Using Internal Audit to Skyrocket Improvement

Internal Quality Management System audits are a requirement of the international quality management system standard ISO 9001 and its many sector specific adaptations. ISO 9001 states that organizations “…conduct internal audits at planned intervals to determine whether the quality management system conforms to…the requirements of this international standard and to the quality management system requirements established by the organization…”. External audits by outside (3rd party) registrars are also required in order to receive and maintain certification to the ISO 9001 standard.

3rd Party Audits

Outside registrars performing 3rd party audits on an organization do not necessarily have the same agenda as the organization’s internal audit program. While the 3rd party auditors are concerned with the organization’s continuous improvement, they are specifically paid to review that the organization meets the requirements of ISO 9001 or other management system standard. They are not allowed to consult during the audit, because this may put them in a precarious position if their advice is overturned by another auditor with a different opinion.

External auditors have no connection with the employees of the organization, and regardless of their good intentions, are still thought of as strangers that may affect the organizations future, and therefore are not to be trusted completely. In many organizations, 3rd party audits are being tied only to the retention of the ISO certification. In fact complaints are starting to arise that some external auditors, in their haste to be a good supplier, allow items to be overlooked, to the point that management and employees lose respect for the process of auditing the management system in the first place. The automotive industry has identified such a rampant lack of effectiveness from 3rd party auditors that they are pushing for more responsibility to be placed upon their suppliers to create an effective internal auditing system rather than rely heavily on the results of an external one.

What Organizations Can Do

Any organization can take back control of its monitoring function easily. The first step is to decide as a leadership team that you want to aggressively improve your organization’s working environment by involving employees. Once this is decided, the planning step becomes almost an automated process. This first step by the leaders should not be taken lightly. In every program the formula remains consistent; if the leaders do not truly believe and will not truly support, the initiative will truly fail. It is the one most critical aspect of success in the implementation of any organizational wide program.

Make the Internal Audit Program Work

The word auditing has always had negative connotations attached to it. To “fail an audit” is to place yourself and others in jeopardy. To allow others to review and comment on the way you work and the success or failures that occur, is an invasion of a very personal space for every employee, and this is why audits are considered in a very derogatory sense. To overcome this prejudice, the organization must re-design what an internal audit must be and what it will accomplish. The internal audit program needs to be marketed to the employees in the same manner that a company would market a product or service that they want consumers to buy. Right now, employees don’t want to buy the audit program, and will go out of their way to interfere with its effectiveness.

Create a Safe Environment

The number one cause of interference in the audit by employees is the fear of retribution when something negative is found (nonconformance). Create a principle of “no individual blame”. The nonconformances found are something that the employees of the organization must correct together, and cannot be a vehicle for assessing individual employee behavior.

Make the Internal Audit Program Transparent

Fear is caused by the unknown, and defense mechanisms are initiated by surprise. Notification of internal audits, what they mean and when they will happen, will serve to allay employee fears about surprise attacks. Announcements well enough ahead of time will also allow for areas to prepare for the audit by correcting deficiencies beforehand. “Springing” surprise audits is never a good idea, and serves no purpose other than to show employees how bad they are.

Audit with the Employee

Most of the conflicts that arise in auditing is when an auditor confronts an employee with their opinion, scribbles notes in a sinister fashion, and delivers body language that says “I’m the professional and you’re not”. Auditing with the employee means just that – explaining to the employees what the audit is all about, sitting with them rather than across from them, always showing notes when you take them, and getting their agreement when something is found that needs to be corrected. This way there are no surprises when the audit is completed and a final report is issued.

Auditing by Consensus

When the audit is complete and a report is created that includes items that need to be resolved, it often contains individual opinions and repetitious items. This causes conflict between the audit staff and management, and reduces the audits to “paperwork” and nothing more. This can have a devastating effect on the reputation and effectiveness of the internal audit program. You can counter this by requiring the internal audit team to agree by consensus to anything that goes into (including nonconformances) the final summary report. This will not only allow for individual opinions to be replaced by wider auditor/employee perception, but will also have nonconformances reviewed for objectivity and repetition before submitting for resolution.

Communication Between Management and Employees

The internal audit should be a vehicle for allowing employees to discover what their leaders want them to achieve. By explaining the what’s and why’s of an audit, employees can learn more about the connection between what they are doing and senior management objectives, and by reporting employee views in the summary audit reports, senior management can better combat employee concerns and morale issues.

Continuous Improvement Program

The organization’s internal audits can become a part of the continuous improvement initiative by allowing employee ideas and recommendations to find their way to senior management. Making a safe environment also allows employees to “step out of the box” when they do put forward ideas. This creates a “learning organization” spirit whose benefits spill over to employee innovation, organizational-wide loss reductions, new products and services, and higher employee morale.

Steps to Skyrocket Your Internal Audit Program


Decide that you want to skyrocket improvement.

Create Team

Create an internal audit team using well-respected and employees representing the different areas of your organization.

Train Team

Train the internal audit team on how to audit effectively.

Create Mandate

Create a team mandate and principles to guide them.

Define Responsibilities

Define the team’s responsibilities as auditors, mentors, benchmarkers and communicators.

Schedule Internal Audits

Schedule “event style” internal audits that allow for communications and consensus between auditors.

Market Internal Audits

Market the audits to employees – stress safe atmosphere and truthfulness.

Audit WITH Employees

Make the audit “with” the employees rather than “of” the employees.

Create Report

Create a strong internal audit report by consensus.

Transparent Results

Allow results to be transparent to employees and use them to help correct.

Management Reviews

Make the internal audit program a value driven component of the management reviews.

Want YOUR internal QMS audits to skyrocket improvement?

Select one of HUMAN‘s onsite interactive internal audit workshops. Train your internal audit team together as they actually complete a full systems audit. Click here for more details. Or perhaps you would rather just outsource your internal audit to an expert and reap the benefits. We can do that as well. Click here to find out more.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top