by Denise Robitaille:
It’s getting to be time to start thinking about preparing internal auditors for the upcoming revision to ISO 9001:2015. Some may think, “The ISO 9001:2015 transition period is three years long, so what’s the rush?”
The typical practice with most organizations is to have a small group of individuals—sometimes only one person—get some basic training on the revisions to the standard and then sally forth. They revise documentation, implement changes (often in a vacuum without consulting process owners), let things gel, and then train auditors on the newly refreshed system. Auditors play no role in the transition process.
This is unfortunate. Although there are a variety of individuals who can play a significant role, I’d like to focus on this one particular group of stakeholders: the internal auditors. Despite their training and their investigative and assessment skills, they are routinely dismissed out of hand.
Auditors should be involved in the transition to ISO 9001:2015 from the outset. They should be among the first people in the organization to receive training on the revised ISO 9001:2015 standard. Once they have been trained, they can be active participants in the gap analysis—an essential activity that should occur before significant changes can be made. The organization needs to conduct a gap analysis to gauge the discrepancy between the current status of its quality management system (QMS) and the actions that will need to be taken to achieve conformance to the new requirements.
The gap analysis can occur as a unique activity or as a supplement to a regularly scheduled internal audit. Doing it in conjunction with a normal audit has several benefits:
- Well-trained auditors utilize both the process approach and system-based thinking when conducting audits. This allows them to assess not only the organization’s level of conformance to new and enhanced requirements, but also the interrelations within the organization that will be affected by—or that can have an effect on—the impending changes. The best example of this is the migration from preventive action to risk-based thinking. Auditors can see what aspects of the currently implemented preventive action processes are transferable to the risk-based thinking requirements. They can also identify the gaps in the manner in which potential problems (i.e., risks) throughout the company are handled. ISO 9001:2015’s adoption of risk-based thinking integrates risk into almost everything from change management to design to supplier evaluation to preventive maintenance.
- Corrective actions for any findings that are discovered during the audit can be rolled into the transition project, which will mitigate the likelihood of duplicating work. Again, auditors’ holistic comprehension of the nature of the entire QMS will facilitate this process. It will also eliminate the need to take meaningless corrective action on requirements that have been deleted from ISO 9001.
- The internal audit process—particularly during interviews—will allow process owners to understand how new requirements apply to their areas. This will increase their ability to make positive contributions to the transition project and will mitigate the likelihood of duplicating work.
- Having auditors trained early on will also jump-start their next cycle of audits, which will help to ensure readiness for re-certification/transition audits.
Getting auditors trained to the new ISO 9001:2015 standard is unavoidable; getting them trained early will optimize the value of the training throughout the organization.
About the author
Denise Robitaille is a member of the U.S. TAG to ISO/TC 176, the committee responsible for updating the ISO 9000 family of standards. She’s the author of numerous articles and more than a dozen books, including The Corrective Action Handbook, The Preventive Action Handbook, and her latest book, 9 Keys to Successful Audits, all published by Paton Professional.
Tag: ISO 9001:2015.