Adding value to audits
Are you adding value during audits? Are you are sure you are doing so without compromising the integrity of your audit? The has put together these tips to make sure that your audits are both helpful and impartial
There are several dictionary definitions of value, but all focus on the concept of something being useful. Adding value therefore means to make something more useful.
The first question to consider is who is gaining added value from your audit?
- the certified organization?
- the organization’s customers?
- the certification body?
The answer is, of course, all three. By performing an accurate audit you add value for the organization’s customers by enhancing that organization’s ability to provide a conforming product. To your certification body you add value by improving the credibility of third-party certification. Most importantly, however, is adding value to the certified organization itself, but are you doing so?
- Are you providing information to top management regarding the organization’s ability to meet strategic objectives?
- Do you identify problems that, if resolved, will enhance the organization’s performance?
- Are you identifying improvement opportunities and possible areas of risk?
If you are unsure that you are achieving all of these things the guidance below looks at each part of the auditing process and gives you useful tips on how to ensure your audits add value.
Tips on adding value to your audit
Planning your audit
When you are preparing for your next audit ensure sure you:
- understand the auditee’s expectations and the particular corporate culture of the organization
- consider any specific concerns to be addressed, such as those raised by previous audits
- undertake a risk analysis appropriate to the industry sector or one specific to the organization
- complete a pre-evaluation of statutory and regulatory requirements
- select an appropriate audit team in order to achieve audit objectives
- allocate adequate time
Audit technique
Focus more on the process and less on procedures. Some documented procedures, work instructions or checklists may be necessary in order for the organization to plan and control its processes, but the driving force should be process performance.
Focus more on results and less on records. In a similar fashion, some records may be necessary in order for the organization to provide objective evidence that its processes are effective (generating the planned results) but in order to add value, the auditor should be aware of, and give credit for, other forms of evidence.
Use the plan-do-check-act approach to evaluate the organization’s process effectiveness, considering:
- has the process been planned?
- is it being carried out according to plan?
- are the planned results being achieved?
- are opportunities for improvement being identified and implemented?
Try to adopt a holistic approach to gathering evidence throughout the audit, instead of focusing on individual clauses.
For your analysis and decision put your findings into perspective using risk analysis and common sense. Don’t forget to relate your findings to the effect on the organization’s ability to provide a conforming product.
Report and follow-up
Different approaches to reporting may be required depending on the organization’s maturity, the level of confidence in the organization’s quality management system, the risks involved and the auditee’s attitude and commitment to the audit process. You will have to consider whether it should be proactive or reactive. You must also:
- Ensure that any cultural aspects are taken into consideration
- Emphasize positive findings as appropriate
- Consider whether the solution proposed by the organization in response to negative findings will be useful
Finally, reports should be objective and focused on the right audience. Top management will probably have expectations that are different from those of the management representative.
By adding value for all those involved in the auditing process you will be ensuring that it is not merely the confirmation of adherence to a standard. Your report will be useful to the organization in that it reflects their systems in context and shows objectively where they stand against a standard.
The ISO 9001 Auditing Practices Group is an informal group of quality management system experts, auditors and practitioners drawn from the ISO Technical Committee 176 quality management and quality assurance (ISO/TC 176) and the International Accreditation Forum. It has developed a number of guidance papers and presentations that contain explanations about the auditing of quality management systems. These reflect the process-based approach that is essential for auditing the requirements of ISO 9001.
 |
 Have an issue to raise? A question to ask? Give us your opinions now in the Online Forums. |
- Certification: where is it headed?
- An auditor's view of certification
- Solutions focus in auditing
- Project auditing best practice
- ISO 14001 in Japan: a time for change
- Adding value to audits
This article is an edited version of 'How to add value during the auiting process' from the website of the ISO 9001 Auditing Practices Group and is reproduced courtesy of ISO and the IAF. These papers were developed on current best practice and therefore have not been formally endorsed as IAF guidance or ISO TC176 interpretations. Follow the link for further information about the Auditing Practices Group.