Featured Product
This Week in Quality Digest Live
Standards Features
Mark Esser
Much of its early work is baked into the U.S. economy, but NIST continues advancing measurement science
Joseph Near
New blog series from NIST seeks to fill gaps in its Privacy Framework
Clare Naden
Views from the experts on occupational health and safety in a pandemic
Elizabeth Benham
Equity in the marketplace takes the effort of many people and institutions

More Features

Standards News
ISO 37301 provides everything needed to develop, implement, maintain, and improve an effective compliance management system
Two new standards join the ISO series
Design, develop, implement, continually improve risk management in systems and software engineering
ISO/IEC/IEEE 16085 has just been updated
Patient safety is a key focus in update of ISO 14155, the industry reference for good practice in clinical trials.
Is the standard adequate, or should it be improved? Deadline: Dec. 31, 2020
Good quality is adding an average of 11 percent to organizations’ revenue growth
Awards to be presented March 24, 2020, at the Quest for Excellence Conference, in National Harbor, MD

More News

Tom Middleton

Standards

The Most Important Question to Ask About Your Audit Program

Effectively leveraged, audit information can transform organizations

Published: Wednesday, March 8, 2017 - 13:01

Just inside the entrance to Thomas Edison’s winter home in Naples, Florida, is a bronze bust of Edison himself. The base of the sculpture reads: “There is a way to do it better—find it.” As an accredited auditor of management systems and good manufacturing practices (GMPs), I have always seen curiosity as the trait that makes for a successful auditor and a successful audit.

Given the choice between an auditor who demonstrates curiosity but lacks technical competencies, and an auditor who demonstrates a wealth of technical skill and experience but lacks curiosity about how things work, I tend to gravitate towards the curious person. So, let’s pose an interesting question: How much curiosity is there in your audit program?

Of course, there isn’t one right answer to this question, and that’s not the real reason for asking it. However, I find a profound connection exists between curiosity and a learning audit program. When you consider all the things an organization needs to do to prepare for a third-party compliance visit, ensuring a learning audit environment is essential—even fundamental—to success. This applies to the entire spectrum of audit types—internal as well as those conducted at supplier locations.

Know the outcome you’re looking for

An organization’s audit program is the primary mechanism not only for capturing and preserving information from third-party inspections, but for capturing and preserving information for the organization as well. Executive leadership will look back on FDA or third-party inspection information from time to time because the information learned from third-parties constitutes some of the most valuable and objective information they may ever receive about the effectiveness of the organization’s auditing program. Not to mention the effectiveness of management decisions and product manufacturing systems.

Successful audit programs preserve and analyze complaint, CAPA, and nonconformance records to synergize this information into planning and scheduling activities for future internal and other types of audits.

Depending on the scope, frequency, and most important, the depth of an audit program’s data-gathering activities, the audit program, along with its documentation trails, provide a continuous stream of learning from the system, process, and product points of view. This is what, in my opinion, makes audits so valuable to an organization.

But let’s be clear: Valuing curiosity and learning as an auditor can frequently introduce a degree of, well, antagonism. Curious auditors and audit managers can ask some uncomfortable questions during an audit. They want to go into places and dig around, asking probing questions about things that some would prefer weren’t seen or asked about. Curious auditors sometimes take trails to the left and to the right when others would rather they just stay on the main aisles.

An important rule for curious auditors and audit program managers to remember is this: The extent of one’s curiosity often demands staying attuned to the bigger picture of your surroundings and of the audit’s purpose. What story, if the walls could speak, would the surrounding environment tell an auditor about how organizational compliance is being managed day-to-day?

Audits are normally planned and conducted for several reasons, and it may come as a surprise to many that the primary reason is not limited to “ensuring compliance with requirements.” Yes, ensuring compliance is indeed an important reason for auditing. And rest assured, an accomplished third-party compliance auditor will always find a way to take the “road less traveled” in pursuit of compliance evidence during an audit or inspection. But the bigger picture requires that audits be performed to ensure that goals and objectives are met. Goals and objectives are the “planned arrangements” alluded to in standards and regulations—the meat and potatoes of auditing objectives.

Any stockholder or executive in an organization will confirm that managing compliance is not a sustainable reason for conducting business day in and day out. On the contrary, compliance is simply table stakes—the minimum expectation of any organization whose goal is to succeed in today’s market.

An investment in your audit system is an investment in your overall success

In his 1990 seminal work, The Fifth Discipline (Crown Business, 2010 edition), Peter Senge laid out his vision of what he termed “the learning organization.” He states that in order to become a learning organization, businesses must recognize that “the primary threats to... survival... come not from events, but from slow, gradual processes to which we are 90-percent blind.”

After 27 years, Senge’s words continue to remind businesses of the importance of understanding the broader landscape. Regulatory inspections and other audit types provide organizations with a crystalline view to the management ecosystem and can provide a wealth of information over time.

Audit information, effectively leveraged, can be used to transform organizations.

To better manage the audit cycle, consider investing in quality management system (QMS) software. Today’s QMS audit packages allow audit managers to:
• Simplify audit planning and scheduling activities by automating notifications and reminders
• Manage multiple audits simultaneously (especially important for global enterprises with centralized audit management)
• Communicate audit schedules to the right people, and ensure review and approval by the right people
• Leverage master-data integration capabilities to bring more efficiency and accuracy to data collection and sampling
• Use data analytics to facilitate learning, enable stakeholder collaboration, and make smart business decisions 

Edison was right. There is a better way to do it. Position your audit program to learn. Quality management software can leverage quality information and ensure that audit processes are followed—a critical element to success during third-party compliance visits.

Join Tom Middleton, solutions architect for Sparta Systems, and editor in chief Dirk Dusharme for the webinar, “Why You Should Automate Third-Party Audits,” on Tues., March 14, 2017, at 11 a.m. Pacific, 2 p.m. Eastern. Register here.

Discuss

About The Author

Tom Middleton’s picture

Tom Middleton

Tom Middleton is a solutions architect for Sparta Systems Inc. Formerly an ASQ/RAB-accredited lead auditor for Underwriter’s Laboratories and Bausch + Lomb’s surgical division, Middleton has conducted nearly 1,000 registration, surveillance, internal, and supplier audits. Currently he is an ASQ-certified biomedical auditor. Middleton’s experience includes auditing of compliance to good manufacturing practices, international standards, and regulations for automotive, life science, medical device, and the consumer product vertical sectors, including: ISO 9001, ISO 13485, ISO 14000, FDA 21 CFR 820, Japanese Pharmaceutical Affairs Law (JPAL), Canadian Medical Devices Conformity Assessment System (CMDCAS), EU Medical Device Directive (MDD), and the Brazilian ANVISA standards.