Having a quality management system (QMS) is essential for compliance with the ISO 9001 standard. It’s also important to audit this system to make sure the system is having the desired effect.
An internal quality audit evaluates the QMS to ensure its objectives are being achieved and that the business is compliant with ISO 9001.
In this article, we offer an overview of:
- what an internal quality audit involves
- benefits of internal quality audits
- ISO 9001 requirements for internal auditing
- how to conduct an ISO 9001 internal quality audit.
What is an internal quality audit?
An internal quality audit reviews and evaluates a company’s procedures and processes to ensure the system conforms to a quality standard such as ISO 9001. This is known as a quality system audit.
A quality audit can also focus on a service or product to assess whether it conforms to expected standards. This would be a product or service quality audit.
A successful internal quality audit highlights any shortcomings and allows an organization to make changes to its QMS to ensure better compliance.
Important benefits of internal quality audits
Setting up a quality management system but never double checking its effectiveness is a recipe for disaster. Regular checks to ensure the system is compliant has many benefits.
Real-world testing
Comparing the theoretical quality management system to how it works when applied in the real world can highlight any impracticalities.
Highlighting areas of improvement
A full audit that takes feedback from staff and customers into account highlights weak areas in the quality management process.
Identifying non-conformance
An audit also exposes any problem areas in regard to ISO 9001 conformance that could lead to penalties.
Opportunities for upskilling
Internal audits often identify any areas where employee skills are lacking or could use improvement.
Preparation for an external audit
An internal audit is good preparation for an external audit. Familiarize yourself with the expectations of an external audit and use the internal audit as an opportunity to make sure everything is ready.
Initiating corrective action
Audits are an opportunity to kickstart any necessary corrective and preventative actions (CAPA) that might have been overlooked.
Identifying wastefulness
Scrutinizing your processes, especially when it comes to manufacturing, often highlights areas where waste of time or resources can be eliminated.
Audit report
The final audit report is a useful resource that can be referenced as you continually improve your quality management system.
ISO 9001 requirements for internal auditing
ISO 9001 defines an internal audit as the “systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled”.
You can conduct an internal quality audit as often as you consider necessary to improve your QMS processes. However, internal audits should be done at regular intervals as part of a planned audit program.
Audits must be carried out by impartial auditors who are not directly responsible for the systems, processes, and products being audited to avoid conflicts of interest and bias.
All internal audits must be fully documented in a final audit report. This should be provided to management, along with any recommendations for corrective action.
How to conduct an ISO 9001 internal quality audit
Each organization will need to plan and implement an internal quality audit plan that is tailored to its services or products. Follow these basic steps when conducting an internal quality audit:
Planning
The internal audit plan should be an established process that happens at regular intervals.
The plan should detail the scope and objectives of the audit. It should include any forms or checklists needed for the audit, as well as who the auditors are and what they’re responsible for.
Execution
The auditing process should reference previous audits or corrective actions.
Auditors should communicate directly with the auditees, so they know what to expect.
Primarily, an audit should be looking for compliance with the QMS, but it should also identify areas of improvement and any inconsistencies.
Reporting
Once the auditors have all the information they need through interviews, documents, demonstrations, and process reviews, they must compile a report that is presented to management.
The report should be done as soon as possible after the audit, and it should highlight any recommended improvements or corrective action.
Follow-up and CAPA
Management and the lead auditor usually have the final say and what corrective and preventative action needs to be implemented.
These measures should be taken as soon as possible after an audit. The final audit sign-off can only happen once CAPA has been demonstrably implemented.
isoTracker’s subscription-based quality management system software offers an easy way to manage internal quality audits and other QMS processes. Our system is cloud-based and secure, making it ideal for ISO 9001 compliance. Get a 60-day free trial with full access to all modules and support.