iso 9001 Internal audit

An internal audit intends to self-inspect the ISO 9001 standard to check if it is effectively implemented. During the internal audit, the management and staff are interviewed, work processes are observed, and documents or records are examined. The internal audit aims to verify compliance with ISO 9001 and ensure that your procedures and instructions are in alignment. Internal audits are conducted before acquiring the certification and periodically after the acquisition.
iso 9001 Internal audit

Your request has been sent successfully.

What is ISO 9001 internal audit?

ISO 9001 internal audit can be described as a routine inspection within the organisation, in which an assigned auditor examines your company’s Quality Management System (QMS) and its processes based upon the criteria provided in the latest version of the ISO 9001 standard.

Internal audit process

You need to consider a few steps to ensure the highest success rate for your internal audits. If you adhere to these steps attentively, you will have a great experience throughout the process and have well-grounded results at the end of your internal audit process.

how do Internal audit iso 9001?

Scheduling the audit

During the planning stage of the audit itself, ensuring that your team has a proper heads-up of your intentions is beneficial. If everyone on your team is not adequately informed in advance, your results may not be proper.

A random audit where no one is prepared will make the entire audit process futile. Additionally, suppose your management and employees are well-prepared for the audit and interview. In that case, they will have a clearer picture of what to expect from the external auditor during the certification process.

  1. Furthermore, informing them in advance will give process managers sufficient time to wrap up anything they are currently working on. As a result, you will gather the most accurate information possible. So, if you plan on conducting an internal audit, check in on the progress of different projects amongst the management and employees before jumping into the process.
  2. Planning the audit: The planning stage begins as soon as you schedule the audit. To begin with, you will want to ensure that the audit is scheduled by the current workload of the process owners. This includes information such as tasks completed, previous audit results, the current status of the process, et cetera. Gathering such information will help you determine the most effective time to conduct the internal review. The planning stage is the most crucial step of the audit process, as auditors get the opportunity to review your organisation’s audit history and previous issues. By going through these documents, the auditor will let you know the best time to begin the auditing process. 
  3. Running the audit: The next logical step in the sequence of an internal audit process is to conduct the audit. The beginning of this stage provides a sense of reassurance to you and your auditor that the plan is materialising. Many steps must be taken throughout the audit, such as reviewing all records, observing the effectiveness of certain functions, detecting flaws or deficiencies within the system, interviewing employees and much more. The aim of conducting an internal audit is to create reports. The best type of reports not only contain areas considered to be running poorly but also give recommendations for areas that can operate much more effectively, with minor adjustments. Such adjustments are known as corrective actions and can provide process managers with valuable guidance to enhance the system’s success in the long run.
  4. Reports: After the successful completion of the audit, the auditor will meet you or the process manager to discuss the findings of the analysis. During this meeting, the audit results will be discussed, the identified errors will be highlighted, and the tactics that can be utilised to improve those areas will be showcased. Having solid evidence of what the processes are not producing, in addition to strategies for improvement, is any process manager’s dream. This dream can be materialised into reality by adhering to the findings and recommendations of an internal audit. Moreover, these reports and results will also help you save resources by using them more efficiently, helping you save both time and energy.
  5. Follow-up: Often, you will want to reflect upon the audit results to ensure that the issues found have now been addressed. For this purpose, you will want to review the information provided in the audit. Additionally, during this stage, it is beneficial to compare your pre and post-audit quality level to see if there have been any significant changes in performance. However, it is necessary to remember that success will not stick around for a long time, and it is beneficial to always “rinse and repeat.” Regular audits are needed to ensure that the tweaks made to the processes continue to improve.

iso 9001 Internal audit

Using an internal audit checklist

A checklist is an excellent tool for reference, as it ensures that the steps of the internal audit are appropriate and fruitful.

Scoring criteria

The ISO 9001 internal audit scoring criteria are broken into four separate sections. These four sections include:

  • Compliant- This criterion measures the compliance of a specific process by ensuring that all the requirements of the ISO 9001 standard are effectively met. If a process meets all the requirements, it receives the best score.
  • Opportunity for improvement- This refers to a minor issue or a flaw within the quality management system, which a recommendation from the auditor can improve. This area in the checklist allows the auditor to recommend specific corrective actions per your organisation’s unique needs.

iso 9001 Internal audit process

  • Minor non-conformance- This checklist area will reflect a poor representation of a document and/or a small number of requirements. The complexity and size of this issue are not significant enough to be considered an absolute failure in your final compliance score, but it will affect certain sections negatively.
  • Major non-conformance- If your organisation receives this as a score, many significant changes need to be made. Obtaining this score means a lack of proper documentation, proper implementation, or provision of resources for meeting the standard’s requirements.

Requirements of a supplier audit

Supplier audits are focused on the suppliers or conducted like the ones discussed above. Here, processes will be identified and recorded, and the auditor will explain to the process manager to help the supplier understand how interactions work within the processes.

The following points have been directly pulled from the official supplier audit checklist. These audits aim at customer-related processes and are meant to be conducted at periodic intervals:

  • Analyse whether the processes conform to planned arrangements.
  • Analyse whether the processes are correctly implemented and maintained.
  • Provide data on process performance to members of the top management.

Additionally, the following bullets should be considered during the auditing process:

  • When talking about the various support processes, is there continuity between them?
  • Is the task done on a day-to-day or a person-to-person basis?
  • Are the inter-departmental interfaces operating smoothly?
  • Does product information flow freely?
  • Is the procedure appropriate and accurate?
  • Do the procedures meet the requirements of the standard and its specifications?
  • Is it helping the organisation effectively?

 

Process audit turtle diagram

Another effective tool in the supplier checklist is the process audit turtle diagram. This tool provides the auditor with questions to consider under the following subjects:

  • Process name/description
  • Process inputs
  • Control processes
  • Personnel
  • Equipment and facilities
  • Process output
  • Support processes
  • Instructions and procedures
  • Key Performance Indicators (KPI)

A few examples of questions that are asked in the diagram for process inputs are, what are the triggers of the process, where do these inputs come from, and how do they interact with each other?

Process audit turtle diagram

The diagram is interconnected, where each box of questions points to another set of questions, helping the supplier understand the requirements of the checklist and complete it effectively.

Quality management

The audit aims to analyse the quality management of an organisation. This includes reviewing the performance of your processes and evaluating it to ensure that objectives for the business are clear and strategic.

Quality management also focuses on the issues identified and how improvement corresponds to the applied corrective actions. Moreover, the assessment criteria covered under quality management include strategic objectives, plans for action and other quality management system-related requirements.

Continuous improvement

The next subject that is assessed is continuous improvement. Some of the questions related to the subject are included in the list below:

  • Do the proposed corrective actions cover internal, customer and supplier issues?
  • Are the preventive actions created based on analysis of significant business trends, customer satisfaction surveys, design reviews or other meaningful inputs?

Such questions have been sourced directly from the question checklist and give you a fair idea of how other questions will be formatted. Moreover, in this section, management reviews, customer surveys and other meaningful inputs are also assessed.

Continuous improvement

Education and training

This section requires a lot of focused attention during the internal audit. This section is considered necessary, laying the groundwork for future improvement and success. Some of the common questions asked during this part of the audit focus on ensuring that the records are being maintained, the method utilised for determining skill gaps and verifying training needs are suitable. The section also deals with assessing certification history, checking qualification records, examining training manuals and conducting assessments for task-related skills.

Occupational health and safety

This area focuses on checking the management system by emphasising the policies that deal with health and safety. The focus of the questions in this section revolves around checking procedures used to identify hazards and control measures for identified issues. During the audit, communication channels, the procedure for training, and participation protocols will also be examined.

Occupational health and safety

Design and development support

This section contains a bulk of questions. Some of these technical questions focus on Critical-To-Quality (CTQ) characteristics. The aim of including CTQ is to ensure that both human and technical resources meet the requirements of ISO 9001. Examples of CTQ characteristics include:

  • Market studies
  • Computer-aided design (CAD)
  • Technical staff requirements/qualifications
  • Process plan
  • Quality planning

The focus of quality planning is to inspect production samples and conduct test plans to ensure that consistency is maintained. In this section, auditors ensure that the data available is easily accessible and is related to product reliability. For this purpose, auditors look at charts, test summaries, test reports, and so on. Forms, including the Production Part Approval Process (PPAP), will also be inspected during this part of the audit.

Other essential elements on the audit checklist include:

  • Documentation that focuses on customer requirements.
  • Procurement details
  • Specifications for incoming materials.
  • Records for manufacturing quality specifications.
  • Requirements for process control.
  • Non-conforming materials.
  • Maintenance
  • Monitoring and measurement metrics.
  • Storage and packing
  • Environment

A summary can be found at the end of the checklist. A box is available to write all the gathered information regarding the findings. Examples of such information include:

  • Number
  • Summary
  • ISO specification reference
  • Root cause
  • Rectification date
  • Non-Conformance Report (NCR)

It is necessary to check these boxes within the following categories:

  • Preventive action and opportunity for improvement
  • Corrective action
  • Non-conformance

At the end of the audit checklist, there is space available to write additional notes about observations made during the audit.

 

Other types of audits

Similar to internal audits, there are other audits that your organisation can conduct to improve the efficiency of its systems and processes. One such example is the external audit. External audits differ from internal audits as they help prepare your organisation for your official certification audit. The purpose of external audits is to focus on supplier and customer certification and conduct surveillance.

Other types of audits of iso 9001

One of the core differences between an internal and an external audit is the qualification of the auditor. Generally, most internal audits are performed on-site and by someone who works within the company, although remote audits are sometimes conducted. However, an external audit is conducted by an auditor who is not a part of your company.

Customer audits

A customer audit occurs when a customer verifies that the organisation is meeting its requirements per the established quality objectives.

Supplier audits

The focus of these audits is on supplier control. These audits gauge if the controls implemented to ensure quality management at the supplier’s end are being maintained. These audits should be performed frequently because internal auditing and relationship management are a big part of becoming ISO 9001 certified.

Supplier audit checklist

The supplier audit checklist is utilised to help suppliers identify compliance with the requirements of the ISO 9001 standard within specific areas of the organisation. On our website, we provide a free supplier audit checklist and process audit checklist.

Supplier audit checklist

Process audit

The process audit checklist is utilised to assess the various processes of your organisation, focusing on their effectiveness, performance and alignment with ISO 9001 requirements. It is nearly identical to the template of other checklists but is shorter in size.

Scoring criteria

Similar to the supplier checklist, the scoring criteria for the process audit checklist feature opportunities for improvement, compliance, minor non-conformances and major non-conformances as the grades for scoring.

Requirements/process audit checklist

Requirements for this audit are similar to those of the supplier checklist, with no significant changes.

Certification audit

The certification audit is conducted before you are certified in ISO 9001. The certification audit is your last milestone in your journey from planning to implementing your quality management to becoming certified. Typically, it is conducted in two separate phases:

Certification audit

The first phase is considered a warmup, where an auditor “feels out” your processes to ensure that you are ready to move on to the next part of the audit. Only after successfully clearing this phase can the next phase commence.

The second phase of the audit is done on-location and includes an interview. The auditor will interview your staff members to include them in the audit, analyse the documented information and ensure that your organisation is in alignment with all the requirements of ISO 9001.

It is important to remember that certification audits are usually conducted every three years. It should be kept in mind while planning and scheduling your routine internal audits and preparing for the re-certification process.

We are here to guide you

Acquiring the ISO 9001 standard can be beneficial if you want to reach new heights. We are here to guide you at every stage of your certification process, helping you deliver faster results, greater returns on investment and better business relationships.

FAQ

1.What is internal audit as per ISO 9001

An internal audit intends to self-inspect the ISO 9001 standard to check if it is effectively implemented. During the internal audit, the management and staff are interviewed, work processes are observed, and documents or records are examined

2.How do you conduct an internal audit ISO 9001?

In this article, we examine the ISO 9001 internal audit in full.

Get a
Quote