Featured Blog Articles
What is an Audit?
An audit is defined as a “systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled” as per clause 3.13.1 in ISO 9000:2015.
In other words, ISO audits and audits for other standards are all verification of documents and records as stated in the Management System Manual for any company and its relevance and level of adherence to required standard.
An ISO audit is an audit conducted as per International Organization for Standardization (ISO) approved and published standards, for ISO Certification. ISO has published many ISO standards. ISO certification is awarded by agencies accredited by International Accreditation Forum (IAF).
An IATF audit is similar except that it is the audit as per International Automotive Task Force (IATF) guidelines and standard presently known as IATF 16949:2016 or German Automotive standards called Verband der Automobilindustrie (VDA) the German Automobile Industry Association. IATF or VDA accredit certification bodies who in turn award certifications for automotive standards IATF 16949:2016 and VDA respectively.
Similarly, Aerospace audit would cover the requirements specified by Aerospace Standards (AS 9100 etc.) and include additional requirements covered by notifications issued by Federal Aviation Authority (FAA) as required to meet the standard. Aerospace Certification is awarded by certification bodies accredited by International Aerospace Quality Group (IAQG).
The Audit for Telecommunications covers all requirements under ISO/TL 9000 series of standards as per latest version and additional requirements of local/regional/national regulatory authorities, such as Telecommunication Certification Board (TCB). The TL 9000certification is awarded by Telecommunication Industry Association (TIA) through their Business Performance Community BPC or TIA-BPC.
The Steel Construction Standards audits will encompass the assessment made on compliance to American Institute of Steel Construction (AISC). Certification to AISC Standards is awarded by AISC.
In the same lines, Food Safety Standards will include all requirements of Food Safety Standards FSSC 22000, BRC, IFS, SQF etc. recognized by Global Food Safety Initiative (GFSI). Certification to FSSC 22000 is awarded by certification bodies accredited by IAF where as Certification for BRC, IFS and SQF are awarded by certification bodies accredited by, BRC, IFS, and SQFI, as applicable
American Institute of Baking (AIB- International) accords AIB certification. AIB is not recognized by GFSI.
All Food Safety Standards take in to account additional guidelines issued by FDA from time to time such as Final rule of Food Safety Modernization Act (FSMA), etc.
ISO Audits are required for ISO certification purposes. The ISO certification is required to prove the facility’s claim that they are managing their systems as per the mandate of the ISO Standards they wish to get certified. It is common axiom to say that “All auditors come from Missouri `the show me’ state.” Therefore, it is not only important to build a management system as per the requirements of the ISO standard but it is also important to show evidence that the management system developed is effectively implemented to fullest extent possible, to earn ISO certification. ISO Auditors are expected to examine the evidence available, assess it to the requirements mandated in the ISO standards and make their report giving the extent of adherence to the requirements of the standard for which the system is being ISO audited, to recommend for ISO certification.
In other words, ISO audit is a means by which a facility gets its claim of adherence to the standard authenticated by an unbiased, independent, qualified, competent, external authority for ISO certification. This is to provide confidence to customers and rest of the world that the claims made by a facility are verified and certified that requirements of selected standards have been met.
ISO audits may be classified in to three categories. For that matter all audits such as audits for Sector Specific Standards, or Food Safety Standards or Steel Construction Standards can all be classified in 3 categories:
- First-Party ISO Audit
- Second-Party ISO Audit
- Third-Party ISO Audit
First-Party ISO Audit:
First-Party ISO Audit or internal audits are ISO audits conducted by internal employees of any facility provided they are competent, qualified and unbiased to conduct ISO audits. Therefore, the general direction is never to audit your own work since it would be difficult to be unbiased towards one’s own work.
Internal ISO Audits can be performed by external consulting agencies prior to their ISO certification audits.
Second-Party ISO Audit:
Second-Party Audit is conducted by employees of a facility on their own suppliers’ systems for their eligibility to meet ISO standard requirements or their own specific requirements. Organizations may sometimes engage external agencies to perform these second-party ISO audits or supplier audits to test the ability of the suppliers to meet requirements for ISO certification.
Third-Party ISO Audit:
Third-party ISO audits are normally conducted in 2 stages prior to ISO Certification.
- Stage 1 ISO Audit or Desk Audit. This ISO audit is essentially to verify if the documentation is adequate to meet the requirements of the standards for ISO certification or Sector certification to that standard. Desk Audit is a precursor to ISO certification.
- Stage 2 ISO audit is the final ISO audit prior to ISO certification or selected sector certification. If a facility passes this ISO audit then the facility will be recommended for certification.
System ISO Audit
System is examining see if all activities and their interdependencies a critical view to find out if they meet the requirements of the ISO standards. ISO audit which all processes and all documentation and all records involved for eligibility to ISO certification.
A system ISO audit is essential before ISO certification to any ISO standard Therefore internal ISO audits have also to include system ISO audit before the facility goes in for ISO certification.
A periodic system ISO audit conducted either by internal or external agencies on a facility’s own systems is mandatory requirement of all the standards before certification ISO Audit.
Typically, an internal ISO audit is conducted after about a month after implementing the developed documentation system. This process is repeated as per the desired frequency predetermined by the facility. However, a minimum of once every year is mandatory. System ISO Audit is explained better through the diagram of process flow interaction diagram which covers all activities between “Quote to Cash”.
Process ISO Audits
ISO 9001:2015 Standard which is the main or parent standard has shifted its focus and has now given impetus to Process Approach in ISO Audits. Process ISO Audits are ISO audits conducted on all processes of the facility, the process flow and their interdependencies to ascertain that processes are meeting the requirements under the Operation, section 8 of the ISO 9001:2015 Standard. Similar provision is available in all other standards as well. Process ISO audits are expected to evaluate that optimum input is provided at each process to get desired outputs and meet the requirements of the ISO standards. The process is better explained through the Turtle Diagram given below:
Product ISO Audits
The product ISO audit is the assessment of the final product/service and its qualification for use evaluated versus the purpose of the product/service. It ensures a thorough inspection of a final product before delivery to a supplier or a customer. By thoroughly inspecting the final product, it aims at improving quality, increasing profitability, and enhancing customer satisfaction and loyalty. It is necessary for a product to go through this process in order to determine if it meets specifications. The Product ISO Audit ultimately serves as a benefit to the suppliers and customers by ensuring quality which results in higher customer satisfaction.
Product ISO Audit involves measurement of product dimensions, features and functionality tests for each process output from receipt to dispatch. Prior to shipping, product ISO audit is also conducted along with shipping requirements, shipping destination accuracy, and accuracy of shipping documentation such as packing slip, Bill of Lading(BOL)etc.as applicable.
Critical ISO Audits
ISO Audits are essential requirement of ISO certification process. All ISO standards mandate that ISO audits are to be conducted prior to ISO certification. The most critical of all audits is the Internal Audit for any given standard. Internal auditing services is the forte of QSE and the services offered are impeccable.
In addition to providing internal Auditing services, to organizations, QSE also provides auditing services listed below: (https://qsebackup.atlcreative.co/auditing/internal-audits/).
- Supplier Audits
- Environment and Safety Compliance Audits
- Pre-Assessment Audits
- Second-Party Audits
- Manufacturing Process Audits
- Product Audits
- Layered Process Audits
- Source Inspection Audits
- PPAP Audits
- QSE has over 27 Years of experience in Consulting, Auditing, and Training for all ISO Standards, Sector Specific Standards, AISC Standards and Food Safety Standard
- QSE has helped over 700 facilities to earn their ISO certifications and other certifications. All QSE customers experience 100% passing rate during initial certification ISO audits with no or minimal nonconformities
- Over 98 % of QSE customers passed certification ISO audits with no nonconformities first time around
- Unlike our competitors QSE develops an unique, comprehensive, evidence based, simplified, single level system which is easy to implement and provide evidence for implementation to earn ISO certification
- Templates designed by QSE are tried and tested. They are perfect. Facilities using the documentation developed by QSE do not have to struggle for evidence
- Evidence is built in to the system. The facility needs to only follow the given formats, and tables to sail through a certification ISO audit without nonconformity or with minimal nonconformities
- QSE engages all competent auditors to conduct all audits including internal audits or suppler audits.
- President of QSE is a member of the technical committee involved in writing ISO 19011, the guidance standard for audits since its inception in 1985 to recent changes in 2018
- At the end of any Audits or Internal audits, QSE submits a detailed report which assists the facilities in building corrective actions and prevent actions to avoid possible nonconformities during ISO certification audits and helps to undertake preventive actions to avoid potential occurrence of any nonconformity
- Several of our competitors engage in audits through ISO Audit Checklists. QSE does not perform audits by ISO Audit Checklists. QSE either uses evidence gathering questions such as “Show Me” or Process Approach in ISO Auditing. QSE performs thorough ISO Audits covering all requirements of ISO standards
Frequently Asked Questions
Product Audits are the audits conducted on the outcomes of all process until the end of the manufacturing cycle. This audit is conducted to determine if the product is meeting all the customer specified requirements to meet the intended use.
A layered process audit is also an audit conducted in a manufacturing environment. This is an audit normally done by internal employees at various hierarchical levels to ensure that no important process function is missed. Initial layered process audit is done by a supervisor, next by a quality manager, next by departmental head and lastly by the Vice President or President. This is to emphasize the importance of process functions/elements and involvement of all concerned in achieving process conformance or meeting ISO certification or certification to other standards.
Time for internal audits depends on the number of people working and the number of processes involved in producing the products and services. The number of employees is required to ascertain if all employees relevant to the products and services are aware of the management systems and they implement systems diligently.
ISO 9001 is the basic and essential standard to almost all standards. All sector-specific standard requirements include ISO 9001 requirements and add additional sector-specific requirements. Automotive Industry, Aerospace Industry, Telecommunication Industry, Medical Devices Industry and Food Industry are some of the examples of sector specific standards.