New IATF three-year internal audit cycle

DQS has stated in a Q & A document that this was implemented to allow more flexibility and time for "special audits" as required due to customer issues, past audit findings, etc. I have a question for which I've been searching for an answer for almost two years; is there any rule or requirement which states that an organization must have more than one internal auditor? Basis for rationale; you have, as you know, those auditors who don't WANT to be auditors and therefore do a less than thorough job. Then there are those who just want to get it over with so they can mark it off the list; same result. Then you have those who don't take the time to study the standards so they only ask the "do you know the quality policy" level questions. What would be wrong with having a specialist in auditing perform ALL the QMS audits? If that was this person's sole responsibility, they would possess more experience, knowledge, etc. and all the audits would be consistent. I find it an excellent idea, but I'm not sure how it would go over with certification body auditors. I can find no rule about the number of internal auditors required. Can anyone elaborate on why this is/isn't a viable option? Thanks.

 

There are no number requirements. Only some level of independence. If it will work for you, then I say go for it.

 

Yes. What Andy said. Objectivity and impartial. Kind of independent.

 

Thanks for your input, gentlemen. The problem is that all the auditors have full-time (with overtime) jobs. Audits somehow have to be magically worked into the 50+ hours a week they already work. They had certified training last year, and their absence from their jobs during that time caused big problems. I begged for management members to join the audit pool, but all of them said no. What better way to show leadership commitment than to audit your own processes? Sigh.... Audits are weak, rushed, and resented. With the absence of a lead auditor, or better yet, an audit manager, there is no one who can take on the role of correcting the problems. I realize that whatever position that single auditor (if internal) might hold would have to be audited by someone else for whatever process he/she owns. That is well-known so I didn't bother mentioning it. DQS is our certification body. They released a paper with questions and answers due to overwhelming confusion about some of the clauses. The three-year audit plan in 9.2 was one of the questions. We have also considered hiring an outside body to do our internal audits. There are many cans of worms that would open, but as it is, we don't get any value from the ones we do in house. I only wanted opinions on the matter, as to whether there was a rule dictating the requirement of multiple auditors vs. one or two. Since neither of you found a requirement related to this, and neither did I, I will pitch my idea further. I would rather have meaningful audits from one or two people than have 30 people not even scratching the surface.