When carrying out management system internal audits for health & safety, environmental, and quality some organisations use standard audit checklists, but do these checklists add value to the audit process or dumb it down?
Developing a personal audit checklist is a vital part of planning for each audit that I focus on during audit training courses. The process of reviewing the audit criteria such as relevant legislation, company procedures, and standards (eg: ISO 14001, ISO 9001, OHSAS 18001) enables the auditor to make sense of the requirements, structure them into a series of logical questions, avoid repetition during the audit, and arrive well prepared. I stress that these checklists should not just be a list of questions to ask, but also physical evidence to look for, and documents to review, thus incorporating the full range of audit evidence. In its simplest form an audit checklist could be the relevant company process or procedure annotated or highlighted by the auditor, to use as an aid memoir during the audit. (more…)
Verification of audit information is a key skill for carrying out an internal audit but the extent of verification, and techniques used, are often highly variable, and may have a significant impact on the validity of your audit findings.
Imagine that you are auditing a transport procedure for a company with a fleet of vehicles. The procedure requires that each vehicle is logged on a database including details such as service intervals, insurance details, and input of monthly mileage data. How would you sample this information and check that the overall process is working?
Observing hundreds of auditors in training I have noticed that many are comfortable discussing the process with the responsible person, taking a sample of information from a database, and then checking this information in a filing system. In this case they may also take sample mileage details from the database and check these against vehicle mileometers in the car park. I call this “back to front auditing”, or checking input data against reality. The auditee is normally relatively confident at this stage because we are checking what they know exists and have records for. In this example it is unlikely that a known vehicle will have missed its MOT or service, and any gaps in mileage data will show up clearly on the database. (more…)
This week I have been running a health & safety internal auditor course and it struck me that whatever the standard or organisation the primary concerns of newly trained internal auditors are consistent. During the course I made a note of some of these common questions, and have added answers below.
Q1a: How long will the internal audits take me?
This is probably the number one question asked by newly trained internal auditors. (more…)
Many internal audit programmes operate at a sub-optimal level, without this being clear to the Environmental Management Representative and business management, until an external certification raises non-conformances against the process. Internal audit is a vital part of ISO 14001, providing the “self healing” in the system, and constitutes a core part of the Plan-Do-Check-Act cycle for continual improvement. The Internal Audit Service offer an audit health check service for businesses, where one of our consultants will intensively review your existing audit schedule, reports and corrective action programme, and make recommendations for improvement and enhancement. (more…)
Internal audit is a vital part of a management system, delivering internal check and action planning which ensures the ongoing health of the system. A good internal audit programme can demonstrate to external assessors that a system is effective, active and well managed. This was illustrated recently when BMS provided support to an organisation in the run-up to external certification of their existing ISO 14001 EMS, including completing a full internal audit of the system. As a result of the support provided by BMS, the client’s external certification visit was reduced from two man days to one man day, with the external audit stating: