Internal audits are an important part of any organization’s quality management strategy. Your organization must meet ISO 9001 internal audit requirements to be compliant with the standard.

ISO 9001 Internal Audit Requirements and Free Checklist

Internal audits are used to assess the compliance of your systems, processes, and products against your self-declared objectives.

The value of internal audits

ISO 9001 outlines the guidelines that an organization must follow in implementing and maintaining a quality management system. This includes conducting internal audits at regular intervals.

Clause 9.2 of ISO 9001:2015 states that…“the organization should conduct internal audits at planned intervals to provide information on whether the quality management system conforms to the organization’s own requirements, the requirement of ISO 9001:2015 standards and is effectively implemented and maintained.”

The results of internal audits provide an impartial evaluation of your organization’s compliance and provide guidance for corrective action as necessary.

A systematic, independent and documented process

ISO 9001 defines an internal audit as the “systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled.”

Businesses must conduct internal audits at planned intervals to verify their compliance with ISO 9001:2015 requirements.

Systematic

Organizations must plan for internal audits by scheduling them at regular intervals and allocating the necessary resources for their implementation. Management support is crucial for this process.

Independent

The audit must be carried out in an impartial manner by auditors who are themselves not responsible for the systems, processes or products being audited. They must be free of bias and conflict of interest.

Documented

The audit must document evidence of compliance requirements by way of observations, measurements, tests or other means.

The results of the audit must then be communicated to management with recommendations for corrective actions, where necessary, which must be implemented without undue delay.

Basic audit requirements

The basic requirements of an internal audit are normally established by an organization’s quality manager and consist of six key steps:

1 | Plan and maintain the organization’s audit program

The audit program should include the frequency of the audits, the methods used, and the person(s) responsible for carrying out the audit.

The quality manager will also establish the requirements and reporting mechanisms and ensure that results and recommendations of previous audits are implemented.

2 | Define the criteria and scope of the audit

Criteria must be uniform from one audit to the next. This makes it easier to assess progress in implementing recommendations over time.

However, the criteria should also be flexible enough to be changed as necessary, so that it remains relevant to the organization’s objectives.

3 | Select impartial auditors

Internal auditors should represent the company but must be unbiased and not involved in any of the activities being audited, so that there is no conflict of interest.

4 | Report results to management

Internal audits represent valuable data set that assess the organization’s overall compliance to ISO 9001 as well as areas that require remedy.

Results must be communicated to management so that the necessary action can be taken.

5| Implement recommendations and CAPA

The effectiveness of these measures should then be assessed in subsequent internal audits.

6 | Retain documentation as evidence

Retain the audit documentation using your documentation management system as evidence that audits were implemented.

These records should be readily available at the correct access levels for corrective action, internal reporting, and external audits.

Benefits of an auditing checklist

ISO 9001 provides an audit checklist that organizations are required to use when conducting internal audits.

Benefits of an auditing checklist

The checklist includes questions for assessing an organization’s context, leadership, planning and quality management systems, support structures, operations, performance evaluation and areas for improvement.

Advantages of using an internal audit requirements checklist:

  • it provides evidence that an internal audit was conducted
  • it serves as a record of internal audit findings
  • it can be used to motivate correction or preventive action (CAPA)
  • it simplifies the auditing process, ensuring that auditors know the requirements
  • it serves as a valuable reference during planning of future audits.

A free version of an ISO 9001:2015 internal audit checklist is available for download. Access it here.

isoTracker and ISO 9001

isoTracker offers modular, subscription-based quality management software that’s secure, cloud-based and affordable.

This includes audit management software, which is ideal for managing ISO 9001 internal audit requirements, as well as compliance with other ISO and FDA standards.

The auditing module can stand alone or integrate with one or more of our other modules, including document control, complaints management and training management modules.

Sign up for a free 60-day trial of isoTracker’s full software suite to determine first-hand how it may your organization manage ISO 9001 internal audit requirements and other quality management functions.