The easiest internal audit program ever

I recently discovered there’s a way to do internal audits that takes (almost) no time at all.  I got an invitation to a webinar called Freshening Up Your Internal Audit Program featuring a consultant who has been around the ISO 9001 certification scene for many decades.  (Aha! I thought. I’m finally going to learn the secret from a real veteran of internal auditing).

When we got to the secret, I was amazed by the completely different approach to auditing.  This was more than a freshen-up, it was radical surgery.  There are no horizontal, vertical, process, observational, or outcome audits: they have all been excised.

This quality manager produces a detailed Compliance Matrix (it’s like a gap analysis with much more detail) and updates it every year (you can get a copy if you make it to the end of the webinar).  And the Compliance Matrix is it.  There is usually quite a vigorous discussion with the ISO auditor when they come, but he manages to get it across the line.

Now I wasn’t quite ready to adopt this approach whole-heartedly, but there were some great lessons in the webinar that I’d like to share with you:

There is no right way to do internal audits

The” tell me, show me” or process method used by certification and accreditation bodies is not mandatory.  Many of us are married to the belief that observational process audits are the only “proper” kind of audit (you know, the ones we learn about in the NATA/SAI/Lloyds internal audits courses). I know I was for many years and I love auditing that way because it suits my curious nature and visual learning style.

However, if you follow the requirements trail for internal audits, it leads you back to a fairly general description of what an audit is.  Look at AS NZS ISO 19011-2014 Guidelines for auditing management systems if you want to find out more.

Focus on quality improvement

Quality managers should be involved in quality improvement, right? That’s meant to be the whole purpose of the quality system.  To improve.  And all too often we get bogged down with our systems and dealing with compliance.

Try to spend more time fixing problems than finding new problems. Invest in quality improvement activities a la Deming, 5S and so on.  Spend time studying important processes, measuring, and trialling improvements using tools such as brainstorming, affinity diagrams, and hazard barrier analysis.

Managers aren’t doing their job?

To wait until an internal audit reveals problems is courting disaster.   Managers do have to keep an eye on the things that may be part of an internal audit program all year-’round.  Things like making sure that customer requirements are met and that people are following the quality system.  I hear many overstretched quality managers cheering at this point!

Make sure there are measures in place for all the critical points in your processes.  Adding these to your gap analysis or Compliance Matrix is one way to keep track of them.

Give up on traditional internal audits?

I have to admit I find this difficult to contemplate.  I love auditing: being on my feet in the workplace, looking around, getting alongside scientists to see how they work, how the tools are organised, and how the work flows (or doesn’t) towards a result or product.

But when you have been in the same organisation for years, it is very difficult to see anything new when you audit. That’s why I always recommend training your staff to do internal audits and don’t rely on one person.

There are so many benefits that flow from a well-designed internal audit program:

  • Improvement suggestions arising from an ‘outside pair of eyes’ looking over the laboratory processes
  • Staff gaining confidence to talk about their work and the importance of it
  • Staff from different areas learning about their up- and down-stream customers & what their difficulties are
  • Effective identification of root causes
  • Harmonisation of common processes across the organisation
  • The organisation gets to practice at following the PDSA cycle to address non-conformities
  • Risks identified and documented
  • Different interpretations of the requirements
  • Sharing of improvement ideas from different sections
  • Genuine confirmation of the effectiveness of corrective action
  • Facilitating communication between front-line staff and their managers
  • Staff members learning how the accreditation/certification requirements apply in their area

While it is true that many of these benefits will come out of brain-storming, force field analysis and other quality improvement tools, nothing beats getting alongside your frontline workers, observing their work environment and listening to their concerns while they show you how their work is done.  This is something that a traditional process audit allows you to do in a non-threatening way.

Back to the Compliance Matrix

This is a very useful process to go through at least once, and possibly more often if you are one of those people who hates being “caught out” by external assessors/auditors.  Use it to educate staff who will be answering questions during your external audits or assessments – this avoids non-conformances from not knowing where you had a clause covered in your system.

A compliance matrix may also be known as a GAP analysis.

Help is at hand

If you need to take a fresh look at your audit program, get refresher training in internal audits or simply want someone to do audits for you, we can help. O’Dwyer Accreditation offers quality system consulting, training and contract internal auditing services. Call or email now.