Auditing the Standard

I would like to understand how people carry out and write up the audits covering the whole Standard. In the past our auditors have used a list of questions based on the Standard and then I produce a formal audit report with the compliances and non-conformities.

At the last external audit our BRC auuditor made a comment - oh, you've just typed up the responses - as if he expected something different. I just wondered how other people write theirs up and whether there is a better method I can adopt this year?

I would like to understand how people carry out and write up the audits covering the whole Standard. In the past our auditors have used a list of questions based on the Standard and then I produce a formal audit report with the compliances and non-conformities.

 

At the last external audit our BRC auuditor made a comment - oh, you've just typed up the responses - as if he expected something different. I just wondered how other people write theirs up and whether there is a better method I can adopt this year?

Dear Rosemary,

Not a packaging person but I presume you are referring to “Internal Audit”, eg  BRC packaging 3.3 (if ver 4, HR)

I’m not sure I fully understand yr post but I deduce you create a checklist closely matched to the standard's individual paragraphs / requirements and then by some, magical (?) risk-based methodology, schedule inspection(s) to assess / assure compliance, either at one go or split across the year.

If so, I think this is quite similar to many other people here. But perhaps I have misunderstood yr procedure?

Rgds / Charles.C

Hi Charles

Yes you have correctly deduced the procedure. Having written down the responses against the questions what can I do next? Is that sufficient to have demonstrated the system has been audited? Do I need to produce a formal report as well? This is what I have been doing up to now but is this just a waste of effort?

Hi Charles

 

Yes you have correctly deduced the procedure. Having written down the responses against the questions what can I do next? Is that sufficient to have demonstrated the system has been audited? Do I need to produce a formal report as well? This is what I have been doing up to now but is this just a waste of effort?

Dear Rosemary,

In truth, although I'm not a packaging person, the IA related text of the BRC Packaging Standard seems conceptually more simplistic (less demanding?) than that for food.

For example, BRC6Food has - 

3.4      Internal audit

FUNDAMENTAL

The company shall be able to demonstrate it verifies the effective application of the food safety plan and the implementation of the requirements of the Global Standard for Food Safety.

 

Internal audits

Statement of Intent 

The company shall audit those systems and procedures which cover the requirements of the Standard to ensure they are in place, appropriate and complied with.

 

 

The subsequent sub-paragraphs also  seem more penetrative than those for packaging, eg Food 3.4.4.

So perhaps the BRC packaging standard's expectation is proportionately less ?. I hesitate to suggest possible reasons for this.  :smile:  :sofa_bricks:

Not exactly sure what you mean by "formal report" ? If you are referring to documentation of the corrective actions etc, AFAI can see, this is auto-required by the standard ?

If you mean "are there other general approaches to performing an IA" ?, the answer is Yes. For example ISO likes to promote their analysis / evaluation of the systems we are discussing via Process  Groups. i have always kept a safe distance from such (to me) high-tech solutions.

Rgds / Charles.C

Hi  Rosemary,

While we’re SQF not BRC it looks like this requirement is very similar across standards. As we've been trained and implemented the auditing body simply wants evidence that a qualified person is performing internal audits against the standard. The key is actually performing an audit and not having a boiler plate response describing how the standard is intended to be applied. Perhaps having a typed out, completed document(s) is leading the auditor to wonder if the internal audit was completed behind a desk. 

What's worked well for us is having the standards broken down into monthly tasks and these monthly tasks assigned across several trained people. Final review and oversight is given to the site Practitioner.

The findings are dated accordingly, in our case spread over a 10 month period. Other than the pre-populated standards and form architecture, all findings are hand written with all scars bumps and bruises in place, no need to be pretty. There should be occasional discoveries of inadequacies and evidence how these were corrected.  

I hope I’ve helped a little.

Bruce

I would like to understand how people carry out and write up the audits covering the whole Standard. In the past our auditors have used a list of questions based on the Standard and then I produce a formal audit report with the compliances and non-conformities.

 

At the last external audit our BRC auuditor made a comment - oh, you've just typed up the responses - as if he expected something different. I just wondered how other people write theirs up and whether there is a better method I can adopt this year?

Hi Rosemary,

Many people use the standard as a template to check compliance. As long as you are satisfied that your audits are effective then I don't see a problem and certainly would not be worried by an 'off the cuff' remark by the auditor. I'm sure you've got bigger fish to fry :biggrin:

Regards,

Tony