In today’s highly competitive economy customers are expecting higher quality out of the multitude of products and services available. In service industries the successful companies provide the best service and highest quality of work. Quality seems to be the watchword of the marketplace. And yet in the past few years, longstanding companies in the automotive industry and electronics industry have experienced high visibility quality problems. The fact is any company or organization can experience quality issues. Manufacturing companies are continually developing and making changes to their products and service companies are striving to improve the customer experience. When new products are launched and new processes are initiated, a high level of scrutiny is placed on initial quality and process capability. Special controls are instituted, process documentation is developed and the associates receive training. In addition, many new product development processes include an evaluation phase prior to project completion. This evaluation phase includes auditing of the product, process and the quality controls at a set period of time following product launch. But what happens to the process or product, three months, six months or a year down the road? How do you verify that the quality controls remain in place and the documentation is being maintained? How often does your organization asses the quality of the product or service being received by your customers? Many companies either already have or are initiating regular product, process and quality system audits. A first party audit, or internal auditing, is an effective way to monitor on-going quality and adherence to company or process standards.
First party audits are commonly referred to as “Internal Audits”. The internal audit is typically conducted on a process or set of processes to ensure they meet the organizations internal requirements or standards. Internal audits are also useful in evaluating the effectiveness of an organization’s Quality Management System (QMS) and to measure adherence to that system. They are most often performed by auditors employed within the organization. First party auditing is a component of the Cost of Quality.
Implementation of an effective first party or internal auditing process allows you to compare what is actually occurring in your day-to-day operations against your documented policies, procedures, work instructions or quality systems. First party audits help determine if you are actually doing what you said you were going to do to manage quality and ensure conformance to safety or regulatory requirements. In addition, first party quality audits play a powerful role in:
- Identification of possible weaknesses in your quality management process
- Discovering any potential issues that could lead to non-compliance penalties
- Focusing attention on opportunities to eliminate waste in your processes
- Initiating corrective and preventive actions for any non-conformances
- Maintaining consistent adherence to quality controls and systems
When an internal auditing process is well planned, implemented and maintained, the internal audits add considerable value to the quality management process and help lower the cost of quality.
The first party auditing process consists of five main steps:
- Planning the audit
- Preparing for the audit
- Performing the audit
- Reporting the audit results
- Review of any follow-up actions
A plan should be developed prior to beginning a series of audits. Develop a plan that meets your organization’s unique needs and coincides with available resources. The audit plan should include the areas to be audited and the frequency of the audits. Consider the criticality of the process, experience level of the operators and any record of any process issues or quality problems when selecting the areas to be audited and the frequency of the audits. In most cases, processes that have a high operator turnover, have experienced quality problems or recent process changes should have priority and be audited more frequently. Processes that have not seen a high turnover of operators, quality problems or process changes should have a longer interval between audits. Review your audit schedule and amend it based on these concerns.
Several activities should occur during the preparation phase of the internal audit. This may be one of the most important steps in performing a successful value-added audit. The activities should include but may not be limited to the following:
- Notify the process owners well in advance of the audit and explain the purpose of the audit. Failing to perform this one important step can result in negative consequences and could prevent the fostering of a culture of continuous improvement. You may fail to gain their buy-in of the audit process and its benefits to their team. They may view the audit as a fault finding activity instead of a fact finding exercise.
- Select a lead auditor and qualified audit team. The size and structure of the team will depend upon the size and type of process you are auditing. The team should have some inherent knowledge of the process but not be directly responsible for the process being audited. In first party audits the auditor or lead auditor is usually someone from within the company. Although, the auditor could be from an outside consulting firm but must be working for the benefit of the company and not an external certification organization, registrar or customer.
- Review the process documentation, any associated warranty or quality data, previous audit reports, 8Ds / A3s or corrective actions recently implemented prior to the audit. Educate yourself in the history of the process. Familiarize yourself with the team members or operators of the process. The more you know ahead of time will allow you to ask the right questions and ultimately generate more comprehensive answers. Reviewing the process documentation ahead of time will help you determine the most critical process parameters, challenges and key characteristics of the process. Without this knowledge, valuable opportunities for possible improvement could be lost.
- Proper preparation for the audit combined with your knowledge of the process and the operators will improve the atmosphere, efficiency and effectiveness of the audit. It will go far in promoting a culture of trust and continuous improvement.
Now that you have taken the time to prepare for the audit, you’re ready to perform the audit. There are several ways to perform an audit, but most internal audits should include at least these following steps:
- Prepare a checklist based on the documents and information you’ve reviewed. This will help ensure the audit is all-inclusive yet remains within the audit scope. In addition, preparing a checklist helps you develop a list of questions to ask during the audit.
- Conduct an introductory meeting that outlines the process being audited, how long the audit should take to complete and the persons you may desire to interview. Taking a few minutes to inform the team about what you are doing, that you value their time and input and how the audit will benefit them and the company tends to decrease tension and result in a more productive audit.
- Ask questions and actively listen, make sure you are hearing what the person is saying and make sure the auditee knows that you are really listening. Ask open ended questions that do not promote yes or no responses. Encourage the auditees to describe the process in a way that validates their knowledge of the process. Ask “what if” questions to determine how the process is actually being controlled and the reaction plan is understood should something go wrong. Remember to also ask “why” questions to ensure the auditees understand the reason for performing the various steps in the process. People are less likely to do their best work if they don’t understand the importance or purpose of performing the task. Be patient and try not to slow down the process or get in the way. Always remember that auditees are being paid to do their jobs, not answer your questions.
- Take notes, write down the responses to your questions and any observations you have along the way. Take abundant notes and photos if applicable and permissible. Some processes may be proprietary information and photos may not be permitted. This information provides the substance for the audit report and it also dispels any disagreements or confrontation.
- Document any evidence of a non-conformity uncovered during the audit and always inform the auditee of your discovery. Share with the auditee what will be reported and assure them that the intent of the report is to improve the process.
- When the audit is complete, always remember to thank the participants for their time before you leave. Be sincere, this will promote goodwill and support an attitude of trust and teamwork.
Once the audit has been performed you need to write a comprehensive report of your findings.
The report need not be long, but it should communicate a thorough and impartial summary of the audit results. The report should mention best practices observed along with all perceived risks or non-conformances detected. The audit should also include, but is not necessarily limited to, the following information:
- Record the date of the audit along with the start and finish times. This provides verification that audits are being conducted according to the pre-planned schedule. In addition, over time it could enable data collection regarding the length of time required for the audits. This can be of value when management is seeking to justify the time and expense incurred by the audit system. This is especially important in business today as many managers are continually being encouraged to reduce expenses.
- List the site location, areas or work cells, and processes reviewed during the audit. The site location only pertains to organizations that have multiple locations.
- Identify the lead auditor and the team members. Obviously, if a single individual is performing the audit they are the lead and the only name listed. Be certain to indicate if the lead auditor is internal to the company or employed by an outside consulting firm. If so include the consulting organization information.
- Include a list of the documentation reviewed and utilized during the performance of the audit. Some examples include detailed work instructions, checklists, control plans or standard work documents.
- Record the names of all individuals that were interviewed or observed during the audit. This information validates that the questions were asked of the actual process owners. Documenting names of the auditees also provides the auditor with a contact or source for additional information should questions arise during the report out or any possible follow-up activities.
- Start with the positive when presenting the actual findings of the audit. This helps set the mood for the rest of the reporting process. Always include any best practices or other good points observed during the audit. As much as possible the audit results should be used to build up and improve the team and the process, not to tear them down. One of your main goals in implementing the audit process is to drive improvement in the process and a sense of ownership in the team.
- Non-conformities should also be included and need to be clearly defined and complete. Indicate exactly what the non-conformity was, the document or standard defining the requirement and the evidence used to identify the non-conformity. It is imperative that you provide sufficient information to enable the process owner to initiate a Root Cause Analysis (RCA) and develop an effective corrective action plan.
- Observations or possible opportunities for improvement should also be included in the audit report. Auditors should share any perceived risk to the process or product quality. It is advisable that the auditor not make statements specifying something is being done wrong but should communicate what could go wrong if the circumstances remain unchanged. The observations should be linked to documentation or process and product requirements. Just as with non-conformities always provide supporting evidence with any observations.
Because one of the primary purposes of an internal or first party audit is to drive improvements to the processes or systems, the audit often generates a list of “To Dos” or corrective actions. Since most corrective actions cannot be performed at the time of the audit, the audit program manager may require a follow-up audit to verify that corrections were made and corrective actions have been taken. Depending upon the urgency or risk involved there may be a separate audit or it may be combined with the next scheduled audit. However, this decision should be based on the importance and risk of the finding. Other times organizations may forward any issues to management for follow-up.
By adhering to some fundamental audit practices, the information provided through the audit system is generally more accurate, comprehensive and includes sufficient detail to allow for effective business decisions. A well planned and executed audit system can play an essential role in developing a continuous improvement culture within the organization. Planning and implementing an effective internal auditing process takes time and resources. Organizations may not always have experienced individuals capable of leading such a considerable undertaking. In addition, some organizations lack adequate resources to support a full-time audit staff. One solution is to utilize experienced consultants of a combination of employee and outside consultant first party auditors. Having more than one alternative allows management the flexibility sometimes needed in respect to controlling expenses related to auditing. The Subject Matter Experts (SME) at Quality-One can help you plan and develop an effective 1st party audit process that suits your company’s unique needs.
At Quality-One, our First Party or Internal Audit Consulting Services bring in-depth knowledge and years of experience in the planning and implementation of successful 1st party audit processes. Our SMEs consider your unique needs to make recommendations and provide guidance while assisting you in building an effective 1st party audit system. As part of our Internal Audit Consulting Services we will:
- Review your processes and organizational structure to define your present 1st party audit needs and capabilities
- Gain a thorough understanding of the personnel and resources you have available for implementing a 1st party audit system
- Review your objectives and develop a plan for achieving your goals
- Plan and design a 1st Party Audit system that aligns with your standard practices and available resources
- Define and demonstrate proper 1st Party Audit methodology
- Assist in development of any required documentation and procedures
When an organization devotes resources for implementation of a new process or system they obviously expect it to succeed and provide value to the bottom line. It is always good practice to provide training to increase the chance of success and prevention of problems. Planning and implementation of an effective 1st Party Audit process can have a significant impact on quality, process control, and developing a culture of continuous improvement. You can significantly increase your chance of success by providing your audit teams with effective training provided by our SMEs. We can provide comprehensive, impactful 1st Party Audit training of the highest level. Whether you are new to 1st Party Auditing or are familiar with the process and desire to sharpen your skills, one of our training options will fit your needs. At Quality-One we offer three types of training: Onsite, Offsite and Online Overviews. There is sure to be one that fits your organization’s needs.
Quality-One offers Quality and Reliability Support for Product and Process Development through Consulting, Training and Project Support. Quality-One provides Knowledge, Guidance and Direction in Quality and Reliability activities, tailored to your unique wants, needs and desires. Let us help you Discover the Value of Audit Consulting, Audit Training or Audit Project Support.