An internal audit is an essential component of a quality management system (QMS).
It’s an in-house performance and compliance tool used to evaluate the effectiveness of quality systems and, where necessary, propose corrective actions.
Under ISO 9001, certain guidelines help determine who in an organization should conduct internal audits.
Guidelines on who should conduct internal audits
Anyone employed within an organization can be assigned the role of auditor. The only mandatory requirement is he or she must not be involved in quality management operations.
To achieve the objective of internal audits – optimizing efficiencies and ensuring compliance with international quality standards – auditors need to be trained, qualified and competent.
Key skills for internal quality auditors
Internal quality auditors must understand the strategic objectives of the organization, and how a QMS supports these objectives.
They should be able to determine risks, identify areas of improvement and communicate their findings to top executives or board members.
Critical thinkers with a strong sense of confidentiality and ethics, and good communication, negotiation and project management skills, are typically the most effective auditors.
Typical requirements for internal auditors
In order to properly assess and improve quality systems, internal auditors have to fulfill different roles. They must assess processes, convey facts, advise stakeholders and serve as catalysts for improvement.
More critically, auditors must be independent and impartial. They must be able to provide objective and unbiased opinions about the way processes are managed and reported within the organization.
As such, internal audits can only be carried out by auditors who are not responsible for the systems, processes or products being audited.
Who should conduct internal audits in small businesses?
In smaller businesses, appointing internal auditors who conform to the requirements of independence and objectivity can be a challenge.
Roles are less defined and employees typically perform multiple tasks. One individual may, for instance, be responsible for quality management and production.
The standard – and ISO 9001 external audits – take into account what is reasonable in a particular context.
As per the ISO guidelines for auditing management systems (19011:2011 section 3.1) “… In many cases, particularly in small organizations, independence can be demonstrated by the freedom from responsibility for the activity being audited or freedom from bias and conflict of interest.”
Appointing one employee to audit the company, and another to audit the audit process, would satisfy ISO guidelines. However, depending on the business, it may make better sense to outsource the internal audit function to an external party.
How isoTracker can help conduct ISO 9001 internal quality audits
Our quality management software can help your small to medium business conduct quality management audits.
At isoTracker, we offer modular, cloud-based quality management software that’s easy to install and use. There are six modules, including one for the management of audits, as well as document control, and the management of risks, complaints, non-conformances and training.
Each module can stand alone or integrate seamlessly with other modules to provide a complete quality management system.
Contact us at isoTracker to find out how our software can help your business conduct ISO 9001 internal quality audits or sign up for a free 60-day trial.
