The Internal audit has been a necessary factor of ISO9001 since it's creation, and was passed on from the line of standards that came before the ISO documentation. For quite a few organizations internal audit is perceived as just a necessity, something to be done, an expense of running business. For those who work toward the completion of the internal audit activity, a variety of myths have been created which through time vary their hierarchy of prominence, or importance. These myths are maintained by two collective points of view. The first is that of those who actually practice audit, who due to the lack of any significant association with their management must believe in statements applauding the supposed advantage of a usually unwelcome audit process. The second is the lack of success with most management groups in becoming seriously involved in the guidance and management of the audit process, originating from an absence of any real appreciation of the possible advantages of a well managed and carried out audit process. Quality Assurance

The myths explained here stay active inside the audit fraternity because upon hearing them, they sound as though they're true. Although they are myths they sound credible, and include: - Audits and verification; Audits and improvement; Audits and compliance. There are others that fall into this category of Myth, but these are some of those more frequently expressed.

Verification. Audits are about verifying a situation. This view of auditing dates back to its origins in product inspection. Early auditing was indeed little more than an inspection activity with a new title intended to identify defects and report the failure to whoever would listen. In part this way to audit administration and oversight still applies, and is the cause for the bad image of the perpetrators of the method. Audits are not about verification - or Compliance, as we shall see later, but about information. The aim of an audit is to notify. Are the systems in use adequate for purpose, are they being operated as intended, and are they achieving the intended outcomes. This requires the gathering of information, an informed assessment of the data, and a conclusion. Verification doesn't feature in this sequence. ISO Management System

Compliance. It is a common practice for internal audit to be conducted in a manner that is focused on the degree to which the organisation is compliant with a Standard (e.g. ISO9001) or with its self imposed requirements. While this may be very interesting to someone, it fails to address the primary reason for audit - to provide some information that will inform the management task and aid decision making. Managers require details about the Adequacy Application and Effectiveness of the systems they implemented inside the organisation. A compliance statement fails miserably to provide this information. Compliance audits do not test the ability of the rules to achieve organizational objectives. The auditor assumes the rules are good and leaves analysis to others.

Improvement. Audits as a driver for improvement is a comparative late comer to the myth table, and first became evident with the publication of the ISO9001 requirement to 'continually improve (the management system). Audits are too infrequent, limited in scope, and lack the necessary expertise to be the driving force for any continuous improvement effort. They might sustain a corrective action plan, but this definitely isn't continuous advancement. To suggest that an audit program will actually drive improvement suggests that the organisation's workforce will do nothing to improve business processes and practices in the absence of an audit report. It also ignores the fact that audits are not the prime source of information for managers. Coupled with the myths of Verification and Compliance, and recognizing that auditors support more than one myth, it is clear that improvement, and certainly continuous improvement, cannot ensue from the conduct of an audit. Continuous improvement is driven by managers and staff with the necessary commitment, skills and motivation to identify and implement improved working methods and techniques. Audits cannot lead or drive this process. Management System Consultants

With internal audit properly managed and conducted, and with auditors responsible to an audit sponsor - the champion of the audit, it is possible to overcome the effects of these myths - over time. In part the problem lies with the auditors also, who although they may not express these few myths openly, tend to behave as though they are part of their basic training and induction to the audit profession. Managers must alter their approach to audit, but auditors need to make adjustments as well. With a task of this magnitude it may well be that the only way to make that change is to hire new auditors.

Visit Here: QMS Audit