Internal auditing for the ISO9001:2015 quality management standard

Section 9.2.1 of the ISO9001:2015 standard requires us to conduct internal audits that, among other things, ensures that our quality management system conforms to the requirements of the ISO9001:2015 standard. Sounds like a no brainer, but it might be more complicated than you imagine. As with all things related to ISO9001:2015, your auditor’s interpretation makes a big difference.

In years past, I’ve audited all the important parts of various companies’ quality systems. Things like purchasing, sales order review, receiving inspection, shipping inspection, control of documents and records, etc. Every external auditor I’ve worked with in the past 20-plus years has been OK with our internal auditing. Until now.

One of the auditors I worked with recently wanted us to audit everything written in the ISO9001:2015 standard. Since the standard requires a documented scope of the QMS, there must be an internal audit of the scope. Since the standard requires us to document any exclusions (if any), then, according to this auditor, we must conduct an internal audit to document that we’ve documented the exclusions. Since the ISO9001:2015 standard requires us to determine, provide and maintain a suitable infrastructure, we must conduct an internal audit of infrastructure. No previous external auditor required such internal audits. Technically he’s correct, of course, so I had no room to argue. This is an area where the practical application of an ISO9001:2015 quality management system can differ from the literal interpretation of the standard. I had to suck it up and double the size of the company’s internal audit program, even though this company had successfully achieved and maintained their ISO9001 certificate for 8 years prior to this audit.

Maybe it’s time to start looking for a new registrar?

Similar Posts:

Leave a Reply