posted 13 July 2001 05:10 PM               

Make your management aware of the issues, continue to do your job, and hope for the best.

posted 14 July 2001 10:31 AM               

DOCUMENT all of your activities, if possible use email with response required and save those. Even if you don't get responses keep all memos and warnings. You are just one person and cannot do the whole job. Make sure the areas you are responsible for are covered.

The auditor will likely pick up on the lack of commitment and act accordingly. When you get your majors or minors you will at least have your butt covered.

Good luck!

posted 16 July 2001 03:05 PM               

I was just thinking of ways that he might be able to get people to want to do the audits. IMHO, I don't think Management telling people they have to do the internal audits is very effective, becuase they will more than likely go into the audit with the attitude that they want to just get it done and over with and not do a very good job. I would rather have people who want to do the audit, but like I said before thats just MHO.

posted 16 July 2001 04:13 PM               

We allow for flexibility of style so long as results are reported in a standard format and they all keep clear consise notes (goal: anyone should be able to read & recreate what they have done or pick up from where they left off if need be).

posted 16 July 2001 04:16 PM               

Just like you said. Let's get it over with so I can back to my real job! As far as Management directing the work force. Believe me, there is only one option. My way or the highway. We are really at the beginning of our ISO program, just finished Auditor Training and will begin some practice Audits this week. So, the long term effect isn't known. My guess is that certain people will eventually be replaced if they don't perform. They won't lose their real jobs. These people are self starters and valuable where they are. Some people are just not cut out for this Auditor thing. Currently, I have 7 auditors, plus myself. That's enough for a rotation scheme and to eliminate any conflict of interest.

posted 16 July 2001 05:35 PM               

In addition, because the folks who you outsource to are not 'company' employees, they often get the attention needed and 'get the audit done' without all the hassle.

Also see https://elsmar.com/ubb/Forum13/HTML/000037.html and https://elsmar.com/ubb/Forum13/HTML/000041.html and (although it's a bit dated) /level2/4_17.html

posted 18 July 2001 12:51 PM               

Beware the following SPAM which is circulating. It's obvious from the wording it's bunk - pure come-on. He says:

-> In recent months, I have been hearing that more
-> organizations areoutsourcing the Internal Audit function.

'Zat so?? You're a bit late in 'hearing about this', sir.

If this guy/company is so out of touch that he's just now 'seeing the light', I wouldn't want him working for me.

**********************************
Received: from 66-44-67-155.s409.tnt7.lnhva.md.dialup.rcn.com ([66.44.67.155] helo=erols.com)
Date: Wed, 18 Jul 2001 12:12:56 -0400
From: Ira Epstein
Subject: ISO 9001 Internal Auditing

Good Morning,

In recent months, I have been hearing that more organizations areoutsourcing the Internal Audit function. Based on some conversations andmy experience, I am beginning to see the benefits of farming out thiscritical process. Some of these benefits include:

You can save on internal auditor training.
You don't have to take part time auditors off their regular jobs.
You get professional, experienced, certified outside auditors.
You get a broader view from outside auditors.
You are guaranteed auditor independence.
The cost of outside auditors is offset by savings in training,
audit planning, auditing, audit follow-up, etc.
You get consulting advice regarding corrective actions and
improvements.
You are better able to refute registrar findings and
recommendations.
You do not have to train your auditors on "process auditing" as
required in ISO 9001:2000.
You can supplement your internal audit team.
Outside auditors often have greater credibility with management.
Outside auditors often have greater creditability with auditees.
Outside auditors often operate more effectively and efficiently.
Outside auditors often can be value added during organizational
down sizing, organizational expansion and reorganization.

To find out more about outsourcing Internal Audits, please contact me.

Ira Epstein
Value Management Associates
703-239-9670

****************************

Ira, I didn't appreciate the SPAM. I get enough as it is.

I will agree with many of the positives of outsourcing internal audits stated, however.

703 is in the Arlington, VA USA area, folks. Beware. If they have to resort to SPAM to get clients, I consider them very suspect.

posted 18 July 2001 07:46 PM               

The way we worked it was that I, as the MR, would control the schedules and possible corrective actions and follow through with those.

I still have a concern about the Management Representative being the auditor in a company. In past experience I could sit at my desk and do the audit because I knew all of the "holes" in the system.

And at the time we hired a gentelman that worked for $45/hour. I knew him before but it was still a good deal and let people keep up with their daily duties.

As I said, each company is different and the subject should be brought up with the registrar and the auditor. Hopefully this occurs before signing a contract with a registrar.

I think I'm at my word limit for the night!

posted 19 July 2001 09:13 AM               

I agree that the Mgt Rep. should limit his Auditing function. Not because he/she knows all the holes in the system. As QA MGR, I am mostly an auditee for most procedures as they affect Quality. Back to knowing all the holes. As we begin our first Audits at this sparkling facility, every auditor (except me) is new to the game. When the questions were submitted, yes, they come to me as Lead Auditor for review, I add questions that I know will result in findings that are NC's. Knowing the holes is a good thing because you try to plug as many as you can. Granted, I get to see the questions before the audit. But, my job is to try to enhance our Auditor's training with real life auditor situations. Some questions do lead me to review sections of the procedure for the correct response. Who wouldn't? I recently added 4 more questions to ask me regarding their original question. All will result in findings. This is practice, practice, practice leading up to the real Audit. God, Connecticut's beautiful right now. Later.

posted 19 July 2001 09:32 AM               

-> Knowing the holes is a good thing

If you're attacking known problems with internal audits you are not, in my opinion, auditing. You are trying to take a known problem and publicise it in hopes that the publicity will cause it to be corrected. At best, this should be a function of the corrective action system. If you know 'the holes', you should be correcting them without the 'excuse' of an audit.

The very fact that you state you know where the 'holes are' is troubling. My question would be: "Since you admit you know the problem (the 'hole') exists, why did you wait to target the problem through an internal audit? Why did you not address this through your corrective action system when the problem was first identified?"

posted 19 July 2001 01:12 PM               

Even when I was posting to that topic, I expected someone to express concern that I knew where we were deficient and hadn't dealt with the issues beforehand. You're right, I want them published to spur activity in certain areas. Corrective Action Requests, responses, time frames to correct, etc., get high visibility. Most of my N/C's involve controlled documents that are referenced in our procedures, but not yet released. For example, in our Internal Auditing Procedure, I reference a Management Reponsibility Procedure that is before the Steering Committee and others for review. Also, there is reference to an Internal Audit System Checklist that has not been completely developed and Corrective/Preventive Action procedure with the same staus of completion. We had to start somewhere. I preferred the procedure before the references. The other way, I would be revising each time someone determined what a "controlled document" should be. There were no written procedures when I got here. Because we are "playing" at becoming certified, practice if you will, we are under no pressure to release everything at once and it will be a good exercise for the Auditors. As you probably deduced from many of my posts, ( I know you read everything) I'm pretty much alone in this pipe dream. Anything I can do to get management's and other's attention helps me. When MGT asks why this isn't done, or that, I get to point the polite finger back at them for their lack of response. After all, I'm not writing the findings. Their selected Auditors are. I know it's a bit strange, but so is this place.
I know you will miss a week of my posts. Vacation starts Sat AM. Maybe I'll bring the draft proposal ( not released yet, either) of the QPM to read at the beach. NOT!!

energy

posted 19 July 2001 05:55 PM               

That is why my last line was somewhat of a disclaimer. Yes I knew where the holes in the system were and issued corrective actions to no avail. I then decided that maybe an "outside" person would carry more weight and possibly get more action and wake up management.

In the end, they didn't and I left. It was basically an adverserial position. I was brought into a system where lower level management didn't buy in to the systems that were set up.

I also believe that the root cause was the ownership that just wanted a certificate to hang on the wall. I really don't blame the lower level Managers, they were putting in 10-12 hours a day just ensure that machines were running and parts got out the door. At that time the plant had been running 24 hours a day seven days a week.

When I left, our registrar would nor re-certify us so the owners went to PJ and within 4-6 weeks had their certificate back on the wall.

I digress and vent,

posted 19 July 2001 06:29 PM               

One must keep in mind that's all 95% of the companies registering to ISO 9001 want when you get right down to the truth of the matter.