ISO 9001 Internal Audit

Ainternal auditor of a Quality Management Systemhas many resources at its

willingness to collect the evidence needed to prove the effectiveness of the system,
during an internal audit. Some of them are, of course, the interviews with the
employees and members involved in the SGC. But what are the audit questions?
internal ISO 9001 for which employees of the organization must prepare?

There are too many. So many that it is impossible to create a complete list that does not omit any.
of them. However, if we understand the methodology used by the auditor, we will be able to
approach those questions that are sure to arise in an ISO 9001 internal audit.

The key to deciphering possible questions in internal audits ISO 9001 lies in the
same rule. The auditor makes averification of compliance with the requirements of the
norm, reason for which, those questions correspond almost in strict order to the
same structure as ISO 9001. Let's look at some examples of questions in internal auditing.
ISO 9001 that can serve as a guide for those organizations that must face their
first internal audit

Examples of questions in internal audit

ISO 9001

Regarding the general requirements

Have all the system processes been identified?
Have the outsourced processes to external suppliers been identified and
controlled?

Regarding the requirements for the documentation

Does the organization have a quality policy document?
Is there another document that outlines the quality objectives?
Is the quality manual available?
Have the procedures required by the standard been documented?

Regarding the quality manual

 In the manual, is the Quality Management System covered?
In the quality manual, the exclusions contained in the section are included.
7 and the justification of its existence?
Do the documented procedures form part of the quality manual?
Is the interaction of the processes included in the manual?

Regarding the control of documents

Does the document control have a documented procedure?
Is the documented methodology suitable for the approval of documents?
Do the documents that have been reviewed comply with the methodology of
approval?
Thereview and update of documentshas an adequate methodology and
documented?
The reviewed documents are in accordance with the update methodology.
and review?
Is the documented methodology adequate for identifying the changes of the
documents, in accordance with the status of the current version?
The reviewed documents also comply with the methodology of
identification of changes?
Does the document distribution have documented methodology that allows
that these are available in the job positions?
The reviewed documents are in agreement with the distribution methodology.
of documents?
Are the external origin documents adequately controlled?
Does it guarantee its distribution?

The use of obsolete documents is regulated by a methodology that prevents their

distribution?
Are these obsolete documents treated according to the methodology?
defined for him?

Regarding record control

 The identification, protection, storage, retrieval, and disposal of the
records, is it protected by an appropriate methodology for this?
Do the reviewed records comply with such methodology?
The conservation and protection of records in digital format is described in the
procedure?
Do digital records have backup copies?

Commitments of Senior Management

Does the Top Management communicate to the organization the importance of compliance?
legal requirements and those of the clients?
Is the quality policy established by top management?
Does top management ensure the establishment of quality objectives?
Does top management review the system?
Are the resources available for the correct operation of the system ensured?
by senior management?

Regarding the customer focus

Is the determination of customer requirements carried out, in accordance with the
section 7.2.1?
Is customer satisfaction being analyzed, according to section 8.2.1?

Regarding the quality objectives

Are the objectives associated with an indicator and are they measurable?

Do the activity plans take into account the fulfillment of the objectives?
The dates, resources, and responsibilities are defined in
theactivities of the objectives plan?
Do you see continuous improvements compared to previous periods?
The monitoring of the objectives and activities is carried out in accordance with what
Has it been planned?

Regarding the infrastructure

Is the existing infrastructure necessary? Is it identified?
 Are there routines or preventive maintenance plans for the equipment?
Are records of preventive and corrective maintenance actions kept?
done?
Is there a defined methodology for carrying out maintenance tasks?

The work environment, the processes related to the client, the determination of the
product-related requirements...there are many topics on which one can
they will ask questions in ISO 9001 internal [Link] structure of these
questionsIt will be similar to what we have shared today as a guide. The
Recommendation to follow the structure of the standard. From it, the questions arise that
the auditor will carry out.

If you want to expand or update your knowledge and skills as an internal auditor
quality, from ourEuropean School of Excellencewe make available to you theCourse
Internal Auditor ISO 9001 2015, as well as ourtraining offerabout methodologies of
ISO standards that will help you not only to understand the theory but also to access practical exercises
which will facilitate their learning and application in their work as a quality professional.

Invalid URL [Link]-interna-iso-90012015-

tu-company/

address to carry out work for Enriqueta

The internal audit ISO 9001:2015 is a task that
makealmost at the end of the implementation cycle of the standard.
When you consider the internal audit, the system must be in place.
implanted and you should have at least about three months of
evidence for this action to be valid and reliable.
The ISO 9001:2015 standard requires us to conduct at least one
internal audit before the certification audit
from the annual audit review of the system by the
certifying entity.

Table of Contentsto hide]

Step 1. Plan the ISO 9001 internal audit of your company
Step 2. Define the objectives of the ISO 9001 internal audit
Step 3. Get to know the company you need to audit
Step 4. Define the method of how to conduct the ISO 9001 internal audit
o 4.1 Internal audit by processes
. 4.1.1 Example internal audit ISO 9001 management process
customer orders
o 4.2 Internal audit following the standard point by point
. 4.2.1 Example of internal audit ISO 9001 following point by point the
norm
Step 5. Internal Audit Report ISO 9001
Step 6. Closing of deviations
Step 7. Presentation of results in the management review
o
.
. [Link] and you, are you ready to pass the audit?
ISO 9001 internal audit in your company?
Sign up for my free course...
 Step 1. Plan the audit
internal ISO 9001 of your company
To carry out this planning, you can make a list with the
company processes and indicate a date, auditor and
aspects to audit.
You can collect the information about the company's processes.
ofprocess map.
Keep in mind that there are processes that may require more than one
day for the audit.

Step 2. Define the objectives of

the ISO 9001 internal audit
The execution and planning of the internal audit must go in
agreement to;

The objectives that we will define in the planning and in a way

generic
We will verify that the Quality Management System is
implemented in the organization and complies with all the
specific requirements of the standard.
We will determine the efficiency and effectiveness of the System of
Quality management regarding compliance with objectives
of the quality of the company.

Step 3. Get to know the company

what you should audit
It may seem like a very obvious step, but in practice, sometimes it
it makes it difficult if you are a consultant or professional working
auditing several organizations.
You must be clear on the following aspects:

Thescopeof the ISO 9001:2015 certification

Thequality objectivesdeclared by the company.
Know the quality manual or thelist of information
documentedthat supports the management system.

Step 4. Define the method of

how to conduct the internal audit
ISO 9001
Internal audit by processes

Take as a reference theprocess mapand from there verify

the inputs and outputs of the information, the evidence of the
process, etc.
I recommend that you look for recent evidence in time and
something with a bit more age.
Take note of all the references you can to document.
correctly the internal audit report ISO 9001.

Example internal audit ISO 9001 customer order management process

We will request evidence of the following points:

Request from our client for a product budget

Budget presented to the client
 Approval of the client of the submitted budget and agreement of
the technical and economic conditions.
Order management in our company
Manufacturing order for delivery of finished product (depends
from the company)
Management of the warehouse for the supplied product
Delivery to customer
After-sales service
Customer dissatisfaction analysis

As you can see with this simple example, we touch on a

complete process and various points of the standard.

It is the auditing method that I think is the most comfortable to.

to see in a real way how the company works.
It is definitely the one I recommend.
Internal audit following the standard point by point

It is the classic way to audit and of course it is also

totally valid.
It consists of verifying, preferably with a checklist, how
the company meets the requirements of the standard.

In Quality for SMEs, I have a general list of all the

ISO 9001:2015 requirements that you can use as a guide for the
implementation.
example internal audit ISO 9001 following the standard point by point

4. ENVIRONMENT/CONTEXTO OF THE ORGANIZATION

Does the organization periodically analyze its environment, in the

aspects that may influence it?
Have the 'stakeholders' been analyzed and defined?
of the organization?
 Does the organization identify, analyze, and update information about
the needs and expectations of their customers, suppliers,
employees and other stakeholders?
Does the organization have a strategic direction, derived from
the key internal and external information?
Has the organization established the scope of the system?

Step 5. Audit report

internal ISO 9001
After auditing all the areas agreed upon in the planning
should generate the audit report.
In it, you must describe the audited areas and above all, if
there would have been some incident to explain all the facts that
point of the defined standard or requirements are not met.
It is important that all detected incidents are
understood and spoken with the person responsible for the audited area
since they will certainly be the ones responsible for
study the incidence.

Step 6. Closure of deviations

Once you have submitted the ISO internal audit report
9001 and that the heads of the areas have understood and
accepted the open non-conformities you must agree on a
closing date of the same.
When the agreed day arrives, check the evidence they have given you.
presented and if everything is in agreement proceed to the closing of the
deviations.
 Step 7. Presentation of
results in the review by the
address
The results obtained from the internal ISO 9001 audit
they present at the meeting of themanagement review.

Other opportunities may arise during that meeting.

improvements or actions when reviewing this internal audit report
ISO 9001.
And you, are you already prepared to undergo the ISO 9001 internal audit in your company?