Check Your Oil, and Audit Something!
Every system needs periodic testing to ensure that it is working at its peak. Amazingly, some companies cram all their internal audits into the month before their annual external audit. How frequently do you audit your Quality, Environmental or Safety management system? By comparison, is it safe to wait a year without checking the oil on your car’s engine? So why let your system run on cruise control all year, and only look at your system if you get a customer reject or internal reject? Why not catch issues before they become problems?
Over the decades, we have seen internal audits done just before external audits to prove compliance; and we have also seen companies view audits as an improvement tool and audit all their processes and work instructions on an annual schedule, some each month. One client decided to audit something every Friday morning. Another caught the improvement bug during a PQA internal auditor training, and started looking closely at the company’s systems, using internal audits as the method. He found multiple gaps and needs. Combined with other good decision-making, the company’s top line tripled in five years and the bottom line increased even more as mistakes and waste were corrected.
How to audit what? Instead of drudgery, ongoing systematic checks make sure controls remain effective, and highlight where improvements can be made. Auditing all the controls for a single process area can highlight variances between documents related to that same process. Audits should review a process, not an isolated document, and should look at the interrelationships between processes.
In ISO 9001:2015, for instance, we can look at a ‘supply-chain-management’ grouping, starting with needs from client orders triggering purchase of raw materials, vendor selection and monitoring, receiving inspection, and release to production. We could ask, Do they flow together seamlessly? Were certificates of compliance, or Rohs or REACH received with the materials? Are those recorded appropriately, so they can be retrieved for traceability? Is material lot# recorded every time material is used? Does Kitting record component lot #, and are kits complete and accurate, every single time? That entire string could be the subject of an audit that might take an hour every Tuesday for several weeks.
Other groupings could pull together a variety of areas:
Materials management could include receiving raw materials, warehouse organization, finished goods protection, shelf life monitoring, inventory turns
Risk-based thinking could examine the organization’s role in its business context, expectations from interested parties (including regulatory agencies), provision of resources, and finding/training personnel, monitoring changing regulatory requirements, actions taken on RMA’s, etc, etc.
Quality Assurance could include document control, internal audits, corrective actions, management reviews
Quality could include first article, in process and final inspection, box audits, and any RMA investigations and associated process changes that resulted, and control of Nonconforming products.
It’s been our experience that systematic, periodic internal audits will improve every system, as our clients have proven over and over for more than 35 years. Will you be one of them?