I think the internal auditing clause of ISO 9001 has had more articles, blogs, webinars, videos and letters to the editor produced about it than any other clause in ISO 9001. Perhaps only Document Information (clause 7.5) comes close to having a similar number of column inches dedicated to analysing it. Not to buck the trend, I have written and presented numerous times on the subject of Internal Auditing. Here is a list of those articles I have written about it: Here are the webinars I have presented on the topic: It really is a free-for-all. The only requirement is that you have to do it. I have found that internal audits give great value but it can be a confrontational experience and, depending on your interview technique, people can be uncooperative and defensive. I would highly recommend getting some internal auditor training from local experts to help find the best techniques to prevent and/or overcome such experiences. This clause can be broken into the following sections. 1. Plan your approach to internal audits based on the importance of the processes. A mistake most companies make is to audit absolutely everything once a year. The standard gives you flexibility around this, so use your resources wisely and only audit what is important or what is the highest risk to your business. 2. For each audit, work out the scope of what will be covered. You can’t audit 100% of the process, but you do need to cover enough to be satisfied that the important issues have been captured. 3. Make sure the auditors are independent of the process under audit. This can be tricky so you need to give it plenty of thought.Clause 9.2.1 Conduct internal audits at planned internals.
Clause 9.2.2 How to conduct audits
4. Report all findings to the relevant mangers so there aren’t any surprises.
5. Ensure that the corrective actions from the audit are dealt with.
6. Retain the audit results in a document.
Here at Mango we are taking an innovative approach to internal auditing. We are using a DIME (documented, implemented, monitored and effective) matrix to ensure the QMS conforms. The DIME approach is referenced in this webinar: Freshening-up Your Internal Auditing Programme.
Takeaways
Here is a list of takeaways that will help you meet clause 9.2:
- Only audit what is important or what is the highest risk to your business.
- For each audit work out the scope of what will be covered.
- Make sure the auditors are independent of the process.
- Keep records of the audit.
View previous blogs in this series "How to Implement a QMS and Achieve ISO 9001 Certification":
How to Implement a QMS and Achieve ISO 9001 Certification - Part 1: Introduction
How to Implement a QMS and Achieve ISO 9001 Certification - Part 2: Customer Focus
How to Implement a QMS and Achieve ISO 9001 Certification - Part 3:Leadership
How to Implement a QMS and Achieve ISO 9001 Certification - Part 4:Engagement of People
How to Implement a QMS and Achieve ISO 9001 Certification - Part 5: Process Approach
How to Implement a QMS and Achieve ISO 9001 Certification - Part 6: Improvement
How to Implement a QMS and Achieve ISO 9001 Certification - Part 7:Evidence Based Decision Making
How to Implement a QMS and Achieve ISO 9001 Certification - Part 8: Relationship Management
How to Implement a QMS and Achieve ISO 9001 Certifiaction - Part 9: Clauses 0.1, 0.2, 0.3, 1, 2 and 3 of ISO 9001:2015
How to Implement a QMS and Achieve ISO 9001 Certification - Part 10: Clauses 4.1, 4.2, 4.3 and 4.4 – Context, Interested Parties, Scope,QMS
How to Implement a QMS and Achieve ISO 9001 Certification - Part 11: Clauses5.1 Leadership and Commitment
How to Implement a QMS and Achieve ISO 9001 Certification - Part 12: Clause 5.2Policy
How to Implement a QMS and Achieve ISO 9001 Certification - Part 13: Clause 5.3 Roles, Responsibilities and Authorities
How to Implement a QMS and Achieve ISO 9001 Certification - Part 14: Clause 6.1Actions to Address Risks and opportunities
How to Implement a QMS and Achieve ISO 9001 Certification - Part 15: Clause 6.2 Objectives
How to Implement a QMS and Achieve ISO 9001 Certification - Part 16: Clause7.1 Resources
How to Implement a QMS and Achieve ISO 9001 Certification - Part 17: Clause7.2 and 7.3 - Competence and Awareness
How to Implement a QMS and Achieve ISO 9001 Certification - Part 18: Clauses 7.5 - Documented Information
How to Implement a QMS and Achieve ISO 9001 Certification - Part 19: Clauses 8.1 - Operational Planning and Control
How to Implement a QMS and Achieve ISO 9001 Certification - Part 20: Clauses 8.2 - Requirements for Products and Services
How to Implement a QMS and Achieve ISO 9001 Certification - Part 21: Clauses 8.3 - Design and Development
How to Implement a QMS and Achieve ISO 9001 Certification - Part 22: Clauses 8.4 - Control of Externally Provided Processes, Products and Services
How to Implement a QMS and Achieve ISO 9001 Certification - Part 23: Clauses 8.5 -Production and Service Provision
How to Implement a QMS and Achieve ISO 9001 Certification - Part 24: Clause 8.6 - Release of Products and Services
How to Implement a QMS and Achieve ISO 9001 Certification - Part 25: Clause 8.7 - Control of Non-Conforming Outputs
How to Implement a QMS and Achieve ISO 9001 Certification - Part 26: Clause 9.1 - Monitoring, Measurements, Analysis and Evaluation