A Quality management system based on ISO 9001 standard, is basically a set of interrelated as well as inter – dependent processes such as determining customer expectations, planning, realization and delivery of products and services, evaluation of processes, improvement, communication, internal audits and management review. Effectiveness of each process may directly influence and limit the effectiveness of other dependent and related processes.
Internal audit: role of ISO 9001 consultants
Effectiveness of internal audit and other evaluation processes greatly influence the effectiveness and success of the entire QMS. Expertise of ISO 9001 consultants can help your company to train and develop competent auditors needed for internal auditing.
I discuss below some of the auditing blunders that lead to failure of internal auditing.
- Lack of process approach:
Most significant aspect of a QMS is the process approach. When the auditor fails to understand the process approach, either due to lack of training or on account of lack of due diligence required, the audit could be full of major blunders.
Management must treat internal audit as a critical process, needed to monitor effectiveness, health and success of entire QMS, and hence it must allocate competent manpower, supported by documented information, knowledge, training, feedback, communication, motivation, recognition, environment and other enablers. Top management must assume ultimate responsibility to make internal audit effective and valuable.
02 Attitude of a super Cop
When the auditor, armed with authority, acts with mentality of a cop, the auditees may not cooperate, and the necessary information and evidence needed to determine the health and effectiveness of the processes and activities. Auditor must be trained about the need to conduct audit in a businesslike and friendly environment, free from prejudices.
03 Lack of Planning and preparedness
Lack of preparedness is a major cause of incomplete auditing. Auditor must plan in advance, know about the processes, technology used, current issues faced by the process owners, interaction of the processes, customers and suppliers of the processes, outsourced activity interfaces, determine the critical items list for the audit.
Auditor has to make sure that auditees are available at as per schedule. About the site visit the necessary security clearance and safety aspects for the audit team must be planned in advance so that nothing goes wrong at last minute.
04 Ineffective communication
When the auditor fails to communicate effectively with confidence and authoritative knowledge of requirements, or when the words used are interpreted differently, accent makes the words misunderstood, a communication barrier can develop, which impedes the exchange of necessary information.
Written communication too can be ineffective when it is incomplete and does not explain the information clearly and does not say what action is expected, in case of action related communication.
05 Audit report without citing relevant clauses
While issuing a NC (non-conformity), relevant clause of ISO 9001 as well as evidence (could be documented information reference) related to non-conformity should be cited correctly. Hand written NCs should be written in legible handwriting. The auditor should be able to justify, how the action on the NC can add value.
06 Lack of consistency and impartiality
Auditor must be consistent across the whole organization and must be fair and impartial during and after the audit. He or she should be available for clarification about the interpretation of relevant ISO 9001 clauses, if the situation demands so.
- Not focused on strategic issues of business
When auditor spends time on trivial issues and does not look at strategic and critical processes that affect the organization, customers or the regulatory aspects, valuable opportunity to make improvements is lost. Hence the planners of audit must ensure adequate focus on organizational issues and risks, business environment, competition, customer perceptions and complaints process acceptance criteria, non- conforming services and products, process interdependence and interactions.
Thus it can be concluded that auditor failures could result due to inadequate auditor training, lack of focus on process approach, inadequate preparation, communication barriers and lack of focus on core business related issues.