Examples of good internal audits: Have you ever asked yourself what could actually be tempting and appealing about an internal audit from the point of view of those involved in the audit? Would your audit partners in the company take notice if the audit result contributed to the implementation of target agreements, work facilitation, risk minimization and personal success? Is there a world beyond conformity to regulations? We show you where the journey in internal audits could go.

Loading...

Rethinking starts, for example, with the question of how internal auditors announce your audit program. What opportunities are there for you as an auditor to create a positive expectation for the audit? One idea: use good results and changes with impact in processes from last year's internal audits as an opportunity to introduce current audit planning and preparation discussions with employees. Use your audit report as a calling card - even to top management!

You can never solve problems with the same mindset that created them.

Albert Einstein Physicist

Internal audits: ISO 19011 provides strong impetus

One standard that should not be overlooked when it comes to internal audits is ISO 19011, the guidelines for auditing management systems, as revised in 2018. With the revision, the standard has received some well thought-out improvements. The result is certainly not a fundamentally new version, but one that has been significantly refined.

Importantly, ISO 19011 can be used for all management systems and their processes - even in combination with different standards, from quality management according to ISO 9001 to ISO 14001 and ISO 27001 or occupational health and safety management according to ISO 45001.

Examples of internal audits: Three tips on how things can be done differently...

We are all familiar with the traditional methods of taking samples or examples in auditing. These are either statistical or decision-based sampling. What both of these classics have in common, however, is that the samples drawn are usually in the "green zone". But there are also other audit methods. Here are our three tips:

  • TOP/FLOP: Forget the classic "random sampling" approach. Together with the auditees, look for an excellent example (TOP) and then (!) an example where everything really goes wrong (FLOP). Use the examples to identify opportunities and events/procedures that should be repeated or avoided.
  • Auditing from the back to the front: We reverse the traditional approach of auditing company processes from "front to back." So not:
    Top management ► QM system ► Sales ► Development ► Production ► Supporting processes ► Delivery.  We still start with top management, but only for strategy and goals - and then we comence to audit the delivery or shipping department, auditing our way forward. We pay particularly attention to handover points and interfaces in the process. This gives us the advantage of working with a random sample that we know has been through the entire production process. We conclude the audit with the management system (quality management system) and the evaluation of the system by top management. The effect: You audit a concrete example that has actually gone through all the processes and gain better insight into the process interfaces.
  • Proxy audit: Why not focus an audit consistently on the "2nd row" in a company? Impact: Risk minimization, avoidance of audit routines (otherwise always the same interviewees), involvement of more employees, new perspectives, different insights.
  • Other possibilities
    There are, of course, many other methods of internal auditing that can be used and that are certainly being used in one organization or another. Other possibilities include self-assessments, mystery calls, quiz methods, flash audits, workshop methods and group audits, "shadowing" as an audit, fairy questions, scenarios and role playing.

Does ISO 19011 provide incentives to audit internally in a different way?

Absolutely: One of the main focuses of the standard is the strategic reference - and therefore the incentive to formulate clear audit objectives in order to further increase the benefit of the audit.

Audits - both internal and external - should generally be more than just compliance checks. Audits should be about continuous improvement and challenging best practices. In practice, this is by no means a given. The current guidance can therefore be used as a source of inspiration for audit processes, methods and the necessary audit expertise. This also applies to external audits in the context of certification.

Loading...

ISO 45001 - Internal Audits

We explain the standard.

Internal audits are an essential element of management system standards and serve as a tool for effective self-assessment. They allow critical reflection on the effectiveness of implemented processes. Read our free White Paper to find out exactly what the ISO 45001 OHS standard requires.

Benefit from the expertise of our experts now.

The overall message of the guidelines

If we at DQS were asked to summarize the general message of ISO 19011 in a few words, we would probably come up with these guiding principles: 

  • Spend more time and thought on what processes and aspects of your management system you want to spend your audit resources on. And: Which ones you want to audit intensively - so be selective.
  • Think about the objectives you want to achieve with internal audits (and that is more than just proving compliance!) and which audit methods can best support these selected objectives.
  • Depending on the selected processes and audit methodologies, assign the most appropriate people to do the work. Determine the individual competencies of your internal DQS auditors required for your organization.
    Evaluate and continuously improve your audit planning, execution and follow-up.

 

Integrated Management Systems - Added Value Auditing  

In addition to assessment against individual management system standards, the combined, simultaneous auditing of fully integrated management systems offers you numerous opportunities. Cross-thematic auditing exploits synergies while identifying interactions and inconsistencies between the different subject areas.

high level structure-dqs-whitepaper cover
Loading...

The six most important ISO management standards

in visual form

With the introduction of the basic structure for management system standards (HLS/HS), the implementation of several management systems in an organization has become essential and more efficient. Our free White Paper graphically illustrates the six most important standards.

  • ISO 9001, ISO 14001, ISO 27001, ISO 45001, ISO 50001 and ISO 22301
  • Place systems next to each other and compare
  • Identify collaborations for an integrated management system

Conducting internal audits differently - Conclusion

The guidelines for auditing management systems ISO 19011 have become indispensable for internal audits. But how audits can be conducted "differently" and perhaps in a more stimulating, lively and goal-oriented way using innovative and creative approaches is up to you. There are successful alternative audit methods, such as the TOP-FLOP approach, the audit from the back to the front, or the proxy audit.

Try one of the above or a variation of the classic audit activities. See for yourself how much fun it can be to use different methods, and how well you can combine different audit methods with different employees, managers and cultures in the organization - or to use the words of a shoe manufacturer: Just do it!

We are happy to answer your questions

Contact us!
No obligation and free of charge.

We look forward to hearing from you

DQS: Simply leveraging Quality.

Since its foundation in 1985 as the first German certifier of management systems, DQS has been committed to the sustainable success of its customers. With value-adding audits and customer-oriented concepts, we accompany organizations all the way to business excellence.

Author
Matthias Vogel

Since 2010 Matthias Vogel has been press secretary at DQS GmbH and responsible for technical publications. As Senior Content Manager he is jointly responsible for finding topics for the German language DQS blog "DQS in Dialogue", for coordination with authors, and for editorial work. Matthias Vogel is the editor of the regularly published DQS newsletter "DQS Update" and thus provides you with information and knowledge about audits and certification. He is also program manager and moderator of the DQS "Customer Day" events and co-moderates the virtual "Digital Quality Space" conferences.

Loading...