Advanced Quality Auditing: An Auditor’s Review of Risk Management, Lean Improvement, and Data Analysis by Lance B. Coleman, Sr.
Reviewed by Duke Okes.
When a statement in a book’s introduction grabs your attention, you know the author is onto something. Here’s the one that grabbed me: “A robust audit program can be thought of as a three-legged stool with the audit program resting on its three legs of conformance, risk management, and continuous improvement.” The book then goes on to describe how an advanced audit program will not only ensure that the requirements of standards, contracts, policies, and procedures are being met, but will also look for unidentified and/or inadequately controlled risks as well as opportunities to reduce waste.
The first chapter is an excellent summary of the audit process and different types of quality audits. The author assumes that the reader already has a basic understanding of auditing and makes the case that there are importance differences between system, process, and supplier audits.
The next chapter on lean makes the case that not only should auditors look for waste within the processes they are auditing, but that they should also identify opportunities to lean out the audit process itself. Multiple examples are provided for each of these opportunities tied to the eight types of waste (waiting, inventory, defects, transportation, motion, overproduction, excessive processing, and non-utilization)
The chapter titled “Risk-Based Quality Auditing” is timely, given the upcoming edition of the ISO 9001 standard and the incorporation of risk-based thinking. Several common risk assessment tools likely to be encountered by auditors are mentioned, such as failure mode and effects analysis (FMEA), fault tree analysis, hazard analysis of critical control points (HACCP), and strengths-weaknesses-opportunities-threats (SWOT). The importance of clear definitions of risk levels is emphasized, which provides auditors the opportunity to compare risk assessments with actual risk performance. A sample auditor risk management training matrix will be of interest for personnel who want to further develop their auditors for carrying out effective risk-based audits.
Chapters on data analysis and root cause analysis are also included, although the former could have benefited from greater depth on how to evaluate the degree to which organizations are effectively using performance metrics. The chapter on root cause analysis summarizes several tools (5-whys, Ishikawa diagram, same/not-same, Pareto analysis, scatter diagram) likely to be encountered when auditing corrective actions, but cuts short the discussion on effective implementation and follow-up.
For those who manage the quality audit program, the chapter titled “How Delightful is Your Audit Program?” alone will make the book worthwhile. A statement here that grabbed my attention was, “The Kano model applies to the audit program because the audit function is a service conducted by the quality department for the larger organization.” For those not familiar with the Kano model, thinking about your audit program from this perspective and how delighted the rest of the organization is about it (as opposed to viewing it as a “must-be”) could provide significant insights on how to manage this important function. An example system on scoring the audit program effectiveness is also included and includes not only coverage of the audit universe, but also how many improvement opportunities were identified and implemented (which adds points) and how many external audit findings there were (which subtracts points).
The last two chapters, “Audit Reporting” and “Charting a Path Forward,” are brief. However, they again indicate the need to stop and reflect on how well the audit program is integrated into the overall business, as well as the need to assess the audit program and continually develop auditor skills.
Anyone who is in charge of a quality audit program should to read this book as a way to evaluate their role, and quality auditors could also benefit from a standpoint of expanding their horizons. At less than 100 pages, it’s a quick read. And the examples and case studies throughout make it real.
For more information or to order Advanced Quality Auditing, visit http://asq.org/quality-press/display-item/index.html?item=H1487&xvl=76116628.
About the reviewer
Duke Okes is the author of Root Cause Analysis: The Core of Problem Solving and Corrective Action, and Performance Metrics: The Levers for Process Management. Full disclosure: Lance and Duke have previously collaborated on the topic of risk-based quality audits.
TAG: Advanced quality auditing.