Organisations use internal audits as a tool to identify problems in new product development as well within services offered (customer complaints) in every industry we can think of. Internal audits often form the basis for an organisations self-declaration of conformity based on the standards they adopt.
Are organisations using internal audits to their full potential i.e. value-added tool; or do they still operate in the traditional policing method to find issues, raise non-conformance just to justify their role?
The next question is WHY? Why do internal audits need to be done monthly (this is subjective based on the industry they operate in and the needs of the standard) and do they need to go through the same procedures again and again? And I feel most internal audits if not done correctly fail to meet stakeholder expectations.
In order to achieve the best results, below are some of the problems I see currently with internal auditing that needs to be addressed by SME or even large multi-site enterprises:
Basic fundamentals of audit approach and process are flawed.
In my experience, auditors fail by not incorporating the basic principles and fundamentals of internal auditing. Training and skills taught in internal audit training is often neglected and competencies are often taken for granted without realising that upgrade training is extremely important from time to time.
When a process based approach isn’t followed or adapted this leads to failure as well as not adhering to timelines. The audit process needs be scheduled with fixed timelines and ensure action plans are sent to various staff in advance. Especially while dealing with Sr. management, strict timelines should be followed to gain maximum from the interview process.
Engagement of Sr. management not just in internal audits, but through the entire process is important. Understanding Quality is not a cost to doing business, rather any savings gained from compliant products, no recalls or defects should be considered as an added profit to the business.
Audits and Report Delivery
Scoping the audit and ensuring all important elements of the audit are covered is very important in planning process. Audit scoping isn’t just gaining an overview of the documentation but actually physically getting out and looking at the process and conducting a verification. It is important element which further leads to not just findings but also finding positives within the processes.
Far too often people focus on unimportant elements of the audit just to get through the number of audit days. Some staff feel they will be judged on the number of corrective actions or findings they deliver at the end of the audit – this isn’t the objective of the audit and never should be.
Auditing techniques are important as well – you cannot audit the same way for different projects or organisations. Auditors must adapt to each client, standard as well as projects to ensure value add.
Another important element of the audit is the audit report which is the final delivery of the audit service. This should be quick and reported instantly, in today’s day and age not sure why people need to wait for the audit report to be delivered after 2-3 days. It should be a simple report with all information and simple findings delivered to management or representatives. Evidence in form of photos or even attached documents are sufficient rather than writing pages and pages on information that is not relevant. Evidence against criteria be it positive or negative is value add and should be incorporated in the process.
Transparency and Accountability
Raising findings isn’t the end game of an internal audit. Findings need to be analysed, tracked, recorded and followed up. Without transparency and accountability most organisation leave this until the next audit and this isn’t the focus of any internal audit.
Personally, I feel it is as important to do periodic audits to check the Corrective and preventative actions if you are using manual systems, however this should be tracked in an automated system which would also make everyone accountable for actioning their piece.
You will fail if you think the end game is completing your audit and not effectively following up.
Cost of Quality
The cost of poor quality, clearly defined by the provision of poor quality products or service can be attributed to the inefficient, ineffective internal auditing practice. These days with social media there is no hiding from a poor product or service; the cost is not just financial but brand reputation and years of customer confidence.
Internal audits are a key and integral part of product and service offering and internal inspection frequency and methods determines the resources and costs of managing the acceptable quality standard.
There are four main categories of quality related activities that can incur cost and that can all be managed through more effective and efficient internal inspection procedures:
1. Prevention Costs – used for preventing the possibility of poor quality being recorded. These costs are related to quality managed processes and systems that are in place, such as the planning of product specification, quality assurance, and training of staff for the actual production.
2. Appraisal cost – used for measuring, evaluating and monitoring the cost of the activities, through conducting of internal audits that measure the quality compliance and assess the quality of suppliers through automated and efficient supplier audits.
3. Internal failure costs– which can be avoided and significantly reduced if the internal inspections during the prevention, and appraisal steps are implemented effectively and especially if the internal audits are automated and streamlined through the use of technology. The waste, scrap and rework that is needed to be done or redone can significantly affect the overall cost of production and negatively impact the company’s bottom line.
4. External failure costs – these are seen as the costs incurred for refunding, repairing, warranty claims and returns of the finished products by the end customers. These, unfortunately cannot be all avoided, but they can be reduced and their impact lessened if the planning, monitoring and evaluation of the whole quality management process is improved through automation.
How it all fails in the end is directly related to the failure to check, inspect, audit, evaluate and most importantly not follow up on the issues or non-conformances raised at internal audits. Organisations who are snowed under in manual paperwork forget the follow-up process and only few days before an external audit remember the task. If you want internal audits to work treat it as part of day to day business.
Using an automated platform which sends reminders with an effective workflow ensures the process and transparency at all times. Make use of technology and minimise the manual process to ensure effective use of resources.
If you’d like to learn more about paperless compliance for your internal auditing needs, iComplied offers an easy-to-use mobile platform at a reasonable price so that the upfront time and money needed to switch over to this new and improved method for conducting internal audits is minimal. Take control of your internal auditing by booking a demo, or registering for a free trial.