Why do companies need internal auditors and what are their benefits?

1. Home
2. Blog
3. ISO norm
4. Why do companies need internal auditors and what are their benefits?

Common myth: Our company has perfectly managed processes and an effectively implemented management system - there is nothing to improve significantly. Internal auditors are an unnecessary expense - a quality manager is enough for us.
 

Why are internal audits necessary for any company?

In the ISO world, all management system standards (ISO 9001, ISO 14001, ISO 45001, etc.) require the company to have an internal audit and a system to perform regular internal audits. Many SME owners think that internal audits are usually only needed for larger companies and mostly only for financial audits. The primary objective of ISO internal audit is to regularly review critical key business processes to ensure that the management system meets the requirements of the relevant ISO standard, as well as the organization's own internal requirements, that the system operates effectively and is maintained.

What is an internal audit?

Internal audit is a systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are met. We divide internal audits according to focus into:

• Audit of quality management system, EMS, health and safety (structure and functionality of the management system)
• Process audit (suitability and reliability of processes, especially core business - production processes in all work changes, PFMEA & Control plan)
• Product audit (verification of elements, parts, characteristics, components and final product in terms of specifications and customer requirements - for example in accordance with VDA 6.5)

By maintaining and improving the effectiveness of internal audits, your company will be able to significantly improve process efficiency, meet regulatory requirements, monitor performance, assess risks, and increase system reliability and integrity. Internal audits can bring you various benefits if you use their outputs and results effectively.

Why it is important to build a team of internal auditors

In order for your company to have a truly effective management system in place, it is necessary to ensure a process of regular internal audits. The rule is - the bigger the company, the more internal auditors you need. Even a medium-sized company with 50-350 employees should not leave internal audits to only one QA manager, but provide at least 3-5 internal auditors. For a company with 300 - 1000 employees, it is ideal to provide 10-15 internal auditors. The selection of internal auditors and the performance of the audit must be organized in such a way as to ensure the objectivity and independence of the audit process (the internal auditor must never verify his own process or department). In accordance with the principles of TQM, it is appropriate, for example, that the production process be audited by internal customers (representatives of the following processes - quality, sales, logistics) and internal suppliers (representatives of previous processes - such as warehouse, purchasing). The function of an internal auditor can also be assigned to external consulting companies, which will perform an internal audit according to your requirements. However, outsourcing the internal audit function prevents management from deeply immersed in their “core business“ processes and does not allow them to gain greater added value from internal audits for the professional growth of their employees and the development of knowledge management.

7 principles of auditing in accordance with EN ISO 19011:2018 :

• Integrity: the basis of professionalism - the essence of the audit is truthfulness, integrity, confidentiality and discretion
• Honest presentation: obligation to provide a true and accurate report
• Appropriate professional care and competence
• Confidentiality - information security - proper handling of sensitive or confidential information.
• Independence: is a basic condition for the impartiality and objectivity of audit conclusions
• Fact-based and evidence-based approach - based on examples from available information, as the audit is performed with limited resources and time
• Risk-based approach - considering risks and audit opportunities to address issues that are important to the audit client and to achieve the objectives of the audit program.

Some of the main benefits of internal audit are:

• Identifies gaps and areas for improvement
• It ensures professional growth of employees - internal auditors and auditors
• Internal feedback on the current state of the system - identification of inefficient activities, weaknesses and implementation of corrective / preventive measures to improve the overall efficiency of the company's processes / systems / products
• Increases your readiness for external audits (third party customer audits and third party audits - certification company or government institution)
• It increases the responsibility and correct approach of employees to work within the organization
• It serves as an early warning system that allows for the early detection and correction of serious deficiencies (ie prior to external audit or regulatory control by public authorities)

If you want to achieve a top-class management system, constantly improve your processes, increase customer satisfaction and at the same time improve your company's readiness for possible external audits, we recommend building a team of competent internal auditors who will ensure effective verification of your processes and systems.

Source:

ISO 9001:2015
ISO 19011:2018

You might be interested in:

Internal auditor of QMS in accordance with ISO 9001 and ISO 19011

How to implement a management system in a company