Wondering how to approach the requirements of ISO 9001 Clause 2?
For whatever MSS you need to conduct internal audits, you have two basic approaches to choose from:
- Option 1: do the minimum necessary to satisfy the Certification Body (CB)
- Option 2: take the best advantage of the opportunity the mandatory requirement offers.
You may well ask: Is it really worth my while putting time and effort into internal auditing, especially when I am going to meet resistance at every turn?
Here we’re going to consider both options and then you can decide which is best for your organization.
NOTE: The advice here applies to all Management System Standards (MSS) and not just to implementing ISO 9001:2015.
Option 1: Do the minimum to satisfy Clause 9.2 requirements
| Action | The benefit to the Organization |
|
Satisfies a requirement of Clause 9.2 |
|
Satisfies a requirement of Clause 9.2 |
|
Satisfies a requirement of Clause 9.2 |
With Option 1, you’ll have done a good job. But at what cost in terms of lost opportunity?
Option 2: Take full advantage of the opportunity Clause 9.2 presents
| Action | The benefit to the Organization |
|---|---|
|
The internal audit becomes part of monitoring the system to check progress towards achieving the Management System Objectives and KPIs chosen, prompting timely action to ensure that they are going to be successfully met. |
|
Audit activity provides an ongoing reminder to colleagues of the importance of the Management System and its contribution to success. Reinforces awareness training or similar efforts. |
|
Processes are audited at a suitable frequency, with critical/failure-prone ones being audited most frequently. Early detection of failing processes saves time, money, and reinforces customer satisfaction. |
|
Common sources of noncompliance are addressed, reducing the risk of major non-compliance and ensuring compliance with both CB and regulatory requirements. |
|
Auditors find it easier to follow workflows and processes, resulting in more thorough audits and less likelihood of missing disjointed steps. |
|
A variety of evidence-collection methods enhance the dependability of compliance and non-compliance findings, increasing management’s confidence in the Management System. |
|
Incremental improvements and corrections to processes and procedures will result, with occasional major improvement opportunities emerging from this effort. |
|
Audit reports that balance compliance findings and improvement opportunities ensure that audits are not perceived as ‘witch hunts’ and that good compliance is replicated. |
|
Highlighting positives in audit reports presented to management will reinforce the usefulness of the Management System and help secure additional resources for improvements. |
Conclusion
In our opinion, Option 1 is ‘what not to do’ and Option 2 is ‘what to do’ and, if you are the Audit Programme Manager for your organization, we strongly recommend it to you as part of your ISO 9001 implementation and maintenance. Yes, it is a lot more work, but the results will significantly benefit your organization (and mostly on the ‘bottom line’). It won’t do your career prospects any harm, either.