A project – improvement, new product design, the implementation of a new technology, etc.
#INTERNAL AUDITING ISO 9001 ISO#
A specific requirement from the ISO requirements – when establishing the QMS.A physical area or location – a warehouse, for example.A customer and/or regulatory requirement – may be implemented in parts of multiple processes.In addition to considering a process as the scope of an audit, the following also may be used:
#INTERNAL AUDITING ISO 9001 FREE#
It follows then, that without a clear, specific requirement to audit (only) processes, an organization is free to choose a specific audit “scope” and “criteria” if those define something within the quality management system which represents risk to effectiveness in achieving intended results. In such a case, auditing the entire process may be unnecessary in determining where the change “slipped through the cracks.” Experience also shows that it can be the interaction between processes where issues manifest themselves – at the interface of two (or more) processes. Perhaps a review of a requirement (customer order) and a subsequent change to that requirement may mean that a second review isn’t as robust. Traditionally, risks are associated with something new and/or changed or activities affecting an organization:īy reference to the diagram below, adapted from James Reason’s “Managing the Risks of Organizational Accidents,” (ISBN-10: 1840141050), it can be seen that risks occur throughout an Operation.Ĭlearly, the selection of a specific process may help when considering what part(s) of the management system to audit, however, further planning may reveal that it’s not always the whole process which should fall under the audit spotlight… It may be a relatively simple activity contained within the process. Empirically, we know that risks occur in business, and they don’t always occur within a process. This era ushered in the use (by CB auditors) of the “turtle” diagram for audit planning, which has become widespread throughout their client base, too.Īlthough not advocating against the internal audits of only processes, a risk-based approach to the considerations of what to audit and when can be very useful. Maybe “mission creep” has occurred from the influence of the Certification Body auditors who were required to change their approach to one of auditing process(es), around the time ISO/TS 16949 was published. Nothing requires an actual audit of a process! So, why has the mantra of “Process-based Internal Audits” become so pervasive? Interestingly, even this statement, which deals with the actual planning and implementation of the internal audits, doesn’t require that those audits shall (or even should) be conducted using the “process approach.” In basic terms, it simply states that the audit programme has to consider the importance of the (quality management system) process concerned. This particular clause states that “the organization shall:Ī) Plan, establish, implement and maintain an audit programme(s) including the frequency, methods, responsibilities, planning requirements and reporting, which shall take into consideration the importance of the process concerned, changes affecting the organization, and the results of previous audits ” Perhaps the Internal Audit requirements, found in clause 9.2, will reveal something… Reading further, the text goes on to describe the Process Approach involving the “systematic definition and management of processes, and their interactions, so as to achieve the intended results.” There’s no mention of anything to do with conducting internal audits in any particular fashion. The recently introduced 2015 version makes the “Process Approach” a lot clearer by describing what is envisaged, in section 0.3 of the Introduction to the Standard–and how it applies to the quality management system–development, implementation and improvement. Since ISO 9001:2000, it’s become increasingly common to consider that an organization’s Internal Quality Audits be performed using the so-called “Process Approach.” At the time of publication, that particular version of the International Standard for Management Systems contained no description of what the process approach was. Is the Process Approach to Audits Just a Myth?
0 kommentar(er)
