Internal Audits, Third Party Audit

Question

Shouldn’t a company audit its own processes and procedures to ensure compliance before a third-party audit is scheduled?

Answer

Thanks for contacting ASQ’s Ask the Experts Program.  In response to your inquiry, yes, it would be a good idea for the organization to conduct an internal audit before a third party audit is performed, especially if no previous internal audit has been completed.  It’s important to remember that the primary purpose of conducting an internal audit is to assess the continued implementation and effectiveness of the quality management system and its processes.  Not conducting internal audits on a scheduled basis could jeopardize the organization’s ability to maintain its ISO 9001 certification as well as increase the probability of the occurrence of nonconformances and customer complaints.  An internal audit process is an indispensable tool required for the assessment of the QMS, its processes as well as to identify opportunities for improvement.

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
Website: www.astontechconsult.com

Unsigned Audit Report

ISO documentation practices, requirements

Question

Is it acceptable for an auditor to submit an UNSIGNED audit report in Word version? I’m QA director at a pharmaceutical CRO. We were recently audited by one of our clients. They refuse to provide a signed audit report because they say it is not their policy to do so. This seems wrong to me on many levels. Is this acceptable?

Answer

Thank you for submitting this question to ASQ’s Ask the Experts Program.

I’m not aware of any requirement that states that the auditor must sign the audit report. In situations, where an audit organization is involved, the audit organization’s management or representative signs the audit report cover letter. The name of the lead or principal auditor, as well as the names of all audit team members, should be included in the audit report. The actual audit report may or may not include a signature sign-off from the auditor or audit team members.

If an audit organization is not involved, then it would be the responsibility of the lead or principal auditor to sign the cover letter or audit report to approve its content. As you’re aware, the audit report serves as a record to document the audit results. For this reason, the signature of the auditor or audit organization is essential since it confirms the content of the audit report. This sign-off may appear on the cover letter or the report.

If your organization requires sign-off on the audit report in addition to the cover letter, then this requirement should be identified and agreed upon by all parties prior to conducting the audit. In the future, if no audit organization is involved, consider requiring independent auditors to provide copies of their qualifications and auditor certifications (ASQ CQA, Exemplar Global, IRCA, PECB or other) before the start of the audit. Aforementioned could minimize a recurrence of this or a similar concern.

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
Website: www.astontechconsult.com