Opinions on internal audit schedule adjustment

D

DblHelixx

Starting to get Involved
qualitymanagerTT said:
That's sticking a plaster on the wound.

Based on what you say, management is not providing resources necessary for the existing management system, and trying to avoid an NC is masking the much bigger and deeper problem.

It's your decision whether you want an effective MS, or just a certificate on the wall.
Click to expand...
This is definitely all true. I'm trying to balance wanting an effective system with wanting to make management happy. I'll be honest, I don't want to constantly be putting in time and effort arguing with management, because that makes me hate my job even more...

Mike S. said:
Not using the resources you do have in the best way possible is a problem as well, no?
Click to expand...
Can you expound on what you mean by this a bit more?
 
Ron Rompen

Ron Rompen

Trusted Information Resource
Getting in late on this one, but wanted to add my own $0.02
In ISO and IATF (not sure about 17025 but I'm confident it follows the same requirements) you are required to perform a full audit of your QMS - but it doesn't have to be all at once.......I spread my audit over a 12 month span. This allows the internal auditors to work at their other jobs - auditing (for most of us) is just one of MANY tasks that we have.
I will adjust this audit schedule through the year as necessary, to reflect a variety of things (internal and external nonconformances related back to the QMS), vacation and plant shutdown schedules, customer feedback, etc.
Unless it is mandatory in the standard you are certified to, I would strongly urge you to spread your audits out. Revise the schedule (keeping revision notes as applicable) when it needs to be. Don''t kill yourself or your team trying to adhere to a schedule that is unrealistic.
 
M

Mike S.

Happy to be Alive
Trusted Information Resource
DblHelixx said:
This is definitely all true. I'm trying to balance wanting an effective system with wanting to make management happy. I'll be honest, I don't want to constantly be putting in time and effort arguing with management, because that makes me hate my job even more...


Can you expound on what you mean by this a bit more?
Click to expand...
I was responding to qualitymanagerTT's post. I believe if you do have the resources to avoid a NC you should do so, not hold back so that the org gets a NC to try to prove a point.
 
Q

qualitymanagerTT

Involved In Discussions
Mike S. said:
I was responding to qualitymanagerTT's post. I believe if you do have the resources to avoid a NC you should do so, not hold back so that the org gets a NC to try to prove a point.
Click to expand...
Fully agree - if you can prevent an NC by doing proper Root Cause Analysis, then determining the appropriate course of action, having relevant resources made available, implementing the planned actions, then reviewing for effectiveness was what used to be required by the Preventive Action clause in ISO 9001:2008.
Some people claim it's different now with addressing risks, but part of the intent of a QMS is to prevent NCs which can be avoided.

My comment (to which MikeS responded) was based on the OP's statement that management is not providing the relevant resources (i.e., competent people) to do the audit.
 
Q

qualitymanagerTT

Involved In Discussions
Ron Rompen said:
In ISO and IATF (not sure about 17025 but I'm confident it follows the same requirements) you are required to perform a full audit of your QMS - but it doesn't have to be all at once.......I spread my audit over a 12 month span. This allows the internal auditors to work at their other jobs - auditing (for most of us) is just one of MANY tasks that we have.
...
Unless it is mandatory in the standard you are certified to, I would strongly urge you to spread your audits out. Revise the schedule (keeping revision notes as applicable) when it needs to be. Don''t kill yourself or your team trying to adhere to a schedule that is unrealistic.
Click to expand...
I am not aware of any requirement in ISO/IEC 17025 about the duration of an internal audit cycle.

The clause in 17025 is mostly a copy-and-paste from ISO 9001, which leaves out the requirement for impartiality (17025 has a whole clause, 4.1, for that), and uses the term "records" instead of "documented information" for evidence of implementing the audit programme, and audit results.
 
D

DblHelixx

Starting to get Involved
Ron Rompen said:
Getting in late on this one, but wanted to add my own $0.02
In ISO and IATF (not sure about 17025 but I'm confident it follows the same requirements) you are required to perform a full audit of your QMS - but it doesn't have to be all at once.......I spread my audit over a 12 month span. This allows the internal auditors to work at their other jobs - auditing (for most of us) is just one of MANY tasks that we have.
I will adjust this audit schedule through the year as necessary, to reflect a variety of things (internal and external nonconformances related back to the QMS), vacation and plant shutdown schedules, customer feedback, etc.
Unless it is mandatory in the standard you are certified to, I would strongly urge you to spread your audits out. Revise the schedule (keeping revision notes as applicable) when it needs to be. Don''t kill yourself or your team trying to adhere to a schedule that is unrealistic.
Click to expand...
Okay, I'm trying to wrap my head around this concept of a rolling basis for audits. Say I write in my procedure that I want a full system audit done once every calendar year. If in Year 1 I do audit components A, B, and C in June, July, and August, but then Year 2 do them all in September, and then Year 3 do them in May and June, would that be acceptable? Even though the timeframe between audit components varies and may be more or less than a year?
Examples would be appreciated!
 
Jim Wynne

Jim Wynne

Leader
Admin
DblHelixx said:
Okay, I'm trying to wrap my head around this concept of a rolling basis for audits. Say I write in my procedure that I want a full system audit done once every calendar year. If in Year 1 I do audit components A, B, and C in June, July, and August, but then Year 2 do them all in September, and then Year 3 do them in May and June, would that be acceptable? Even though the timeframe between audit components varies and may be more or less than a year?
Examples would be appreciated!
Click to expand...
Leave it intentionally vague and say "annually" rather than once every calendar year.
 
M

Mike S.

Happy to be Alive
Trusted Information Resource
Saying "once each calendar year" gives a lot of flexibility. Could be Jan 2022 and Dec 2023. Or Dec 2022 and Jan 2023.
 
Ron Rompen

Ron Rompen

Trusted Information Resource
Yes, it will definitely satisfy the requirements of the standard. WHENEVER you are writing a process which has to reflect time, leave it as vague as possible. To tie yourself to a specific time just leaves you open to nonconformances.

As an example: I have my team perform process audits every week. In general, they do these on Wednesday. But things happen, the real world gets in the way, and sometimes it's Thursday or Friday before it gets done - or things are really quiet on Monday, so they do it then. In either case, it still meets the requirement that I have written. Makes it easier for me to demonstrate compliance
 
You must log in or register to reply here.

Similar threads

QCBOB
ISO 13485:2016 Internal Audit checklist/template?????
Replies
1
Views
153
shimonv
shimonv
W
ISO 13485:2016 / MDSAP Surveillance 2 Audit Delay Consequences
Replies
2
Views
173
Ed Panek
Ed Panek
Vader22
ISO 17025 Internal Auditor Requirements
Replies
6
Views
630
david7763
D
F
Confused about Non conformace from internal audit
2 3
Replies
22
Views
1K
qualitymanagerTT
Q
I
Internal audit report format for integrated QMS
Replies
2
Views
2K
Wolf.K
W
Top Bottom