 |
 |
 |
 |
Internal Auditor Training You know you need to have internal audits (quality or environmental), typically done by your own internal auditors (unless you outsource this service to a company like Midwest). Your internal auditors need to be trained to do the job well, and to have credentials indicating their competence. Auditor training comes in many sizes and varieties, and the selection depends on what management wants out of their audits. Compliance auditing: Verify that the system conforms to the selected standard (ISO 9001:2000). Process auditing: Find and define waste in the organization, with recommendations for elimination. Compliance Auditing This is what your registrar does, and what you want to do preparing for your initial registration (or a transition). It uses a checklist similar which covers all the requirements of the standard, in fact many use the text of the standard as a checklist. The results of the audit are that you either do or do not comply with the requirements that standard, and note any nonconformances where you fail to comply. Once you are happily registered, this form of audit is of questionable value. In fact, you have a registrar coming in to perform surveillance audits doing just that. Audits can be much more valuable! Your Audit Objective Why do the audit? What do you want out of it? What is your objective? ISO recently published the new ISO 19011:2002 Guidelines for quality and/or environmental management systems auditing and they really got it right: an audit is to achieve a management objective! They go on to list a few typical objectives (section 5.2.1: "These objectives can be based on consideration of management priorities, Here is how a performance audit works: 1) Management decides "something" needs to be investigated, so they develop the audit Objectives. Being managers, they are concerned about resources, so the define the Extent (time spent, other expenses, etc.) Management is the audit client. 2) The audit program manager gets the Objectives and Extent. As trained experts (and often along with the lead auditor and auditors, perhaps even auditee) they translate the Management Objectives and Extent into the audit scope (audit what, when, who, etc.) and criteria (checklist). This is approved by the client (management) and the auditee. 3) The auditors collect evidence within the scope and as defined by the criteria. 4) The auditors examine the evidence relative to the criteria to develop findings. 5) The findings are collated into a conclusion which is presented to Management. 6) Management uses the conclusion and findings to decide on a course of action which handles the "something" they started with. Process Auditing: ISO 9001:2000 encourages you to get better by: being more effective at reaching your goals and meeting customer needs Often an organization has several processes which handle different products, or can have a single process which handles similar products. The first requirement of ISO 9001:2000 in 4.1a) is to "identify the processes needed for the quality management system and their application throughout the organization." How do you look at the "interacting activities" which do the transformation to determine their efficiency? A Process Audit examines your process, typically one at a time. Management picks the process (often one where they feel there may be waste) and the audit team takes it from there. They have to map the process selected (it should have a name) to determine: Process Inputs (what does the customer want, contract review) ISO/TS 16949:2002 auditors are very keen on the process audits, and will look for evidence that you know how and have done it. They also want you to audit with the IATF checklist for conformance.
|
