The Elsmar Cove Business Standards Discussion Forums More Free Files Forum Discussion Thread Post Attachments Listing Elsmar Cove Discussion Forums Main Page
Welcome to what was The Original Cayman Cove Forums!
This thread is carried over and continued in the Current Elsmar Cove Forums

Search the Elsmar Cove!

Wooden Line
This is a "Frozen" Legacy Forum.
Most links on this page do NOT work.
Discussions since 2001 are HERE

Owl Line
The New Elsmar Cove Forums   The New Elsmar Cove Forums
  Auditing
  Internal auditing focus

Post New Topic  Post A Reply
profile | register | preferences | faq | search

UBBFriend: Email This Page to Someone! next newest topic | next oldest topic
Author Topic:   Internal auditing focus
Jim Biz
Forum Wizard

Posts: 275
From:ILLINOIS
Registered: Mar 2000

posted 07 April 2000 07:07 PM     Click Here to See the Profile for Jim Biz   Click Here to Email Jim Biz     Edit/Delete Message   Reply w/Quote
Would be interested in opinions on "what direction" so to speak an internal audit should be focused....

Is it best to focus an internal audit toward commonly asked "standards requirements questions"? (there are a number of sources out in the world for these)

OR is it best to zero in the audit focus on specific internal practices?

Quite frankly we are currently using a combination of both but I can't be sure the Generic "ask every time questions such as - are there procedures in place & implemented for elementX.XX have any improvement validity to our system. This method to my thinking does however "cover each individual ISO section" - without having a minor written or evoking the need for our registrar to ask "have each standards section item been addressed"

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 08 April 2000 09:01 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
Start off by taking a rad through:
https://elsmar.com/ubb/Forum13/HTML/000063.html
and https://elsmar.com/ubb/Forum13/HTML/000012.html
and https://elsmar.com/ubb/Forum13/HTML/000059.html
and https://elsmar.com/ubb/Forum13/HTML/000037.html

My personal opinion is have internal auditors verify internal systems and let your management rep be responsible for ensuring the systems meet the spec (ISO/QS/whatever).

If you still have questions, come back and ask!

IP: Logged

Jim Biz
Forum Wizard

Posts: 275
From:ILLINOIS
Registered: Mar 2000

posted 10 April 2000 09:19 AM     Click Here to See the Profile for Jim Biz   Click Here to Email Jim Biz     Edit/Delete Message   Reply w/Quote
Thanks Marc - I agree completley with your opinion, but the prime directive of satisfying the auditor also enters in to the mix. Hopefully our current means of combining "standards based" must have answers for questions, and internal auditor added "internal systems" (what we need to know) questions should provide a balance in auditing.

IP: Logged

Dawn
Forum Contributor

Posts: 245
From:St. Marys, PA
Registered: Sep 98

posted 10 April 2000 10:03 PM     Click Here to See the Profile for Dawn   Click Here to Email Dawn     Edit/Delete Message   Reply w/Quote
Our registration auditor told us we "shall" audit every "shall" in the element being audited. Takes all the fun out of it and doesn't leave much room or time for continuous improvemnt.

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 11 April 2000 12:48 AM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
quote:
Originally posted by Dawn:

Our registration auditor told us we "shall" audit every "shall" in the element being audited. Takes all the fun out of it and doesn't leave much room or time for continuous improvemnt.


QS or ISO? Sounds to me like your registrar has decided that internal audits are not a sample. ISO does not even require every element to be audited yearly.

ISO9001:1994 reads:

4.17 Internal quality audits

The supplier shall establish and maintain documented procedures for planning and implementing internal quality audits to verify whether quality activities and related results comply with planned arrangements and to determine the effectiveness of the quality system.

Internal quality audits shall be scheduled on the basis of the status and importance of the activity to be audited and shall be carried out by personnel independent of those having direct responsibility for the activity being audited.

The results of the audits shall be recorded (see 4.16) and brought to the attention of the personnel having responsibility in the area audited. The management personnel responsible for the area shall take timely corrective action on deficiencies found during the audit.

Follow-up audit activities shall verify and record the implementation and effectiveness of the corrective action taken (see 4.16).

NOTES

20 The results of internal quality audits form an integral part of the input to management review activities (see 4.1.3).

21 Guidance on quality-system audits is given in ISO 10011."

QS9000:1998 adds:

"4.17.1 ÷ Internal Audit Schedules

Internal auditing should cover all shifts and be conducted according to an audit schedule updated annually. When internal/external nonconformances or customer complaints occur, the planned audit frequency should be increased."

I know the QS expectation is that all elements be audited yearly, but I can't find where it is written.

IP: Logged

Jim Biz
Forum Wizard

Posts: 275
From:ILLINOIS
Registered: Mar 2000

posted 11 April 2000 04:00 PM     Click Here to See the Profile for Jim Biz   Click Here to Email Jim Biz     Edit/Delete Message   Reply w/Quote
Marc - Our approach to audit timing focus and coverage was explained to me by my consultants et-all -- relating 4.17 to 4.1.3 Management Review wording.

IE: Management SHALL review "the quality system" (Implied meaning - all elements = all shalls) "at sufficient intervals to ensure effectiveness"(defined and/or implied to be yearly)

Therefore if all "shalls" (Including each individual ISO section and wording prase) is not internally questioned and compliance judged between yearly Meetings... then Management can not be effectively looking at the entire quality system.

If Review meetings "prescribed intervals" are longer than one year which is not required in writing ---- then they can all too easily be determined to be not sufficient/effective intervals...

Not saying here that I agree (in all or in part) with any of this but that was the explaination, and the "Standards Implied" basis reasoning. The way it turns out yes we have flexibility to concentrate on internal systems and improvement aspects in 4.17 and 4.1.3 takes a great deal of that flexibility away.

[This message has been edited by Jim Biz (edited 11 April 2000).]

IP: Logged

ALM
Forum Contributor

Posts: 80
From:Philadelphia
Registered: Jun 1999

posted 26 April 2000 02:00 PM     Click Here to See the Profile for ALM   Click Here to Email ALM     Edit/Delete Message   Reply w/Quote
Our auditor all but told us to audit by function and not by element. It avoids the repetition of asking each element question listed in the QSA (see: "take the fun out of it.)

I actually adopted our auditor's audit schedule to maintain that "function focus" listing all of the applicable elements in each. By doing so, we can cover every shall statement during the audit and have "fun" and variety from audit to audit even though we are essentially covering the very same elements each time.

For example... I never ask if "procedures have been established and implemented..." - if they are - they'll be there... and you make a note accordingly.

It really was a refreshing change and a great suggestion by our auditor (registrar).

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 26 April 2000 02:51 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
If you have read any of my rants, this is what I tell people. Internal audits should focus on function systems - not compliance to a spec like ISO9001. Let your management rep ensure your 'master' systems are compliance.

Most companies I see do the QSA type of audit in functional areas when they should be focusing on the functional area's systems / procedures. Dumb. But then again, that is exactly what the AIAG folks push. In fact, this whole push to 'certify' internal auditors is based upon this '...verify compliance to the spec..." idiocy.

IP: Logged

Dawn
Forum Contributor

Posts: 245
From:St. Marys, PA
Registered: Sep 98

posted 26 April 2000 07:44 PM     Click Here to See the Profile for Dawn   Click Here to Email Dawn     Edit/Delete Message   Reply w/Quote
ALM,
Do you have a blank sample of one of these audits I could take a look at? I have tried to do this but failed. I have asked consultants in the past to show me how to audit this way with no response-I believe because they didn't know what to tell me. I would really appreciate something generic to get me started. Thanks, Dawn

IP: Logged

barb butrym
Forum Contributor

Posts: 637
From:South Central Massachusetts
Registered:

posted 27 April 2000 08:24 AM     Click Here to See the Profile for barb butrym   Click Here to Email barb butrym     Edit/Delete Message   Reply w/Quote
Dawn, either flow the function or grab a highlighter and mark up the procedure asking the who what where when and why that come to mind...also the HOW and can you show me the evidence of that? Go in with a natural couriosity and you will get the answers you need..Do it well and you use that marked up copy as the checklist, and an audit trail note sheet for the record of responses and evidence. It shows in detail what was covered in the audit... helps in planning subsequent audits and in CA response/followup all the info is there clear and consise. What consultants do you use...can't be worth much if they couldn't show you this....its absolutely basic.

Consultants like that are what get everyone riled up bout the industry and how we are all useless fools out for a quick buck.....

[This message has been edited by barb butrym (edited 27 April 2000).]

IP: Logged

ALM
Forum Contributor

Posts: 80
From:Philadelphia
Registered: Jun 1999

posted 27 April 2000 10:14 AM     Click Here to See the Profile for ALM   Click Here to Email ALM     Edit/Delete Message   Reply w/Quote
quote:
Originally posted by Dawn:
ALM,
Do you have a blank sample of one of these audits I could take a look at? I have tried to do this but failed.

I've emailed you to send me a fax number and I will send the audit schedule right over to you.

To give you some insight:

1) Some things you will audit by element, and follow-up by looking for objective evidence, such as 4.1 Management Responsibility, and 4.3 Contract Review. Typically, those "elements" are in and of themselves "functions."

2) In our facility, we would audit manufacturing - we have the following relevant elements: 4.8, 4.9, 4.10, 4.12, 4.20. In other words, all of these "elements" can be audited while checking out what goes on in the entirety of manufacturing. To demonstrate how this helped - We USED to audit, say 4.10 - and go through the shop looking to see that we met it. Then, we would audit 4.11 - and go through the shop again. Then 4.12 - you see the monotony of the situation? On the same audit trail, auditing by function, I can check jobs to see if they have process control instructions (4.9), if it has been inspected/tested (4.10), if an appropriately calibrated tool has been used to inspect it (4.11), if the inspection and test status is readily apparent (4.12), if the results have been recorded (4.16), and, if applicable, whether the appropriate statistical data has been compiled (4.20). So, on one pass through the shop, I am now looking for a variety of elements, instead of making 5 or 6 different passes through the shop auditing each element. (I only wish I had realized this sooner.)

3) You can verify 4.16 while auditing just about every function with exception of lunch and break!

4) While checking out nonconforming product (4.13), you should also be checking out 4.14, and of course, 4.16.

5) 4.2, 4.5, and again, 4.16 should all be relevant during an audit of the Document & Data Control functions.

It has really made for a much smoother audit flow. Of course, you are flipping back and forth through the QSA making notes and verifying compliance, but again, it is much easier to look at ALL RELEVANT ELEMENTS that are occurring in a specific function, than to repeatedly visit a function over and over and over again as you go through the QSA element by element. Also, you change the flow of the audit from one to the next, too.

I hope I have provided some insight.

[This message has been edited by ALM (edited 27 April 2000).]

IP: Logged

Wallybaloo
Forum Contributor

Posts: 16
From:Oregon
Registered: Apr 2000

posted 27 April 2000 01:27 PM     Click Here to See the Profile for Wallybaloo   Click Here to Email Wallybaloo     Edit/Delete Message   Reply w/Quote
Although I read Marc's 'rant' about the idiocy, and agree to an extent, I think there is room for the use of both types of auditing. I schedule my audits on the basis of the 20 sections. This allows me to schedule based on the impact and history of the particular requirement, and dig more deeply into the subject. But then also, several times a year I schedule teams to do the 'audit trail' approach, where they pick a product that's on the shipping dock, ready to go. They follow this backwards through the shipping, packaging, assembly, etc. process, looking at many elements of the standards (we also have FDA, ISO 13485 & MDD). On one trail we may deliberately track back to a machined part, whereas on another we look for a purchased part.

I realize that there may be better ways, but this seems to work well, also.

IP: Logged

barb butrym
Forum Contributor

Posts: 637
From:South Central Massachusetts
Registered:

posted 27 April 2000 01:54 PM     Click Here to See the Profile for barb butrym   Click Here to Email barb butrym     Edit/Delete Message   Reply w/Quote
the funny thing is there is no right or wrong...just an expected result (a comprehensive report or recommendation) and a couple rules.

As I tell my auditor trainees....i can give you the rules and share my techniques and tools, help develop some skills... but in the end its an art that you must develop...you have to fill your own tool box with stuff that works for you.

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 27 April 2000 06:36 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
quote:
Originally posted by Wallybaloo:

....I think there is room for the use of both types of auditing.


I do not disagree. When I look at internal auditing I look at two things:

1. Real World
2. Utopia

In Utopia, all employees would be appropriately trained for internal auditing and compliance to the specification. As well as trained in many other things. The real world is each company takes a stand in how far they will go with this. We're all big kids here and with all our talk of ideal systems and intents, most companies do not go thru ISO or QS because they want to improve. QS folks tried a move to requite 'certified' internal auditors. I understand the reasoning and ideally that would be the case. But we start looking and asking at what cost? Have we reached a point where we have to hire someone full time to do this? Have we added a functionary to the company tree?

If I want to take the least intrusive route I'll out-source the audits.

Next level may be: I want internal auditors but they have their regular jobs. I don't want to have to train them to interpret the specifications involved. So - I'll let the management rep audit our top systems (level 1 and level 2) to the requirements and we'll let the internal auditors audit the meat - functional area (departmental, however you want to say it) procedures.

Next level may be: I want all our internal auditors to understand all the requirements. To do this we'll send each to lead auditor training.... etc.

Company size is often a significant factor. I won't begin to talk about the tenor of upper management (which is to say the company). If you have 5000 employees you're probably going to have a pretty well structured internal auditing function. You'll probably have some people dedicated to internal auditing.

As company size drops to 10 people, how you fulfill the requirement, and it's cost factor, changes. Does a company of 10 people want to spend the money for training and such to have a 'certified' internal auditor? Some do - some don't.

Another significant factor is the industry and the specific product(s). If you're making High Rel military equipment or air bags, you do need more positive control than if you make springs for seats. An air bag failure is a lot more significant than a failure of a seat spring failure.

A mixture is fine and for the most part typical and realistic. My only point is to think about how far you want to take internal auditing. My belief is that the more internal audits reveal, the more fundamental problems a company has.

IP: Logged

llamb
unregistered
posted 04 May 2000 09:10 AM           Edit/Delete Message   Reply w/Quote
I am employed by a small company approx. 70-100 employees total. I have been very concerned about the quality of our internal audits. Of course we all must do our "regular" everyday work and fit auditing in somewhere. We only have a couple individuals who have taken a basic internal auditing course. Other employees we use as auditors are "trained" by sitting in on ONE of our internal audits. Not enough in my opinion. I have brought up the idea of hiring (outsourcing) our internal audits, or at least some of them. My question to all of you is "Who can I contact for this service?" and "What would be the cost factor?" We have to weigh the cost of hiring out vs. the cost of professional auditor training for our current employees.
I also think by doing our own audits we all become more aware of the what is going on throughout the plant. So this tips the scale in favor of doing our own internal auditing.
I would like to hear some opinions.

IP: Logged

Jim Biz
Forum Wizard

Posts: 275
From:ILLINOIS
Registered: Mar 2000

posted 04 May 2000 10:15 AM     Click Here to See the Profile for Jim Biz   Click Here to Email Jim Biz     Edit/Delete Message   Reply w/Quote
Just a collection of thoughts - I agree with Barb there is no real "right or wrong way" to accomplish auditing of the system no matter which side of the focus is being used (standards approach or functional approach)..

Costs/outsourcing - usually prohibitive in my expierience - our local consultant is VERY reasonable - close to unheard of cheap in some areas-- but still commands a 60.00 per hour fee. Figuring it takes 80 - 90 hours to audit our system, an added 5500.00 per year would be dificult to justify..

Our company is of similar size - 100-150 folks... We do hold classes and train to the standards plus an overview of our supporting documentation prior to auditing assignments...takes 12- 16 hours training time.. no one is qualified to conduct an audit without the "formalized" training. However I find that the internally conducted audits may not be as "value added" or helpful to the improvement of our system as could be the case.

Most of our 6 internal auditors have been with the company for quite awhile - and it is difficult to "get past" the "lets not be too hard on ourselves and/or each other" outlook. (The auditor- will be the auditee eventually) Although I'm sure that there are companies out there that are more strict with internal audits than an external auditor would be...

Time factors - I schedule one auditor for one element/functional-section every other month and expect an audit to take 2-3 hours (prep time included)13-15 hours per year for each of the 6 auditors.. If it looks like the schedule is "lagging" I then use our local consultant to "fill in" where needed to bring the schedule up to date.

Other Possibilities:
Possible to "trade" auditing personnel time with other local companies in a similar business? Some advantage to both Independance Factors - Unbiased Outlook.
Disadvantage: Some top management folks "Frown" on having another companies personnel around "snooping"?

OR Hold an "audit week"- just turn you auditors loose on a scheduled basis for a "short set/schedule" time period - - audit the entire system in a weeks timeframe.
Advantage - system audited and covered quickly.. management has all the information in hand and ample time to correct where need be prior to external auditors visits.
Disadvantage: Focus on procedural/functional aspects is maintained through-out the company only during "audit week".

IP: Logged

Idotson
Lurker (<10 Posts)

Posts: 5
From:Sheridan, IN, USA
Registered: Jun 99

posted 04 May 2000 04:30 PM     Click Here to See the Profile for Idotson   Click Here to Email Idotson     Edit/Delete Message   Reply w/Quote
The company I work for was registred back in '97. Until just a last year our audit focus was compliance to the QS. What I noticed was that the longer we went the less the auditors found. What was happening was that the procedure and work instruction covered all the question the auditors were asking. We have redirected our focus to make sure the everyone is doing what the procedures and work instruction state, and we become less conserned with compliance to the standard because at this point the quality manual been reviewed at least 100 times.

IP: Logged

AJPaton
Forum Contributor

Posts: 73
From:Fayetteville, NC USA
Registered: Apr 2000

posted 04 May 2000 05:18 PM     Click Here to See the Profile for AJPaton   Click Here to Email AJPaton     Edit/Delete Message   Reply w/Quote
We're in the midst of a giant Internal Audit push, to correct problems uncovered in the last external audit.
We're going clause by clause, but I never even thought of just auditing the paperwork. Don't you have to go out where the product is being built/serviced/whatever and see that you are "Doing what you document." Also, what improvement can you do if you don't audit what is actually happening.
We have a wonderful set of procedures, some of which are followed. However, after a few years, your product changes, your production lines vary, and the wonderful procedures are outdated. Then you can guarantee that not only they won't be followed, but they will be considered useless.
Quality should not be a non-value added policy!
Sorry, I think I've got Audititis
AJP

IP: Logged

Jim Biz
Forum Wizard

Posts: 275
From:ILLINOIS
Registered: Mar 2000

posted 04 May 2000 05:52 PM     Click Here to See the Profile for Jim Biz   Click Here to Email Jim Biz     Edit/Delete Message   Reply w/Quote
Aj - I'd hafta Agree with you - If anyone is "Just auditing the paperwork" clause by clause - I'd be inclined to agree with one of Marc's earlier comments -

Your MGT REP should be responsible for doing "Desk Audits". Internal audits should be scheduled after a desk audit cofirms the standards have been addressed with direct contact/observation of the function/actions responsible for following them.

A good value added system improvement audit can't be effective until/unless the personnel preforming the function being audited are at least observed & questioned. This can be done "briefly" and effectivley if the audit itself is well planed ahead of time.

Regards
Jim

[This message has been edited by Jim Biz (edited 04 May 2000).]

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 05 May 2000 06:08 AM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
quote:
Originally posted by AJPaton:

We have a wonderful set of procedures, some of which are followed.
Some of which are followed? At least you're honest - but if the rest aren't followed why even have them? If you're having problems internally, I suggest this statement alone is evidence that you should be focusing on people doing what they are supposed to be doing. How do they decide which ones they will comply with and which ones not to? This statement is disturbing.
quote:
However, after a few years, your product changes, your production lines vary, and the wonderful procedures are outdated. Then you can guarantee that not only they won't be followed, but they will be considered useless.
This does nothing less than proclaim to the world that your company is failing in the basics. If your procedures do not change as your systems change and/or your procedures "...become outdated..." then your system is not a living system and your implementation of ISO is a total sham. Just a single point (of many, many I could make): If your systems procedures become outdated then the proper people are not reviewing and approving them - I would can the management rep. If your departmental and/or process related documents "...become outdated..." I sure don't want to buy your product.

I'm sorry, AJPaton, but if this is the case your company has, in my opinion, serious problems.

quote:
From Idotson:

We have redirected our focus to make sure the everyone is doing what the procedures and work instruction state, and we become less conserned with compliance to the standard because at this point the quality manual been reviewed at least 100 times.


This has been, and is, my point exactly.
quote:
Don't you have to go out where the product is being built/serviced/whatever and see that you are "Doing what you document."
Yes - In fact it should be your focus.

IP: Logged

lou hannigan
Lurker (<10 Posts)

Posts: 5
From:wayne nj usa
Registered: Jan 2000

posted 05 May 2000 09:47 PM     Click Here to See the Profile for lou hannigan   Click Here to Email lou hannigan     Edit/Delete Message   Reply w/Quote
quote:
Originally posted by llamb:

I am employed by a small company approx. 70-100 employees total. I have been very concerned about the quality of our internal audits. Of course we all must do our "regular" everyday work and fit auditing in somewhere. We only have a couple individuals who have taken a basic internal auditing course. Other employees we use as auditors are "trained" by sitting in on ONE of our internal audits. Not enough in my opinion. I have brought up the idea of hiring (outsourcing) our internal audits, or at least some of them. My question to all of you is "Who can I contact for this service?" and "What would be the cost factor?"



Dear Llamb
I happen to do contracted auditing for a living. I charge the market rate, which is a lot less than the registration audits. Some of my clients have their trainee auditors accompany me so that in a short time they become comfortable doing the audits. Then I'm out-a-there!

Rgds

Lou

------------------

[This message has been edited by Marc Smith (edited 06 May 2000).]

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 07 May 2000 06:31 AM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
quote:
Originally posted by llamb:

My question to all of you is "Who can I contact for this service?" and "What would be the cost factor?"


I am dumbfounded that you ask this question. You haven't even bothered to register here at the Forums, so I guess I shouldn't be surprised. It's obvious you haven't looked through the site. At the top of every forum page it says: "...Do You Need Consulting or Training Services?.." where you can click to be transferred to Elsmar.com/services.html where it tells you I provide these services. And there is a link to a ROM form for quotations.

But you have made me think about how many people take advantage of this site without once considering Cayman for related services they need. Because of this it is probable that I will either be discontinuing these forums or charging for access in the very near future.

IP: Logged

Don Watt
Forum Contributor

Posts: 70
From:Notts,United Kingdom
Registered: Mar 2000

posted 07 May 2000 02:50 PM     Click Here to See the Profile for Don Watt   Click Here to Email Don Watt     Edit/Delete Message   Reply w/Quote
Hi Marc,
You're obviously feeling more than a little brassed off at the moment. I can understand your view that you are being taken advantage of. For myself, it would be somewhat difficult to use Cayman from here in the UK, however as the site is such a useful and comprehensive resource I would not be adverse to paying for access. I do hope that you re-consider and do not discontinue the forums.

How's about all you contributors out there showing Marc some support - it would be a tremendous shame to lose this world wide network of "quality" contacts and shared resources.

IP: Logged

barb butrym
Forum Contributor

Posts: 637
From:South Central Massachusetts
Registered:

posted 07 May 2000 08:26 PM     Click Here to See the Profile for barb butrym   Click Here to Email barb butrym     Edit/Delete Message   Reply w/Quote
I agree it would be a terrible loss to us all if we lost this forum...it is a great sounding board for sharing ideas. but lets not forget, it is a business site, set up to advertise Caymen Systems services..... Marc has a legitimate complaint. He is providing a great service, and should get inquiries for consultancy. As a consultant/trainer...i am sure i can say for Marc or anyone else...don't assume the location is a factor. I travel to the UK often....from Boston. As a matter of fact it is often cheaper to go to London than it is california.... and sometimes even Newark NJ which is less than an hour flight !!!

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 07 May 2000 09:14 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
On 5/7/00 8:50 PM, LH wrote:

> Dear Marc,
>
> I apologize for not appreciating your position as pro bono provider of
> this forum and offering my services to llamb.
>
> I think the forum is excellent, would be willing to pay to access it,
> and would have no qualms on not getting any business from it.
>
> Please accept my apologies.
>
> Regards
>
> LH

I appreciate your e-mail. I want to assure you that you were not the impetus for my statement / reply.

There are a lot of consultants here. I have no problem with your offering your services to folks on the forums at all.

This morning I was pissed about a few things and to be honest, I didn't think about you or competition - I just really got to thinking about how many people do visit the forums and ask really stupid questions. I took that question as an insult.

"Who can I contact for this service?" Sheesh.... Makes me wonder how many people are friggin' brain dead.

IP: Logged

louie
Forum Contributor

Posts: 19
From:Rochester Hills, MI
Registered: Feb 2000

posted 08 May 2000 12:34 PM     Click Here to See the Profile for louie     Edit/Delete Message   Reply w/Quote
quote:
Originally posted by Marc Smith:

If you have read any of my rants, this is what I tell people. Internal audits should focus on function systems - not compliance to a spec like ISO9001. Let your management rep ensure your 'master' systems are compliance.


Nice if you have the resources, but at our company, I as the MR, schedule all the auditing for the entire company, follow up on them, do effectiveness audits, and all documentation of audits, management review, as well as validate that we cover all aspects of the quality system. We do audit to the process / procedure. I feel that if I have verified that we cover all aspects of the elements through our procedures / work instructions, that I AM auditing the entire system - in one swoop. So far, my registrar has been acceptable to this.

I do like the suggestion of others to audit following the project through our system, wondering how far in the future it'll be til I'll have a chance to try something new. We are so busy developing processes and trying to shave the un-value-added items, that there is little time to try to be creative!

Oh, in response to not thinking of Caymen as a consultant, guess I'm guilty also. Sorry, just got in the habit of seeking information without putting thought to how this forum exists!. Sorry........

[This message has been edited by louie (edited 08 May 2000).]

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 08 May 2000 12:49 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
quote:
...Nice if you have the resources....
Please explain.

IP: Logged

Laura M
Forum Contributor

Posts: 299
From:Rochester, NY US
Registered: Aug 1999

posted 08 May 2000 12:59 PM     Click Here to See the Profile for Laura M   Click Here to Email Laura M     Edit/Delete Message   Reply w/Quote
I agree...please keep this forum. For a service fee...if absolutely necessary. One thing us independent consultants can do is support each other. For those of you that don't realize, Marc helped me pull off a course in the T/E supplement to QS. In the spirit of quality and continuous improvement in our business, we need to have this information exchange available. For the non-consultants, appreciate that this is Marc's forum....if he can't help, he can find someone who can!

IP: Logged

louie
Forum Contributor

Posts: 19
From:Rochester Hills, MI
Registered: Feb 2000

posted 08 May 2000 01:00 PM     Click Here to See the Profile for louie     Edit/Delete Message   Reply w/Quote
quote:
Originally posted by Marc Smith:

Please explain.


As a one person QA department (in a company which fluctuates from 70-100) personnel, I find it difficult to cover all the bases adequately, let alone do a superb job.... I read your reply as sounding like there was "department" involvement as auditors (my husband's company audits their own department and is responsible for compliance by department) My company hasn't got that far yet, the previous MR did EVERYTHING and never included the 'working' people in development...they somehow got accredited, but I sure don't know how, cuz they don't do all the things they are supposed to do!! But we're working on it!!!

Editor's note: Edited for QUOTE formatting, not for content.

[This message has been edited by Marc Smith (edited 08 May 2000).]

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 08 May 2000 02:22 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
quote:
As a one person QA department (in a company which fluctuates from 70-100) personnel, I find it difficult to cover all the bases adequately...
I don't see this as an issue of resources.

Your company has to decide what to audit. You have to audit all 'elements' once a year.

0. Review past audits - internal and external. Identify problem areas.

1. Start at the top level - do you have procedures which address each 'element'? If not STOP. Note that this should not be an issue if you are already registered unless you allow changes to your 'master' systems (typically your level 2's) by someone unqualified (one who does not know and understand the specs you must meet and the implications of changes to the procedures. For most companies compliance should not be an issue.

2. Take your matrix which says which department(s) have to comply with which elements. Choose a sample. For example, take Quality Records. Almost every functional group will have quality records and thus have to comply to the element requirement. You don't have to audit every department for quality records - let's say we choose purchasing. Verify POs and other departmental quality records are controlled per the departmental procedure(s) and that if procedures are local that they meet level 2 requirements. You might want to choose a second sample - say receiving or design.

The idea of internal audits is to sample your systems - it is not to audit every procedure and every work instruction in every department you have, although the QS people sure like that approach.

quote:
...I read your reply as sounding like there was "department" involvement as auditors...
Most companies do have internal auditors in addition to the management rep. In some companies the Management Rep does everything - that is more common in smaller companies like yours. So yes - my paradigm when I think of internal auditors is: internal auditors are 'recruited' from the ranks and trained (not a 1 person show).
quote:
...my husband's company audits their own department and is responsible for compliance by department...
Which is fine as long as there is someone in every department who understands the requirements documents (ISO9001 included). I am not a fan of this methodology as it requires lots of people to interpret the requirements documents. Professional auditors (not to mention registrars) have enough trouble agreeing amongst each other in many interpretations - now you want to include a bunch of people in your company to understand the requirements documents and interpret requirements. I prefer where the management rep controls the masters (level 2's) to ensure compliance. That way only 1 person in your company is involved in interpretations.
quote:
the previous MR did EVERYTHING and never included the 'working' people in development...they somehow got accredited, but I sure don't know how, cuz they don't do all the things they are supposed to do!!
There are 2 issues here.

1. Most companies I have worked with had internal systems which met most of the requirements. Many do not, for example, have supporting documented procedures. However, as an example, most companies do have a way of identifying and segregating nonconforming product. So you document it. People aren't doing anything different - the only difference is there is a guiding document where there was none before. In this case the only thing you do is make people aware of the document covering what they are already doing. While it is not always this 'clean' (there are typically some adjustments) often there is no reason to involve folks in the development.

Don't get me wrong - I believe people should be involved in the process as much as possible. Often, however, the reality is they aren't involved much. Some complain they have their 'real' jobs to do (the nerve! )

It is the second issue that scares me, however. You say: "...cuz they don't do all the things they are supposed to do!!..." which tells me either you are wrong or your registrar was superficial. In any case, the question becomes is this a discipline issue or a training issue?

No matter - the topic is internal auditing. Whether you do everything your self or recruit internal auditors to assist, the total hours necessary to do the job will not change. They will depend upon the extent to which you plan your internal audits. Don't forget "...scheduled on the basis of the status and importance of the activity to be audited...".

"...internal quality audits to verify whether quality activities and related results comply with planned arrangements..." Are people doing what their procedures say?

"...and to determine the effectiveness of the quality system..." A management Rep function.

From the 2000 version:

"...8.2.2 Internal audit

The organization shall conduct periodic internal audits to determine whether the quality management system:

(a) conforms to the requirements of this International Standard;

(b) has been effectively implemented and maintained. The organization shall plan the audit program taking into consideration the status and importance of the activities and areas to be audited as well as the results of previous audits. The audit scope, frequency and methodologies shall be defined. Audits shall be conducted by personnel other than those who performed the activity being audited.

A documented procedure shall include the responsibilities and requirements for conducting audits, ensuring their independence, recording results and reporting to management.

Management shall take timely corrective action on deficiencies found during the audit.

Follow-up actions shall include the verification of the implementation of corrective action, and the reporting of verification results..."

IP: Logged

llamb
unregistered
posted 09 May 2000 07:21 AM           Edit/Delete Message   Reply w/Quote
Sorry about asking "stupid questions" Marc. I do realize you offer services. Just wanted some ideas on ballpark figures on the cost of such services out there. Also wondered how many others were contracting outside services to do their internal audits. This is the last time I will ask for any input from anyone on your forums. Again accept my apologies for using your forum without paying for it and for asking stupid questions.

Sincerely,
"Brain Dead"

IP: Logged

barb butrym
Forum Contributor

Posts: 637
From:South Central Massachusetts
Registered:

posted 09 May 2000 01:32 PM     Click Here to See the Profile for barb butrym   Click Here to Email barb butrym     Edit/Delete Message   Reply w/Quote
There are lots of people offering auditing services out there. You pay according to the level of expertise....from near nothing to 1200 day. You need to know what you want, and ask for quotes. look for trainees that have just taken a lead assessor course (look to your local ASQ) or call an experienced consultant. Decide if you want consulting options (as in examples of the fix to N/C), decide what you want the report/record to look like. Decide what you will be flexible on (this is where you will save money. Choose someone you can be completely comfortable/candid with. CHECK references !!!!!!! NoT everyone is cut out to be an auditor.......There are some real talented consultants that make terrible auditors...everyone has a stregnth,,chose someone who is good at auditing/communicating.

And you could always find a company nearby that would like to team up.

This is probably what you were looking for in the first place...when we all jumped on you for not giving Marc the credit he so deserves........

IP: Logged

All times are Eastern Standard Time (USA)

next newest topic | next oldest topic

Administrative Options: Close Topic | Archive/Move | Delete Topic
Post New Topic  Post A Reply Hop to:

Contact Us | The Elsmar Cove Home Page

Your Input Into These Forums Is Appreciated! Thanks!


Main Site Search
Y'All Come Back Now, Ya Hear?
Powered by FreeBSD!Made With A Mac!Powered by Apache!