1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

What's the purpose?

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Andy Nichols, Apr 10, 2019.

  1. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    We've recently seen a couple of threads develop about internal audits and management review of the QMS. It occurs to me that something's often overlooked when considering WHY internal audits are an input to management's review of the QMS. If we fundamentally miss that, we end up only doing things because "ISO-Says-So" or to avoid an (external) audit finding.

    Anyone care to provide an understanding of the role internal audits has to the review? Beyond "because it's in 9.3"?
     
    LAb Ly likes this.
  2. Miner

    Miner Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    576
    Likes Received:
    492
    Trophy Points:
    62
    Location:
    Greater Milwaukee USA
    Internal audits should identify areas where the QMS is weak or has broken down. The management review should then assess the risk and mitigate that risk as appropriate.
     
  3. KyleG

    KyleG Active Member

    Joined:
    Nov 7, 2018
    Messages:
    96
    Likes Received:
    68
    Trophy Points:
    17
    Location:
    Reno Nevada
    Internal audits are a snapshot in time identifying strengths weaknesses, Management Review is then an opportunity to fix, change, modify the QMS to make it better, understand risks and opportunities. I too am running into the problem of being asked, well what does ISO say we have to do, My response is always this is what we should be doing regardless if ISO says it or not, "some Management" wants to do that absolute bare minimum to get certified.
     
  4. Richard Billings

    Richard Billings Active Member

    Joined:
    Apr 4, 2019
    Messages:
    58
    Likes Received:
    7
    Trophy Points:
    7
    The Internal Audit process should identify weaknesses or strengths in specific QMS processes.
     
  5. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    If processes have goals and/or objectives associated with them, the performance of the process will become clear to management - if it is weak, it won't meet the target, and if it's strong it will meet or overshoot the target. If I have a target of 35 mpg for my car and I measure the miles driven and the fuel used, I can tell if I'm attaining the target. I don't need an auditor to tell me that. Why would a QMS need an auditor? Granted, before 2000, the QMS didn't require objectives or process measurements to show the objectives were being met, but for the past 19 years we've still had to have internal audits. Why?
     
  6. Miner

    Miner Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    576
    Likes Received:
    492
    Trophy Points:
    62
    Location:
    Greater Milwaukee USA
    A good point. I suspect that it is because people find it very difficult to develop good, objective metrics that do not drive bad behavior and cannot be manipulated by playing games with the underlying numbers.

    I actually went so far as to develop a Metrics FMEA used to identify potential bad behaviors or ways the metric could be manipulated.
     
  7. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Very true! However, doing an audit would rely on the internal auditor(s) being smarter, wouldn't it? Understanding that aspect of it might become a challenge!
     
  8. yodon

    yodon Well-Known Member

    Joined:
    Aug 3, 2015
    Messages:
    198
    Likes Received:
    115
    Trophy Points:
    42
    Not exactly on point for this thread but it might continue the conversation...

    I attended our local ASQ Audit Special Interest Group meeting last night. We had a gentleman give a talk on what was presented at a recent ISO 9001 Audit (?) conference in Dallas last month (not sure if it was an Audit conference or a general 9001 conference but it was apparently well attended and had worldwide representation).

    He recapped a presentation about, essentially, what the presenters thought should be the new internal audit paradigm. It was a pretty utopian view of an internal audit program, giving no real consideration to the cost of internal audits (time, resources used, etc.). One point was that the internal audit program should delve into economics, social matters, etc. With the organizational context considerations, I guess there's maybe a play for some of this but it seemed to me they were suggesting revolutionary change - which, from what it frequently is now (being the "it's required so get it done as cheaply and quickly as possible" paradigm discussed above), isn't a bad idea.

    This goes to @Andy Nichols point above about auditors being smarter.. in fact that was one of their slides: auditors need to be the "best and brightest" in the lot.

    It spurred considerable discussion in the group, at least. Moving it from a necessary evil to a value-added proposition is going to be difficult.
     
    Andy Nichols likes this.
  9. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Since it would be difficult for top management to assess the health of their QMS by themselves, I believe, assigning people to perform the assessment on their behalf is advantageous. This would mean that internal auditors should think like the people who sent them and not like the people who trained them. If auditors would perform their assigned task as intended by the people who sent them, then the information that they will obtain would be far greater valuable than just satisfying 9.3.
     
    Neo113016, LAb Ly and Andy Nichols like this.
  10. KyleG

    KyleG Active Member

    Joined:
    Nov 7, 2018
    Messages:
    96
    Likes Received:
    68
    Trophy Points:
    17
    Location:
    Reno Nevada
    I have noticed (in my very limited experience <year) that auditors seem to be opinionated more than factual evidence from the standard. I hope this is not the case with the Registrar i have selected. Stage 1 audit may 17th stage 2 June 12-14th Wish me luck :rolleyes:
     
    Andy Nichols likes this.
  11. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Tony's reply is closest to my own in many ways...

    If we set aside the need for Third Party certification for one moment, you can simply ask the question, "Why are internal audits included in a QMS?" If it's not to get/maintain Certification, what's the purpose?

    The answer is really held in the need for a review of the QMS by management. The results are an input, along with many other things. If you put all those individual parts on the table in front of management, what are they to make of the puzzle? Product conformity, process performance, customer feedback etc. etc. Then add in results of audits. What's the picture on this (jigsaw) puzzle, being formed?
     
    tony s likes this.