1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

What is an audit?

Discussion in 'ISO 19011 - Auditing Management Systems Guidelines' started by Andy Nichols, Jun 13, 2016.

  1. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    I'd suggest that, based on your description, these are NOT audits the way they are defined. Certainly if you have not documented the audits they don't comply with the ISO 9001 requirements.
     
  2. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    The audit was scheduled based on the Risk based Internal Quality Incidents and Customer Satisfaction Survey, Score cards and Performance indicators of the processes. If there are recurring problems within the process we conduct the audit more than once a year. Otherwise the low risk processes are on schedule according to the Audit plan.
     
  3. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Interesting form of an audit. Though, most people will call this as "responsibilities". IMHO the intent of ISO 9001 for having an internal audit is different. Your second statement which says:
    have some semblance of what clause 9.2 intends an organization to implement.
     
  4. Jamie Lill

    Jamie Lill Member

    Joined:
    Mar 17, 2016
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    7
    I call ISO my business. If ISO does not help me, and if ISO adds unwanted paperwork and documentation why are we doing this?
    The bottom line is the bottom line it has to help me make money.
    People put to much into what the standard says by writing reams of documents,gap analysis, risk assessments and check lists. Let ISO be what you do every day and fit this to the standard.
     
  5. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Couldn't agree more, however, you can't overlook compliance issues. Saying that everyone's auditing everything all of the time isn't going to comply with the standard - which is doing things in a systematic manner. People constantly checking for errors isn't a robust system, because robust processes don't create errors...
     
  6. Jamie Lill

    Jamie Lill Member

    Joined:
    Mar 17, 2016
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    7
    We always review each other work. It is part of the audit. The standard says you have to have an audit.
    It does not say how many,when,do they have to be the same (no),frequency and do you have to document every audit or just one audit, and how do you document the audits.

    As long as the operations of the audit conform with the standard it comply's.
    The standard is very open.

    If an auditor came to me and said this does not meet the standard I would task him to show me were is my audit non conforming to the standard.

    They would lose.
     
  7. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    Need to Plan your audit, execute according to plan.
     
  8. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Auditing "work" is NOT the same as auditing the QMS and processes. But, Jamie, you are right. You feel free to do what you want and forget the conventions which have been the norms of the quality auditing industry for 30 years...
     
  9. Jamie Lill

    Jamie Lill Member

    Joined:
    Mar 17, 2016
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    7
    Please show me were in the standard is the definition of an audit!
    What are the conventions and norms of the quality auditing industry.
    Can you point them out to me in the ISO standard I seem to have missed them somewhere.
     
  10. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    Get a copy of ISO19011. It is a guideline customized to be suitable for internal audits of the QMS. .
     
    Andy Nichols likes this.
  11. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    ISO 19011:2011 definition:
    3.1 audit - systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled

    ISO 9000:2015 definition:
    3.13.1 audit - systematic, independent and documented process for obtaining objective evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled

    ISO 9001:2008 Clause 8.2.2:
    Records of the audits and their results shall be maintained.

    ISO 9001:2015 Clause 9.2.2f:
    The organization shall…retain documented information as evidence of the implementation of the audit programme and the audit results.

    I believe the highlighted statements are one of the norms and conventions.
     
    Last edited: Jun 23, 2016
    Andy Nichols likes this.
  12. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    An Internal Auditor classroom training might answer all these questions for you.
     
    Andy Nichols likes this.
  13. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Thank you Tony and MCW8888...
     
    Last edited: Jun 23, 2016
  14. Jamie Lill

    Jamie Lill Member

    Joined:
    Mar 17, 2016
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    7
    ISO 19011:2011 definition:
    3.1 audit - systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled
    Your work shall be an audit (This is a documented process)
    ISO 9000:2015 definition:
    3.13.1 audit - systematic, independent and documented process for obtaining objective evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled
    Your work shall be an audit (This is a documented process for obtaining objective evidence)
    ISO 9001:2008 Clause 8.2.2:
    Records of the audits and their results shall be maintained.
    When your work is discussed in management review meetings and documented
    ISO 9001:2015 Clause 9.2.2f:
    The organization shall…retain documented information as evidence of the implementation of the audit programme and the audit results.
    When your work is discussed in management review meetings and documented
    I believe the highlighted statements are one of the norms and conventions.



    Yes as I have said before these are the process and the rules for ISO audit.
    I have fulfilled all items as you say norms and conventions.
     
  15. Jamie Lill

    Jamie Lill Member

    Joined:
    Mar 17, 2016
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    7
    Or should I say the written statement to make it clearer
    Your work shall be an audit (This is a documented process)
     
  16. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    I'll request closing this thread since it's wandered waaaay off the original topic...
     
    MCW8888 likes this.
  17. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    I respectfully disagree Andy. Other members might still be interested in sharing their new approaches in auditing against the 2015 version.

    Now to get back to the original topic. I may have said that the intent and definitions are the same, but I will have to add some audit criteria that can include:
    • whether controls are integrated to the existing procedures to address risks that stem from internal and external issues, including those that are relevant to interested parties (see 6.1.1 and 6.1.2);
    • how the results of planning for achieving the quality objectives is evaluated (see 6.2.2e - I believe 2008 is silent on this);
    • how changes in the processes or the QMS are being managed (see 6.3 and 8.5.6 - I feel that 2008 has less emphasis on this);
    • controls to the environment necessary for the operation, particularly those relevant to social and psychological factors (see 7.1.4 - I noticed that 2008 only covered physical factors);
    • suitability and fitness of monitoring and measuring resources, other than IMTE, that verify conformity of products and services (see 7.1.5.1 - the 2008 only pertains to "equipment");
    • controls on nonconforming outputs that affect conformity of products and services (see 8.7.1 - I posted before that 2008 only requires controls for nonconforming product in this thread)

    These are some that I may need to check due to the revision of the standard.
     
  18. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    1,071
    Likes Received:
    722
    Trophy Points:
    112
    Location:
    USA
    Please be careful about what you call an audit, as all of the standards list expectations associated with audits, which are described in the elements/clauses addressing audits in the standards/technical specifications.
     
    Andy Nichols likes this.
  19. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    Before I move on to other posts, I would like to share my thoughts about ISO (this reply has nothing to do with audit). ISO is a business decision. ISO is a world class standard that is based on sound business principles. If you choose to hang an ISO certificate on the wall, you must demonstrate conformance to the standard. ISO does not add unwanted documentation. You decide what documents you need to maintain and retain and do it EFFECTIVELY. Furthermore, ISO helps you achieve the goals you set on the Business Plan. Years ago I took my ISO9000 Lead Auditor course in UK and was convinced that this is the way forward if the company intends to do business globally. So long.
     
  20. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    No, it isn't! ISO is NOTHING to do with making money. I'd suggest that you might want to rethink what ISO actually applies to. Having an effective management system is about making (more) certain that you can satisfy customer requirements. Nothing more or less. Making money is a function of cost over price paid that's all. Implementing ISO 9001 requirements as a QMS can help control costs, but that's NOT the purpose.
     
    Last edited: Jun 25, 2016
    Jennifer Kirley likes this.