written by Maree Stuart
As we head into the silly season, we’re delighted to present:
The MAS Management Systems 12 Days of a Lab Christmas!
On the fourth day of Christmas, we did an internal audit of some new work
we wanted to seek accreditation for.
How many times have you requested a change to your scope of accreditation and had non-conformances to do with the procedures?
If you’re like most labs, quite a few. But it doesn’t have to be that way!
Understand the purpose of the audit
If you’ve been doing internal audits just to tick the ‘yes we did that’ accreditation box, you’re doing your business a huge disservice.
ISO standards require that you carry out an internal audit of your quality management system periodically (the frequency is up to you). That doesn’t mean that a complete audit has to happen annually since that would be enormously disruptive. That’s why we break it down into manageable pieces using an audit schedule. And it doesn’t mean that our schedule has to be set in stone once it’s documented. Things can change.
In the case of an audit of a new test, you’re looking to discover not only compliance, but also areas for improvement and a demonstration of competence by your staff.
Audits are all about gathering data to obtain insights, not a test of the auditor’s or the auditee’s knowledge. This data must be objective. Staff failing to document weekly maintenance tasks is an issue – not liking the form they use to record the tasks is not. The latter warrants some investigation as a potential improvement opportunity though.
While a document review is certainly part of the internal audit process, it’s unlikely that reviewing a procedure or document will yield sufficient information. The auditor should consider other reports and records along with interviews and witnessing.
It’s important to gather this evidence for your new procedures. You might think your staff have the new processes down pat and are ready for an external audit. However, your internal audit could be another piece of evidence of their competence.
Internal audits can be used to manage and monitor risks in your business. Introduction of a new test or set of tests is an uncertainty or risk you should be managing. You can also use internal audits to identify emerging risks and challenges.
For example, there are regular reports in the media of cyber security breaches and the new area of testing relies on software that connects with a cloud server. Perhaps you could consider adding an examination of your data security practices as part of the internal audit.
Supply chain issues continue to plague some businesses and when you start to do new tests, sometimes those issues are compounded. Talking to these stakeholders could uncover issues or gaps that need to be addressed. Consider evaluating the different risks and opportunities that could be presented by your suppliers and contractors.
The final word
The internal audit process is not just a requirement. It’s an important part of your lab’s continuing success.
We also know that with a tightening job market, your lab may not have the capacity to undertake this work. And that’s where we can help.
As well as developing an internal audit schedule with you, we can also carry out those audits for you. This efficient, cost-effective solution will allow you to meet the requirements of NATA or your certification body.
For a confidential, obligation free discussion about how we can support your internal audit goals call Maree on 0411 540 709 or Diane on 0402 012 781.
Remember, you don’t have to do this alone!