Auditing Is A Valuable Tool For Identifying Weaknesses
by Breda Kearney | September 19, 2019 | Blog , ISO 9001:2015 , |
Process-based Auditing is a valuable tool for identifying weaknesses and inefficiencies in the Quality Management System (QMS). Addressing the audit findings in a timely manner is the basis for improving QMS performance.
ISO 9001 requires organizations to audit each of the QMS processes using a risk-based approach. This means that the key or core processes such as Production, Service provision, Sales & Marketing, Customer services etc or under-performing processes are audited at a higher frequency (For example 2-3 times per year). Processes that are more mature or not customer facing are audited at a lower frequency (For example 1-2 times per year). The frequency of audits is constantly monitored and may be adjusted based on the audit results or if there are any significant changes to the process.
In many organizations, the main focus of the internal audit program is to determine the degree of conformance/compliance to applicable requirements (For example: Legal, ISO 9001, Customer, Corporate/Group, Procedures, Policies etc). This style of auditing typically takes the form of a gap analysis whereby each requirement is audited to verify that the appropriate record or procedure is in place. This approach is valuable when a new procedure has been implemented, a new policy/guideline has been issued or when the QMS has been newly implemented (For example: prior to stage 1 or stage 2 initial certification audits). However, in the case of an established or mature QMS, this approach can become “tick-boxing” and is often considered superficial.
To truly add value to the organization, ISO auditors should move their primary focus from conformance/compliance to determining if the process is effectively implemented and maintained. In this case, the ISO auditor will focus on evaluating if the process is achieving its intended results by evaluating:
- The status of the process key performance indicators (KPIs)
- Status of actions to address risks and opportunities
- Reviewing results of data analysis and evaluation
- Reviewing status of corrective actions
- Reviewing customer complaints
- Reviewing methodology for verifying training effectiveness
- Confirming that planning is effective
By focusing on the process related data, the auditor will quickly identify the problem or under-performing areas which require more in-depth investigation. Determining conformance/compliance will still be included as part of the audit but to truly add value the primary focus must be process performance.
Performance based auditing enables the organization to continually improve efficiency and effectiveness of the QMS and manage risks to performance and customer satisfaction. However, this style of auditing can be challenging for ISO auditors when compared to conformance/compliance-based auditing as it requires the auditor to apply analytical thinking by taking a more holistic view of the process and focusing on high risk areas.
At Comply Guru, our CQI and IRCA Certified Quality Auditing Courses will provide you with the skills and knowledge required to conduct value-adding performance-based audits. Each learner will also be provided with templates to get them started on their auditing career. As a bonus, each learner will be given access to our CQI & IRCA Certified Online ISO 9001 Foundation Course, which provides in-depth knowledge of the requirements of ISO 9001:2015 which is invaluable for anyone that needs to perform internal audits against ISO 9001!