1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Internal audit

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Lafir Ali Rinos, Jul 8, 2018.

  1. Lafir Ali Rinos

    Lafir Ali Rinos Member

    Joined:
    Jul 1, 2018
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    2
    Location:
    Dubai, United Arab Emirates
    Can any one share me the interaction matrix of standards with processes for the purpose to cover audit area...mainly ISO 9001:2015 ISO 14001:2015...and share me the audit startegy... Audit methodology...
    Frequent trigger questions for every processes say examples: production, warehouse, purchase, stores and dispatch, quality, top management, maintenance,etc.,
     
  2. Neo113016

    Neo113016 Member

    Joined:
    Jul 9, 2018
    Messages:
    42
    Likes Received:
    6
    Trophy Points:
    7
    Hi Lafir..

    You can check the Annex SL high level structure for similarities then try to identify the specific sub clauses clauses in the two standard that are unique to each other.

    For audit strategy, RESULTS is the FOCUS of auditors.

    Trigger questions:

    1) PDCA cycle
    2) Risk Based Thinking
    3) Context of the Organization
    4) Internal Audit
    5) Management Review
     
    Lafir Ali Rinos and MrCarline like this.
  3. RoxaneB

    RoxaneB Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    926
    Likes Received:
    1,081
    Trophy Points:
    92
    Location:
    Ontario, Canada
    I believe there is something in the standards that shows how they align/interact. From there, you should be able to determine the requirements of the standards directly and indirectly interact with your organization's processes.

    For audit strategy and methodology, that is a very large topic and I would suggest you explore some training options. Classes can range in length and price, depending on what you are hoping to learn from it.

    As for trigger questions, it depends on the organization and the experience of the auditor. New auditors tend to, in my opinion, ask questions that are nearly verbatim to the standard. Example - "Do you have a procedure for [insert task here]?" Such an approach adds little value to the audit or the organization, even if it does meet the requirements of the standards. Again, with training and experience, you'll learn how to prepare for an audit, including identifying possible questions. Personally, I like asking "So, what are you doing right now?"..."How do you know that you're doing it properly?" These types of open-ended questions lead into areas such as training, document control, process control, measuring and monitoring, etc.
     
  4. MrCarline

    MrCarline Member

    Joined:
    Jul 18, 2018
    Messages:
    6
    Likes Received:
    3
    Trophy Points:
    1
    I would agree with @RoxaneB, try not to be too prescriptive. The standard is quite holistic in its approach and you will find most clauses link back and forth with each other. I have set up a schedule to audit various areas of the business and audit the process to the organisations procedures.
    Methodology: Is the process complaint with organisation procedure relative to ISO19001/14001.. make sure the actual process is in line with the documented information and the documented information is compliant to the requirements.
     
    Lafir Ali Rinos likes this.
  5. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    And...that the process is effective. Too many auditors (internal and external) completely forget that the process(es) are supposed to be supporting the achievement of (quality) objectives and are measured against those objectives. When auditors overlook this vital point, management get confused when the auditors simply report "Your people don't follow procedures". If management don't know the effect on the performance of the process compared to objectives, they cannot understand what needs fixing. Plenty of CBs now have a findings form which states "...is not fully effective" but then the auditors don't actually report in what way this was observed!

    For example, a company with 400+ gauges was audited and 1 caliper was found being used (and calibrated) but not in the database. The NC was written that the calibration system wasn't effective, but only the 1 caliper was mentioned. Put into the context of the 399 other items, I'd suggest that the calibration system IS effective but 1 still requires correction. Oh, and BTW, it was being used for an arbitrary check at material receiving for a dimension which was of little actual significance!
     
    Lafir Ali Rinos, judegu and tony s like this.
  6. MrCarline

    MrCarline Member

    Joined:
    Jul 18, 2018
    Messages:
    6
    Likes Received:
    3
    Trophy Points:
    1
    This is a true statement Andy, I see "...is partially effective" comment a lot. so two fold here, we assess and report if the systems are effective in our internal audit reports and also we have an effectiveness verification on each of our audit NCRs.

    It annoys me when I hear stories about businesses getting NCRs for calipers! personally I try to make all calipers "reference only"! I don't like using them in precision environment especially as you say, the measurement was arbitrary and not significant!
     
    Lafir Ali Rinos likes this.
  7. Lafir Ali Rinos

    Lafir Ali Rinos Member

    Joined:
    Jul 1, 2018
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    2
    Location:
    Dubai, United Arab Emirates
    Thank you brothers and sisters for sharing your opinion. Its really helpful improve my perspective and understanding...