This ISO Standard contains an element (8) intended to encompass a range of features which together support a mechanism to improve the performance of the management system. Internal audit forms part of this set, but only a part, yet is probably the only element readily recognisable to the average person. Internal audit is significant, not because of the results it delivers but because the ongoing registration process for ISO9001 companies ensures that Internal Audit is subject to regular scrutiny. It’s our point of view that the impact of internal audit on the majority of companies is minimal – and in most cases, to the point of being a complete waste of time. This is mostly due not to the process of audit, but to the way in which it’s managed and carried out.
Generalising, quality management processes are tolerated rather than being welcomed. They are part of the cost of doing business, primarily due to the failure of the systems to deliver any tangible benefit beyond the marketing advantage said to arise from the registered status of the organisation. A calm examination of the detailed requirements built into the Standard should provide the assurance that the benefits of a controlled work environment will be achieved by following this text in a manner that matches the specific nature and ethos of the organisation. Unfortunately, it just doesn’t seem to happen. More to the point, it doesn’t seem to put forth evidence of unfailing benefits for the adoption of the standard anywhere near often enough.
With a Standard which is clearly International in its origin and its application, how can this be so? To understand the reasoning behind this, it’s essential to look closely at the role of those individuals who see their position as that of policing the management system. Usually holding the title of Quality Manager, this person (sometimes with an entire team of assistants) is the one who is primarily responsible for the integrity of the documented system, and implicitly at least for the overall quality of the resulting product or service. Quality Managers have their roots in a manufacturing function whose equivalent would have been the Chief Inspector. The name in itself displays a fairly clear indication of the status – perceived or real, of this particular person. He was unquestionably the final authority regarding the acceptable quality of the company’s product. Acceptance or Rejection was entirely at his discretion. Without having physically been there, to many of today’s quality managers behave in much the same way. With little real understanding or appreciation of the management function, and certainly not the executive role, they fail to speak the language of their local leaders, with clear consequences.
It is a management responsibility to define company objectives and policies, and management will establish – or have established for them – systems to support these policies and objectives. Their need, although seldom expressed, is for an assurance that the systems are providing the controls and benefits they planned for. More than anything, they’re looking for reassurance. The Internal Audit should supply information which is specific to the operation of the management system and which is centred around this management need, but it rarely happens this way. For the most part, the reports of internal audit activity contain a multitude of trivial failings packaged as ‘non-conformance’, frequently to a requirement that is not specified or is imaginary, and having little bearing on the needs of management. Is it surprising that Internal Audit is seen as a necessary evil, conducted to satisfy the ISO auditor, but having little relevance to life in the real world of commerce and industry?
When material such as this is provided to managers who see no real value in the investment, it is not just the audit that is ignored but the perpetrators of the audit also. A direct consequence of this failure to identify the audit customer’s need is a rejection of much that has a Quality Management implication. Managers and quality department staff universally complain of lack of management commitment (an ISO9001 requirement), and a general lack of personal advancement opportunities. But improvement is possible, even radical improvement, and it requires a change in strategy for both Executive Managers and those purporting to be Quality Professionals.
The change process:
1. The organisation must recognise that every manager and employee has a responsibility to perform in accordance with the requirements laid down for their work. Nobody else can be responsible for the quality of this work.
2. The title Quality Managers is clearly not a true indication of the function of this individual. Holding the QM responsible for a failure in product of service is clearly wrong unless that delivery was by its nature part of his (or her) normal function.
3. Internal audits should be a recognisable independent assessment of each business function, carried for the function’s manager and reported to that individual alone. (The functional managers have the responsibility for achieving a selection of business objectives, and it is they who need the information to support these objectives).
4. It follows that the auditors, while being independent of the function being audited, should also understand the role and responsibilities of senior managers, and speak at that level.
5. These changes require the dissolution of the existing audit regime, and some re-education of the management team who are responsible for allowing the adverse situation to exist.
6. Professional auditors with a wider experience than that obtainable within one or a limited number of organisations alone can provide the assurance and service level needed by an effective management team.
Ed. Bones is a chartered quality professional and an IRCA registered Lead Auditor. He is also a senior partner with the Meon Consulting Group, supplying expert audit and consultant services for ISO9001 & ISO14001 management systems. The company web site provides detailed information for your perusal, and includes the special offer of FREE Advice. Want to learn more?
- ISO 9001: The Internal Audit This ISO Standard has within it an element (8) which...
- Now That You Are Faced With An Irs Tax Audit One of citizens’ biggest fears is the threat of an...
- A Food Safety Audit Can Help Your Business You probably can’t skip regular sessions with a food safety...
- A Forensic Loan Audit in Commercial Real Estate By Commercial Loan Review Experts are discovering that 80 percent...
- Discover The Differences Between Internal Hyperlinks And External Hyperlinks In the event you want to promote your website and...