Featured Product
This Week in Quality Digest Live
Quality Insider Features
Donald J. Wheeler
Do your instruments have the same amount of measurement error?
Martin J. Smith
How to shutter a business when the pandemic forces closure
Harish Jose
The next logical step in complexity
Katy Kvalvik
Effective communication is foundational for effective leadership
Wendy Stanley
PLM, MES, QMS, and ERP work best when they work together

More Features

Quality Insider News
Real-time data collection and custom solutions for any size shop, machine type, or brand
Lloyd Instruments launches the LS5 high-speed universal testing machine
Measure diameter, ovality of wire samples, optical fibers and magnet wire, including transparent products
Training, tips and tricks, unboxing, and product videos provide additional information for users
How to develop an effective strategic plan and make the best major decisions in the context of uncertainty and ambiguity
Collect measurements, visual defect information, simple Go/No-Go situations from any online device
Laser scanning also used to help create safety covers for credit card readers
A complimentary webinar for novices to experts on May 27-28, 2020
MetLogix Mx200 DRO is fully featured and easy to use

More News

Craig Cochran

Quality Insider

Three Keys to Successful Internal Auditing

Keep these in mind to accomplish your goals.

Published: Monday, January 30, 2006 - 23:00

Internal auditing is one of the most routine improvement tools available to organizations. In fact, it’s so ordinary that auditors sometimes forget the underlying principles of auditing. Auditors must be periodically reminded of these underlying truths or the entire audit process can begin to backfire. Keep these in mind as you audit and you’ll nearly always be successful. Principle 1: The customer of the internal audit is the one being audited
That’s right, the people you’re auditing are your customers. Internal auditing is a service you perform to help make your organization more successful and identify problems before they spiral out of control. The quality of your product depends on how well the audit is planned, the type of training provided to auditors, the level of engagement of top management and the way auditors behave during the audit, among other factors. You must conduct the audit with the same level of professionalism and diplomacy as if you were being paid by an outside party.
Little things that indicate the auditors have forgotten who the customer is include:

  • Treating the audit as a “Gotcha!” exercise. Auditors should never express satisfaction or glee when nonconformities are found. Focus on the facts and keep things as impersonal as possible. Failures revealed by the audit are opportunities for the future.
  • Failing to adjust the audit plan to meet the needs of the auditee. Unexpected events can occur during an audit: accidents happen, lines shut down, rush orders must be processed. The audit plan should be flexible enough to handle changes on the fly.
  • Holding surprises until the very end. The auditee should be apprised of audit results throughout the entire process. Don’t make the mistake of holding a “bombshell” until the closing meeting for maximum impact. Auditor should communicate their concern, along with all supporting evidence, when they think they might have found a problem.
  • Focusing on insignificant details at the expense of critical issues. Auditing is a detailed activity, but don’t forget to examine the effectiveness of the overall system. When faced with an issue, auditors should ask themselves, “What effect does this really have on the organization and its customers?” The answer will usually indicate if the issue is one worth delving into in great detail.

Principle 2: Planning is the key to success
Audits don’t create improvements by accident. It takes a great deal of planning and coordination. I’ve often said that a well planned audit almost runs itself. On the other hand, a poorly planned audit runs itself into the ground, and planning often gets shortchanged in the rush to get audits done.
Audit planning involves a significant amount of dialogue between the auditors and auditees. It’s a dynamic process that begins well in advance of the audit itself. Planning typically provides details around the following issues:

  • Date: When will the audit take place?
  • Location: What’s the audit’s location?
  • Scope: What are the official boundaries of the audit?
  • Objective: What is the point of performing the audit?
  • Auditors: Who will perform the audit?
  • Areas to be audited: What functions, departments or processes will be evaluated during the audit? Sometimes this is clear from the scope, but often not.
  • Topics to be audited: What subjects will be audited in the given departments? Should the auditee expect questions about document control or management commitment? This not only gives the auditee a heads-up, but it also helps guide the auditors.
  • Timing of the audit: When exactly will each department be audited? When will the opening and closing meetings take place?

The audit plan may also address other issues, but the ones mentioned above are the most common. The purpose of the audit plan is two-fold: To help the auditors understand exactly what they’ll be doing during the audit and to allow the auditees to know what to expect. It isn’t uncommon for the auditee to propose changes to the audit plan, usually minor alterations in the timing (“Instead of auditing sales at 9 a.m., can you come at 10 a.m.? We already have something scheduled for 9 a.m.”). Changes of this sort are entirely reasonable and should be accommodated to the extent possible. Remember, the customer of the audit is the auditee.

The audit plan is documented as concisely and clearly as possible. The exact format is usually dictated by the magnitude of the audit. A plan for an audit of an hour or two could take the form of an e-mail. A plan for a full day or multiday audit will often take the form of a matrix, indicating hour-by-hour blocks of activities. Whatever the format, the plan should be communicated far enough in advance of the audit for all parties to digest it and understand its effect on operations.

Principle 3: Opinions never constitute nonconformities
Everybody has opinions. As people become wiser and more experienced, they tend to develop even more opinions. Many auditors consider themselves to be wise and experienced, meaning they have loads of opinions. Sometimes these opinions become the basis for nonconformities, which is a huge mistake. Facts are the only legitimate basis for nonconformities. Opinions have no role in the process.

A child could write a good nonconformity. The problem is that children don’t write them, wise and experienced auditors do. Consider the following:

  • The company committed itself to doing XYZ. The commitment is a fact, evidenced by its presence in a procedure, plan, policy, specification, contract, work instruction, standard or statement.
  • The company failed to do XYZ. The failure is a fact, based on evidence such as records, observations, documents or interviews.

No opinions are present in the nonconformity, just cold, hard facts. It’s hard to argue with facts. It also makes the audit go much smoother. Sure, facts may remove a degree of creativity that auditors exercised, but creativity is better expressed in other ways.

Evidently, nonconformities aren’t the only kind of audit findings. Because the audit is a balanced process, positives are also highlighted. These may be recorded individually, summarized in an audit report, or presented orally during the closing meeting. Every organization will have at least one or two positives that can be recognized. The auditors just have to remember to look for these in the course of their auditing.

Some organizations also include another category of finding called observations, remarks, comments, opportunities, recommendations, or any number of other names. These fall into a gray area that doesn’t quite constitute nonconformity, but is still an issue worthy of investigation. Sometimes these will include specific recommendations for taking action based on past experience, established best practices or regulatory requirements. These types of findings give auditors a chance to express opinions. Audits are a great place for benchmarking and sharing best practices, as long as all parties to the audit understand and agree to how this will happen.

Discuss

About The Author

Craig Cochran’s picture

Craig Cochran

Craig Cochran is a project manager with Georgia Tech’s Enterprise Innovation Institute. Cochran is the author of The Seven Lessons: Management Tools for Success; Problem Solving in Plain English; ISO 9001 in Plain English; Customer Satisfaction: Tools, Techniques, and Formulas for Success; The Continual Improvement Process: From Strategy to the Bottom Line; and Becoming a Customer-Focused Organization, all available from Paton Professional. His most recent book is ISO 9001:2015 in Plain English, also available from Paton Professional.