- 318 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
About this book
Since the publication of the first edition of this book in 2000 the revised ISO 9001 standard has been implemented and is being used widely. While the basic premise of the original book is still sound, the reality of auditing the new standard has shown up various areas which require refinement - this new edition addresses that need. It remains a pragmatic guide, covering all aspects of auditing, including certification assessment, supplier investigation and internal audit, enabling auditors to appreciate the approaches adopted by those working in related areas. With its detailed analysis of the requirements of ISO 9001:2000, this book will also be of interest to all those involved in implementing certified quality management systems, as well as the auditors who are required to examine those systems. A down-to-earth approach is taken throughout The Quality Audit for ISO 9001:2000, avoiding the impractical and nit-picking methods which have so often characterized quality management audits, making it an invaluable source of realistic advice. It demonstrates how to produce real benefits from an audit programme rather than simply guaranteeing compliance to a documented system. Everyone who sees audits as a useful tool for business improvement should read this book!
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access The Quality Audit for ISO 9001:2000 by David Wealleans in PDF and/or ePUB format, as well as other popular books in Business & Operations. We have over one million books available in our catalogue for you to explore.
Information
PART ONE
PUTTING THE AUDIT IN CONTEXT
❖
1
INTRODUCTION TO AUDITING
❖
BACKGROUND
Auditing is a long-established business discipline. It has certainly been around since long before I became involved in business management. Some have even argued that audits go back to the earliest recorded times, for example the device used by Gideon (Judges 7: 4–8) whereby he eliminated some of his army based upon the way that they drank from the river could be considered as an auditing technique followed by some decisive action.
If auditing has been around that long, it is surprising that so few organizations use quality auditing as a tool until it is demanded by ISO 9001 or similar standards. Yet quality auditing is one of the activities that is usually completely new to organizations introducing quality management for the first time.
FINANCIAL AUDIT
Other forms of auditing are more commonly accepted. The most obvious of these is the financial audit. Everybody understands that the financial statements of incorporated companies (both public and private) are subject to independent audit by qualified persons. This is intended to achieve a number of things. First, it is a safeguard against a company falsifying its financial position and thus cheating its shareholders, creditors, the tax office or other stakeholders. Second, it may help the company itself to identify weaknesses in its own financial processes. There is probably also a third purpose, which is generally stronger for public companies than it is for private, which is to provide an independently published, publicly available, statement of the company’s financial status.
Statutory financial audit normally succeeds in the third objective, and quite often meets the first. Whether or not it achieves the second depends upon whether one is speaking to the auditors or the company being audited. I often see things being done that management think are a waste of time but they are complying because their auditors have told them to. This often occurs because the auditors (not just financial ones, now, but all types) feel that they have a degree of power. They are thus reluctant to come away without feeling that they have added something, but may make recommendations without a detailed understanding of the precise nature of the operations involved. We will return to this theme later in the book.
Thinking about the financial audit does give us an initial idea of what auditing in general is all about. Readers should not, however, treat this as the sole model for understanding its nature. It differs from other types of audit in some important ways:
❍ Statutory auditors spend far more time looking at records than do most other auditors, who place greater emphasis on study of operations and talking to people.
❍ Most auditors rely on random samples, but the financial version typically ploughs through entire files, item by item and ‘signs them off’ at the end.
❍ Financial auditing is a specialized discipline requiring difficult-to-obtain qualifications; most quality auditors need relatively simple qualifications together with a reliance on operational experience and a sprinkling of basic commercial common sense (quality auditor competence will be dealt with in some detail later in the book).
Indeed, some accountants attending training courses that I have run complained that their training took years, whilst the registration criteria for quality auditors involves simply attending a short course and gaining a few days’ audit experience. The difference is that financial auditors need to be experts in finance but quality auditors are expected to be observant and analytical, not necessarily quality management experts.
HEALTH AND SAFETY AUDIT
In addition to the financial variety, we have historically seen a number of other types of audit. Probably the next most common of these is the health and safety audit. Most of us have experienced these, either from regulatory authorities, internal teams, or both. They are typically closer to the spirit of the quality audit than is the financial variety. They cannot, by definition, attest to the compliance of everything and are typically more concerned with the future than the past.
Health and safety audits have also been with us a long time. Ever since civilization has been concerned with the preservation of industrial life and limb, companies have been audited to ensure that they are adopting the right approach. These have evolved from the early days of simple observation to modern techniques which also take historical records into account to confirm legal compliance. They have thus grown close to the way that quality audits are conducted.
It is especially interesting to note that health and safety audits have come from both external and internal teams of people taking time out of their main jobs. This shows a direct parallel with the quality audit.
THE QUALITY AUDIT
The quality audit undoubtedly began with the customer inspection. It has been a long-established practice for major companies to carry out on-site evaluations of their most important suppliers and sub-contractors. These have typically been intended to:
❍ prove the ‘technical’ capability of the organization to provide the product or service;
❍ check that the company has sufficient capacity and resources to cope with the customer demands;
❍ confirm the commercial stability of the company;
❍ assess the rigour of the organization’s operational processes (e.g. will the work be looked after, or are they likely to misplace the paperwork);
❍ form an opinion as to whether this is the type of organization that we would like to do business with (this is not usually formally acknowledged as an objective, but in fact is often the primary motive).
Customer audit teams have traditionally been led by a member of the procurement group, and would usually also contain a technical expert. The inclusion of a quality assurance professional is, by and large, a relatively recent innovation. Customer audits (often known as ‘second party’ audits) are typified by the following characteristics:
❍ They are only interested in things which directly relate to that customer’s business (in fact, confidentiality requirements may preclude the team having access to other data).
❍ They are highly prescriptive, often insisting upon certain technical, oper ational or commercial procedures.
Customer audits are often conducted before permitting use of a new supplier, as part of a contract award process or to confirm continued suitability to supply. In the past, as these assessments became ever more popular tools, the recipients began to complain of their frequency. After all, each one requires preparation, is disruptive on the day and every customer has their own, sometimes conflicting, requirements. Their complaints were the main drivers behind the concept of independent (‘third party’) audits.
Customer audits are still as strong as they ever were. Companies still wish to prove that their own needs are being met and have strengthened the use of assessing their suppliers’ systems as a key tool.
THIRD PARTY AUDITING
From the international similarity of quality management standards imposed by the various defence ministries was born the idea that a common standard could be applied to all commercial companies. This, it was reasoned, would allow organizations to create quality plans which would conform to a unitary standard and thus avoid the need to adopt differing approaches for each strong customer. This was closely followed by a logical extension: that there should only need to be a single audit which would confirm that the single standard was being followed. Ultimately the concept of independent, accredited, third party certification, which would be acceptable to every customer, was introduced. This would be the end of awkward and disruptive multiple customer audits. Unfortunately (for every supplier to major corporations) this did not work: each customer still felt that it had its own specific needs which were not met by a generic standard. Thus they continued to conduct their own audits. This is still the case. In fact what has happened is that these customers now expect both independent certification and satisfactory findings from their own audits. There appears to be no resolution to this in sight and it seems that we will simply have to accept it until some completely new approach is, one day, adopted.
WHAT IS AUDITING?
Auditing is simply checking the way that things are being done. It is a tool for making sure that activities are being carried out correctly, without relying on just asking people or waiting until it is too late.
To illustrate what I mean by this, let us look at the example of a customer seeking to award a major contract. If the procurement director simply asks, ‘Do you always follow all the rules?’ then the supplier would be unbelievably stupid to answer, ‘No’. On the other hand, it is too late if you award the contract and only discover after some time that the supplier’s disciplines are sloppy.
There is sometimes confusion between auditing and inspection. This is understandable; there is indeed some overlap. In fact the financial audit is certainly a form of inspection. For most types of audit, though, there is a difference. Inspection is intended to tell us whether something is okay to proceed. For example, to decide whether or not the widget that we have just made is acceptable for delivery to the customer. Inspection is mostly checking work that has been done. Auditing, alternatively, is about telling whether or not the processes used are likely to produce successful outcomes. For example, if a customer calls tomorrow and orders a widget, are they likely to be given the right item, on time and in good condition? Audits are about gaining some assurance of future good performance, based upon current observations. Sometimes, though, it is hard to distinguish between the two (e.g. if a supervisor carries out a monthly audit of the cleanliness of company vans). The answer to any confusion arising between the two is not to worry about it too much; as long as the desired level of checking and evaluation is carried out, what does it matter what we call them?
WHAT IS QUALITY AUDITING?
The quality audit is intended to ensure that our business processes are designed and operated in such a way that the customer’s contract requirements (both stated and implied) are met. For those readers about to drop this book in dismay, saying that in their business they do not have formal contracts, it is worth pointing out that the laws of most nations consider that there is always a contract between buyer and seller, whether or not it is written down in a formal document.
Quality audits may be of an organization by itself (sometimes referred to as ‘first party’, but usually just ‘internal’), by a customer assessing a supplier or subcontractor (‘second party’) or an independent assessor certifying against a recognized standard (‘third party’). There are also audits carried out by consultants or other technical experts to identify problems or potential improvements; these have their own characteristics but for the purpose of definitions and formalities are usually thought of as a variation of the internal audit. These types of audit all have their own differing secondary purposes. Their main intent, though, is to give increased confidence that the organization is capable of meeting customer needs (note that audits do look, to some extent, at whether we are meeting customer requirements but concentrate more on whether we are likely to meet customer needs as and when they arise).
Thus quality audits are typically concerned with the business processes which form, agree and check the contract; plan and communicate how it will be delivered; how the contract itself is fulfilled (production, design, repair, etc.); how the success of fulfilment is evaluated and how the organization monitors performance and handles problems. This is a wide scope but some (not all) quality audit programmes include restrictions on which areas do directly contribute to contract performance, others being excluded from the audit regime. Some common exclusions from quality audit systems are listed below:
❍ Many of the things designed to attract customers in the first place (pro motion, marketing communication, front-end sales). The new version of ISO 9001 has strengthened the inclusion of marketing elements in the coverage of identifying customer expectations, but it still leaves out much of the marketing activity;
❍ Most, or all, financial affairs;
❍ Taxes and levies;
❍ Strategy;
❍ Health and safety (this is deliberate, since it is usually covered elsewhere);
❍ Most personnel activities, other than training and development;
❍ Employee social activities;
❍ Salaries and rewards;
❍ Works councils, trade unions and other employee representation;
❍ Security;
❍ Premises and building services (unless t...
Table of contents
- Cover
- Half Title
- Title Page
- Copyright Page
- Table of Contents
- List of Figures
- Preface
- Acknowledgements
- Abbreviations
- Part One Putting the Audit in Context
- Part Two Running the Audit
- Part Three the Future
- Index