Why need to conduct ISO Internal Audit ?
Nowadays many business are facing more competition. Many business want to make sure excellence in our business to maintain customer satisfaction and reduce cost by improvement operation.
That’s why many company want to get ISO Certification.It give customer confidence and reinforce internal operation.
But how do we know the effectiveness of management system and the area for improvement ?
The answer is Internal audit -can help management to understand the effectiveness of management system and area for improvement.
What is ISO Internal Audit
According to ISO 19011 requirement, Audit is a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.
The purpose of audit :
- To determine conformity
- To determine the effectiveness
- To provide opportunity to improve
- To meet regulatory requirements
- For certification
Be reminded, the purpose of audit is finding fact, not finding fault
Principles of auditing
Integrity is the foundation of professionalism
Auditors and the person managing an audit programme should perform their work with honesty, diligence, and responsibility.
Fair Presentation
The obligation to report truthfully and accurately.
Due professional care
The application of diligence and judgement in auditing.
Confidentiality
Auditors should exercise discretion in the use and protection of information acquired in the course of their duties. Audit information should not be used inappropriately for personal gain by the auditor or the audit client, or in a manner detrimental to the legitimate interests of the auditee.
Independence
the basis for the impartiality of the audit and objectivity of the audit conclusions.
Evidence-based approach
the rational method for reaching reliable and reproducible audit conclusions in a systematic audit process.
Auditor competence and training
Auditor should receive Internal Auditor Training
Academic qualification : at least graduate of high school.
Four Stages of Internal Audit
There are four stages of audit process.
1) Preparation of ISO audit
2) Onsite ISO audit
3) ISO Audit reporting
4) ISO Audit followup
1) Preparation of ISO Audit
-Prepare audit plan including criteria, scope & location.
-Document Review-company policy, company procedure and previous audit report.
-Prepare internal audit checklist .
-Keep auditee advised, agree date and time
2) Onsite ISO Audit
- Chair Open Meeting
In the opening meeting , audit team leader and audit team and top management, department Representative will attend. Audit team leader will introduce audit team and explain the audit plan and audit criteria - Collection of audit evidence.
Auditor will understand the operation through observation and interview with auditee. - Tips about asking question & interview with auditee.
-Introduce yourself and purpose of audit.
-Ask opening question.
-Keep eye contact.
-Keep clam & objective. - Verifying the integrity of record
There is no time to check everything. Audit take some samples of record such as quotation, purchase order, delivery note, production record, training calibration record and so on
3) ISO Audit Reporting
Audit team members raise observation and minor nonconformity. Audit Team leader gathers the findings and and conclude the audit result.
Audit Team leader hold a closing meeting with top management and department representative and to report audit result, findings and corresponding followup actions.
Audit findings
Observation mean slightly deviation from policy, procedure and practice
Minor conformity means one or more clause of ISO requirement lapse but not a great impact on management system
Major conformity means system break down or collapsed.
4) ISO Audit followup
After department representative finished the corrective actions to the corresponding nonconformity raised by auditor, the auditor close the correction action on site.
Business success is lifelong journey. Continual improvement is a never-ending story.
