Generating Your ISO 9001 Audit Checklist

An essential control instrument within your Quality Management System (QMS) is the internal audit. The audits are used to ensure your processes work and also a vital part in driving continual improvement within your organisation. Although an ISO 9001 audit checklist is not a requirement in the ISO 9001 standard, they are extensively used as the main instrument while conducting an internal audit.

How to Prepare an ISO 9001 Audit Checklist

According to clause 9.2.1 in the ISO 9001 standard, an internal audit has 2 major functions:

• Make sure that the QMS conforms to defined internal procedures and the ISO 9001 standard.
• Make certain that the process is effectively implemented and maintained.

So, when you create an ISO 9001 audit checklist, you want to include the information needed to ensure that you are successfully reviewing these two as part of the audit.

How to Create a Compliance ISO 9001 Audit Checklist

An internal audit is conducted to confirm if a process is being followed. This is done through inspection of records and/or observing activities of the workforce and then comparing them with the defined process to see if it is being followed as planned. As also defined in clause 9.2.1 of the ISO 9001 standard, there are two types of requirements that need to be reviewed as of the internal audit. The requirements defined by ISO 9001 and those that your organisation has set up through its processes.

For instance, if you are auditing a procurement process, according to ISO 9001 (clause 8.4.1), you should confirm that external suppliers are evaluated, selected, controlled and reassessed based on their ability to deliver products and services according to the requirements. This is the requirement of ISO 9001. The organisation may also indicate that this is done through supplier audits, which would be a criterion defined within a company process.

On this basis, we can begin to draw up the audit checklist. An audit checklist is basically a set of questions that the auditor would like to ask or activities that the auditor would like to see to validate compliance with internal processes and ISO 9001. The checklist is made by reviewing the ISO 9001 standard and any documented procedures for the area which is within the scope of the audit. In the above example for procurement, the audit checklist may include questions about the assessment of suppliers and an assessment of the collected supplier audit reports to determine whether they will be carried out when they are determined by the Quality Management System.

The checklist may contain more than just questions; it may also contain statements about the procedures that the auditor wishes to review. Remember that a checklist is a tool for the auditor and not something that the audited entity should fill in, so any form or question and explanation will be useful for the auditor to ensure that all important parts of the process are reviewed.

However, keep in mind that an ISO 9001 audit checklist should be used as a guidance only, as the audit might take you down a slightly different trail based on findings or evidence seen while conducting the audit.

Determining If the Process Is Effective

When assessing the effectiveness of a process you want to look at Key Performance Indicators (KPI’s) if there are any set for the process. E.g. for project management the OTIF (On Time in Full) delivery could be reviewed.

Thus, if you have KPI’s and these are maintained by the process owners, an assessment of the process effectiveness can be included in your internal audit checklist by reviewing the KPI’s. Based on that it can be determined if the process is achieving the expected results. If KPI’s isn’t formally used, then it is important to question the process owner about how he/she knows his process is effective.

If you are looking to outsource your internal audits or just want support with some of them, please contact us for a free consultation to see how we can support.