Blog Internal Audits – Are They a Necessary Evil or a Great Benefit?

So why do the standards require internal audits?

There are several reasons why internal audits are a mandatory requirement for various management systems standards.

The first and most obvious one is the fundamental process approach adopted by various ISO standards namely the Plan-Do-Check-Act (PDCA) cycle that can be applied to all management system processes.

• The check part of the cycle is concerned with monitoring, and where applicable, measuring processes and the resulting products and services against policies, objectives and requirements and report the results. Sound familiar? Auditing is a key part of the check cycle.
• The act part of the cycle requires you to take actions to improve performance as necessary. Audits are a way of identifying what actions need to be taken when examining the processes.

Maintaining process conformity and continual improvement are essential – you have spent time, effort and financial resources working towards or achieving an ISO certification, and one of the most difficult things is maintaining that certification. Audits are a way of ensuring that the defined processes continue to be implemented as intended and that they reflect process changes that may result from adopting new technologies, changes in business operations or key staff.

What do we gain from internal audits?

In a recent blog by CertiKit’s Technical Author, Ted Spiller on Why ISO management systems fail, Ted highlights a number of key reasons for management system failure and these include:

• Lack of embedment period –the system hasn’t been clearly moulded to the businesses processes and gets forgotten
• Lack of training– staff lack knowledge and awareness, and are unsure of their responsibilities
• Lack of communication– there are stifled lines of communications throughout the business
• System not being monitored (internal audits)– this allows errors and mistakes to slip through the net and build up over time
• Lack of desire for improvement– this is likely due to management priorities and staff not being supported
• Avoiding responsibility– all levels of the business not being held accountable for their requirements

Imagine running a business where some or all these reasons are ignored. It would be easy to see why the business would quickly fail to deliver quality products and have an unmotivated workforce, but most of all these inefficiencies could lead to larger operating costs and lower profitability.

Internal audits are a way of checking the following:

• The health of your management system and the way it is operating
• The wealth of the business – Is it wasting time, effort, and cash on inefficient processes?
• The strength of the management system – Is it coping with and adapting to changes? Are improvements needed to restore its health?

 

So, to answer the question are audits a necessary evil or a great benefit, I would argue they are both!  They need to be done as a health, wealth, and strength measure of the Management System BUT more importantly if they are done in a timely, professional, and presentable way to Senior Management then they do add huge benefit and insight into the operation of the system within the organization.

Please note, CertiKit are not a Registered Certification Body and cannot provide you with a formal management system certification.

---

More ISO Resources

CertiKit is a provider of ISO toolkits, consultancy and internal auditing services, and has helped more than 4000 organizations worldwide with their compliance.

For more guidance on implementing the ISO standard of your choice, go to our guidance pages where you can find more specific information about each standard and more downloadable resources.

More ISO Guidance