1. Hello and Welcome to The Quality Forum Online...Continuing in the spirit of People Helping People !
    Dismiss Notice
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

New IATF three-year internal audit cycle

Discussion in 'ISO 19011 - Auditing Management Systems Guidelines' started by Teresa Nix, Feb 20, 2018.

  1. Teresa Nix

    Teresa Nix Member

    Joined:
    Mar 13, 2017
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    United States
    DQS has stated in a Q & A document that this was implemented to allow more flexibility and time for "special audits" as required due to customer issues, past audit findings, etc. I have a question for which I've been searching for an answer for almost two years; is there any rule or requirement which states that an organization must have more than one internal auditor? Basis for rationale; you have, as you know, those auditors who don't WANT to be auditors and therefore do a less than thorough job. Then there are those who just want to get it over with so they can mark it off the list; same result. Then you have those who don't take the time to study the standards so they only ask the "do you know the quality policy" level questions. What would be wrong with having a specialist in auditing perform ALL the QMS audits? If that was this person's sole responsibility, they would possess more experience, knowledge, etc. and all the audits would be consistent. I find it an excellent idea, but I'm not sure how it would go over with certification body auditors. I can find no rule about the number of internal auditors required. Can anyone elaborate on why this is/isn't a viable option? Thanks.
     
  2. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    437
    Likes Received:
    134
    Trophy Points:
    42
    There are no number requirements. Only some level of independence. If it will work for you, then I say go for it.
     
  3. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    1,992
    Likes Received:
    1,035
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Hi Teresa:

    Firstly, I'm not sure what the DQS thing has to do with the 3 year internal audit cycle - frankly, it's a bizarre requirement and frankly there's no place for such a thing, but let's move on....

    I'm going to answer you, but not from a simple numerical point of view. And, there is NO rule. Frankly, it doesn't matter what a CB auditor thinks, either.

    You're addressing the symptom, not the cause. Why don't your auditors WANT to do a good job? Instead of simply avoiding the issue and doing the wrong thing - having the smallest number of auditors that someone else can justify - why not answer the question WHY auditors don't want to do the assignment!

    I've been to clients to do a lot of remedial training for auditors and I can confidently tell you, it's NOT them! It's a combination of an ineffective audit program, it's ineffective auditors training and most likely the wrong scope/criteria etc. To be very straight, when you point fingers at your auditors, how many are you pointing at your audit program management?

    I can tell you WHY having one - or even 2 auditors may not work for you. Depending on the actual processes, are the proposed auditors competent in (ALL) those processes? Also, who is going to audit the audit process? Golfman talks about independence, which - depending on HIS meaning - isn't a requirement. What IS required is an audit process which ensures objectivity and impartiality. How will you do that with one or two auditors?
     
  4. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    437
    Likes Received:
    134
    Trophy Points:
    42
    Yes. What Andy said. Objectivity and impartial. Kind of independent.
     
  5. Teresa Nix

    Teresa Nix Member

    Joined:
    Mar 13, 2017
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    United States
    Thanks for your input, gentlemen. The problem is that all the auditors have full-time (with overtime) jobs. Audits somehow have to be magically worked into the 50+ hours a week they already work. They had certified training last year, and their absence from their jobs during that time caused big problems. I begged for management members to join the audit pool, but all of them said no. What better way to show leadership commitment than to audit your own processes? Sigh.... Audits are weak, rushed, and resented. With the absence of a lead auditor, or better yet, an audit manager, there is no one who can take on the role of correcting the problems. I realize that whatever position that single auditor (if internal) might hold would have to be audited by someone else for whatever process he/she owns. That is well-known so I didn't bother mentioning it. DQS is our certification body. They released a paper with questions and answers due to overwhelming confusion about some of the clauses. The three-year audit plan in 9.2 was one of the questions. We have also considered hiring an outside body to do our internal audits. There are many cans of worms that would open, but as it is, we don't get any value from the ones we do in house. I only wanted opinions on the matter, as to whether there was a rule dictating the requirement of multiple auditors vs. one or two. Since neither of you found a requirement related to this, and neither did I, I will pitch my idea further. I would rather have meaningful audits from one or two people than have 30 people not even scratching the surface.
     
  6. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    1,992
    Likes Received:
    1,035
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Teresa: How long a duration are these audits? Even with work loads, if management see benefit from the audits, they will free up the people to do the job. Trust me. In 25 years I've seen this happen time and again. The DQS stuff is TBH a simple confusion - seen through the eyes of CB auditors, that's all. I have yet to see a CB auditor who understands things like the context of the org.

    I'm going to guess that your audits replicate what the CB auditors do and who (in management) sees value in that?
     

Share This Page