Internal Audit is mandatory for ISO Certification and for ISO Certified company for any standard. Many companies do not like to do internal audit after certification. This happens because lack of awareness on internal audit and understanding the benefits of ISO Internal audit.
So, it is responsibility of Certification body to tell the company about the importance of Internal audit. Internal audit is a kind of monitoring system. It is written in the sub clause 9.2 of Clause no 9 of 9001:2015 Standard about Internal audit.
Internal audit is called the first party audit. Usually it is done cross section wise among the departments by the company staffs. However, it can also be done by hiring a third party or free lancer ISO auditor.
There is no specific quantity of internal audit mentioned in the standard. Company can do according to its need. However, most of the companies perform two internal audits in a year. Sometimes three or four can be done. Actually the quantity of internal audit depends on companies activities and complexities of the processes.
There should be a procedure for doing internal audit. All terms and conditions can be put in the procedure. Like who will be lead auditor, who will be auditors, how many members will perform the audit and how many times in a year etc should be written in the procedure.
However, for small companies who do not like to maintain procedure then they can use the following simple items for performing internal audit:
- Select team member and team leader
- Make plan and schedule
- Share audit plan to all departments
- Use check list for audit
- Use attendance sheet
- Use NC log sheet
- Prepare Audit Report (by team leader)
Why you should do internal audit? Internal audit helps to know what is happening actually inside your company. It helps to find the hidden things in a department. It finds the gaps of the processes. It creates competence among the staffs. It reminds the employees about their responsibilities. Internal audit report helps the management to take decision on any issues effectively.
After performing audit taking CA Plan is mandatory. CA plan helps for practicing for continual improvement. Which is a major principle of ISO 9001 Standard. CA Plan is the last and final stage of NC which is raised during internal audit.
To enjoy benefits of ISO Certification there is no alternative for doing internal audit. It is like a mirror. From this mirror you can see the status of your management quality.
SME organization who is unable to spend money on ISO Certification then Advanced Assessment Services (AAS) may be the right choice for him. AAS provides free internal audit training to its clients. It is a big save for SME. You can save around 50,000 taka from this service if you take certificate through AAS.