ISO clauses for 9k2k? (Small company)

db said:
The only time you might need to reference the standard is when something changes, or in some rare instances you have no documentation that is directly auditable.

An example might be the designation of a Management Rep -- You might have who the management rep is documented [a record], but no where in you documentation is the "shall", that you would audit against. Without referencing the standard, you would not even be aware that a MR is required.
Good Point!
Although that should not be a problem unless there was no "ISO" champion/cooridinator or actual quality manager in the future.
------------
To be honest ISO 9k2k sounds very easy on the surface.
But upgrading, implementing, and auditing are not as easy or easy to plan (at least for me).
I'm sure I'll be looking for specific help when I need to work on the IA planning/scheduling.
 

howste

Thaumaturge
Super Moderator
#7
8.2.2 Internal audit
The organization shall conduct internal audits at planned intervals to determine whether the quality management system
a) conforms to the planned arrangements (see 7.1), to the requirements of this International Standard and to the quality management system requirements established by the organization, and
b) is effectively implemented and maintained.
You still need to audit to make sure that your system conforms to the ISO requirements. The focus should really be on 8.2.2b once the system is established, though IMO.
 

Randy

Super Moderator
#8
Re: Re: Why internally audit ISO clauses for 9k2k? (Small company)

Bob_M said:
If we are able to sucessfully audit our system to check
what we say vs. what we do
and judge the effectiveness of OUR systems
then in a (BSI) auditor's eyes we should be OK for covering internal audits?

I thought I was looking thru the eyes of a BSI auditor (if a part-time one counts) ;)

Just make sure during the course of your audit process that the essential requirments are being addressed. How you say you do it and how you do it are up to you. Within your audit plan you might want to provide some visual guidance as to how the 4.-8. dribble is being maintained or whatever.

The audit plan is essential. You need to be sure that your plan addresses the neat things like objective, scope and criteria. One of the easiest ways to do this is to use ISO 19011:2002, 6.4.1 Preparing the audit plan.

The audit plan should cover the following:
a) the audit objectives;
b) the audit criteria and any reference documents;
c) the audit scope, including identification of the organizational and functional units and processes to be audited;
d) the dates and places where the on-site audit activities are to be conducted;
e) the expected time and duration of on-site audit activities, including meetings with the auditee’s management
and audit team meetings;
f) the roles and responsibilities of the audit team members and accompanying persons;
g) the allocation of appropriate resources to critical areas of the audit.
The audit plan should also cover the following, as appropriate:
h) identification of the auditee’s representative for the audit;
i) the working and reporting language of the audit where this is different from the language of the auditor and/or
the auditee;
j) the audit report topics;
k) logistic arrangements (travel, on-site facilities, etc.);
l) matters related to confidentiality;
m) any audit follow-up actions.


Use this as a guide. Audit success (as with anything else) begins with planning.

You've got you head screwed on pretty good here ;)
 
C

Craig H.

#9
Bob

I remember discussing this in a previous thread, but I couldn't find it.

The way I look at it is this. We design our quality system with ISO 9001 (9004) in mind. Our internal audits do look at the standard itself, but almost always focus on making sure we do what we say we do (as has just been mentioned). The external audit is much more focused on the standard, but if we get caught not doing something in one of our procs, "DING".

I am not sure this is intentional, but people tend to gravitate toward what they are most familiar/comfortable with.

JMHO
 
S

Shaun Daly

#10
We never have audited our system v ISO itself after registration.

As other peole have done, we audited our performance (and compliance to our system).

However, as I read somewhere recently - things degrade with time.

Changes to your system should be approved as ISO compatible before implementation, but........

If your organisation is anything like mine, you have a 100 people running about like lunatics introducing new products, inhabiting new buildings, a constant turnover of staff;

Can you(we) be everywhere, everywhen?

After a few hiccups here I am starting to take the view that a complete system check TO ISO is not such a bad idea every now & then.

Once a year? How long will it take for a small company to do this. 1 day? 2?

How many embarrasing NC's during surveillance audits will it save?
 
Thread starter Similar threads Forum Replies Date
C How will I Internally Audit my BPO Center for ISO 9001:2000 Internal Auditing 8
C Can You Internally Audit a Process You Own? Internal Auditing 25
K Requirements for 2nd languages? I can't even audit them internally IATF 16949 - Automotive Quality Systems Standard 59
C Method of Monitoring our Internally Produced Non-Conforming Products Quality Tools, Improvement and Analysis 7
T Are internally found Medical Device Software "Bugs" Complaints? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 3
D Sharing ISO Standards internally on company computers ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
S Internally powered ME with non-conductive applied parts IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
R Isolation of Internally Powered (3.3 Vdc) ME Equipment IEC 60601 - Medical Electrical Equipment Safety Standards Series 1
R Single Fault Condition for Internally Powered Medical Device IEC 60601 - Medical Electrical Equipment Safety Standards Series 4
S Should Client Controlled Procedures be Controlled Internally by us as well? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
R Referencing and Controlling Labels & Stickers used internally throughout Production Document Control Systems, Procedures, Forms and Templates 1
H How do we use AS9101D internally? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
A Internally Powered Medical Device and Dielectric Strength IEC 60601 - Medical Electrical Equipment Safety Standards Series 17
D Means Of Protection of the Video OUT of an Internally powered device IEC 60601 - Medical Electrical Equipment Safety Standards Series 5
M All Internally Generated Documents ? Required to be Controlled or Not All? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 19
J What PPM (Parts Per Million) targets do you use internally? Quality Tools, Improvement and Analysis 9
B Calibration of "Z" class ring gauges internally using a CMM General Measurement Device and Calibration Topics 5
B Can I calibrate Optical Comparators internally? General Measurement Device and Calibration Topics 22
A Gauges on pressure tank - What is the best way to calibrate a psi gauge internally? General Measurement Device and Calibration Topics 6
L Posting portion of standards internally? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
E Wall Internal Auditor Training - Done internally Training - Internal, External, Online and Distance Learning 7
M IATF 16949 - Audit of Remote Location/Support Site and IT IATF 16949 - Automotive Quality Systems Standard 4
Q IATF audit - Root Cause Analysis results IATF 16949 - Automotive Quality Systems Standard 5
Q Self-assessment audit information Quality Management System (QMS) Manuals 6
Le Chiffre Online training available for ISO/IEC 17021-1: Requirements for bodies providing audit and certification of management systems Training - Internal, External, Online and Distance Learning 3
xfngrs NIOSH Audit for N95 respirators US Food and Drug Administration (FDA) 1
Sidney Vianna IATF 16949 News Risked Based Audit Day Calculation IATF 16949 - Automotive Quality Systems Standard 2
T AS9100 audit due to facility move AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
M ISO 13485:2016 internal audit checklist Medical Device and FDA Regulations and Standards News 5
A Internal Audit Questions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
B SAP Audit trail Periodic Review EU Medical Device Regulations 1
N What are the software audit and control steps Reliability Analysis - Predictions, Testing and Standards 2
R Gap Audit Aerospsace and Rail QMS Quality Manager and Management Related Issues 0
salaheddine96 Internal audit planning Internal Auditing 2
A MDSAP Audit Questionnaire Medical Device and FDA Regulations and Standards News 3
H Obligations as a contract manufacturer during an MDSAP audit ISO 13485:2016 - Medical Device Quality Management Systems 5
M What are the basics of Medical Device Single Audit Program (MDSAP)? ISO 13485:2016 - Medical Device Quality Management Systems 7
Sidney Vianna IATF 16949 News Update on the IATF CARA Project (“Common Audit Report Application”) - 12/2020 IATF 16949 - Automotive Quality Systems Standard 1
R ISO 17025 vertical audit checklist wanted Document Control Systems, Procedures, Forms and Templates 2
Z Rapid audit template for plastic parts manufacturing process Manufacturing and Related Processes 12
M ISO 9001 Major Nonconformance Internal Audit Schedule/COVID-19 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
S Quality Audit Training Activities Quality Manager and Management Related Issues 3
G IATF Rules for COVID 5th revision - Re-certification audit timing IATF 16949 - Automotive Quality Systems Standard 3
E MDR internal audit Medical Device and FDA Regulations and Standards News 0
Ed Panek Remote Audit GOTOMEETING thoughts Coffee Break and Water Cooler Discussions 22
B ISO 9001 - "Remote Audit Fee" Registrars and Notified Bodies 13
L IATF external audit virtual (remote) IATF 16949 - Automotive Quality Systems Standard 12
M Audit Criteria Training Materials Internal Auditing 1
K New supplier audit as per V3.1 by French Automotive OEM General Auditing Discussions 2
S Complexity Rating - CB adding another audit day for "high complexity" AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6

Similar threads

Top Bottom