Clause 9.2 of ISO 9001: Internal Auditing (2024)

I think the internal auditing clause of ISO 9001 has had more articles, blogs, webinars, videos and letters to the editor produced about it than any other clause in ISO 9001. Perhaps only Document Information (clause 7.5) comes close to having a similar number of column inches dedicated to analysing it.

Not to buck the trend, I have written and presented numerous times on the subject of Internal Auditing.

Here is a list of those articles I have written about it:

The Use of Risk Based Thinking When Creating an Internal Audit Schedule
Is it time to STOP Internal Auditing?
5 Habits of Successful QHSE Compliance Managers
Internal Audits - Your (Not So) Secret Weapon

Here are the webinars I have presented on the topic:

Tips and Tricks to Add Value to Your Audit Reports
Freshening-up Your Internal Auditing Programme
Are you Running an Effective Internal Audit Programme
How to Create an Internal Audit Schedule
Creating Internal Audit Schedules
7 Keys to Running an Effective Internal Audit Programme

Clause 9.2.1 Conduct internal audits at planned internals.

The technique of doing internal audits is up to you.
The length of the intervals between audits is up to you.
The way you’ll decide how your organisation conforms to your QMS and ISO 9001 is up to you.
The manner by which you’ll determine how effective and maintained the system is, is up to you.

It really is a free-for-all. The only requirement is that you have to do it. I have found that internal audits give great value but it can be a confrontational experience and, depending on your interview technique, people can be uncooperative and defensive.

I would highly recommend getting some internal auditor training from local experts to help find the best techniques to prevent and/or overcome such experiences.

Clause 9.2.2 How to conduct audits

This clause can be broken into the following sections.

1. Plan your approach to internal audits based on the importance of the processes. A mistake most companies make is to audit absolutely everything once a year. The standard gives you flexibility around this, so use your resources wisely and only audit what is important or what is the highest risk to your business.

2. For each audit, work out the scope of what will be covered. You can’t audit 100% of the process, but you do need to cover enough to be satisfied that the important issues have been captured.

3. Make sure the auditors are independent of the process under audit. This can be tricky so you need to give it plenty of thought.

Takeaways

Here is a list of takeaways that will help you meet clause 9.2:

Only audit what is important or what is the highest risk to your business.
For each audit work out the scope of what will be covered.
Make sure the auditors are independent of the process.
Keep records of the audit.

View previous blogs in this series "How to Implement a QMS and Achieve ISO 9001 Certification":

How to Implement a QMS and Achieve ISO 9001 Certification - Part 1: Introduction

How to Implement a QMS and Achieve ISO 9001 Certification - Part 2: Customer Focus

How to Implement a QMS and Achieve ISO 9001 Certification - Part 3:Leadership

How to Implement a QMS and Achieve ISO 9001 Certification - Part 4:Engagement of People

FAQs

Clause 9.2 of ISO 9001: Internal Auditing? ›

Clause 9.2 of ISO 9001 specifies the requirements for internal audits. The objectives of internal audits are as follows: To ensure that the quality management system (QMS) conforms to the requirements of ISO 9001 and to the organization's own requirements, policies, and procedures.

Get More Info ›

What does ISO 14001 Clause 9.2 2 require of an internal audit system? ›

Clause 9.2.2 Internal Audit Programme

“The organization shall plan, establish, implement and maintain an audit programme(s) including the frequency, methods, responsibilities, planning requirements and reporting of its internal audits.

What is the 9.2 2.1 internal audit program? ›

IATF 16949 9.2. 2.1 requires Management Review to include a review of the audit program effectiveness. This can be evaluated against not only the metric assigned to the internal audit process, if it's defined as a process but also other indirect metrics, such as scrap, customer PPM, launch metrics, etc.

Read The Full Story ›

What does clause 9 of ISO 9001 concern? ›

Clause 9 of the ISO 9001:2015 standard, titled “Performance Evaluation,” serves the purpose of establishing requirements for monitoring, measuring, analyzing, and evaluating the performance of a quality management system (QMS).

Learn More Now ›

Which ISO 9001 2015 clauses for internal audit? ›

This is part of the continuous improvement process. In summary, Clause 9.2 of ISO 9001:2015 emphasizes the importance of internal audits as a tool for evaluating the effectiveness of the QMS and ensuring its ongoing improvement.

Is internal audit mandatory for ISO 9001? ›

ISO 9001 requires companies to conduct internal audits at planned intervals to provide information on whether the QMS conforms to: the company's own self-imposed requirements for its QMS and. the requirements of the ISO 9001 standard, and. the effective implementation and maintenance of the QMS.

What is the ISO standard for internal audit? ›

ISO 19011 is defined as the standard that sets forth guidelines for auditing management systems. The standard contains guidance on managing an audit program, the principles of auditing, and the evaluation of individuals responsible for managing the audit programs.

Get More Info ›

What is the ISO for internal audit? ›

Internal audits help identify processes that may not be fully implemented according to ISO 9001 requirements, allowing corrective action to be taken. Internal audits serve as a means of readiness, enabling organizations to identify and rectify any nonconformities before the external audit takes place.

See Details ›

How hard is the Certified Internal Auditor test? ›

The Certified Internal Auditor (CIA) exam is a challenging test that requires in-depth knowledge of auditing, business, and compliance practices. Many candidates make the mistake of trying to memorize CIA exam questions and answers, but this is not an effective way to study.

Explore More ›

What is clause 9 in ISO 9001 2015? ›

Clause 9 emphasizes the importance of conducting internal audits at planned intervals. These audits provide a systematic and objective evaluation of an organization's quality management system, focusing on the system's effectiveness and adherence to ISO 9001 requirements.

What is Clause 9 of ISO 9001 2015? ›

ISO 9001:2015 Clause 9 Performance Evaluation

Determine what, how, when and by whom results will be measured and evaluated. Determine the methods for obtaining, monitoring and reviewing customer satisfaction. Have an objective, planned and effectively implemented internal audit program.

Find Out More ›

What is clause 9.3 in ISO 9001? ›

Key points outlined in Clause 9.3 include:

Top management is required to review the organization's QMS at planned intervals to ensure its continuing suitability, adequacy, effectiveness, and alignment with the strategic direction of the organization.

Learn More Now ›

What does Clause 9.2 1 requires the organization to do? ›

1 Conduct internal audits at planned internals. The technique of doing internal audits is up to you. The length of the intervals between audits is up to you.