Internal Audit - HELP
I was hoping someone could give me some further advice on the internal audit fundamental.
I am confused with who can actually do the internal audits. Can the Haccp Coordinator or does it have to be someone more independant. If someone else from the production factory did this what qaulifications would they require in order to be acceptable?
Thank you!
That might be directed by your standard but typically, from what I've seen, internal auditors should be trained in internal auditing and should not be someone from the department being audited (you can't audit your own work).
So if your auditing environmental sampling it should be someone outside of the quality department doing the audit.
It should be an outside auditor. If your auditing your own department, the audit may not be completed correctly or sometimes honestly. Someone from QA should conduct audit since they are a neutral party.
Hi HACCPCOR,
To piggyback on the above comments, the internal auditors should be well trained and competent in the certification/regulatory requirements. Further to that, in order to perform a non-biased assessment the auditor should not audit their own department or area. A best practice would be to have a lead auditor and an interdepartmental audit team trained in the fundamentals of auditing,
As MerleW rightly pointed out, this is typically directed by the food safety standard. For instance, BRC clause 3.4.2 states: "Internal audits shall be carried out by appropriately trained competent auditors, who are independent from the audited department"
Codex Alimentarius defines an audit as "a systematic and functionally independent examination to determine whether activities and related results comply with planned objective"
You might want to check out this previous thread: http://www.ifsqn.com...ditor-training/
Hope this helps!
Regards,
Chris
In addition, the Internal Auditor should be "knowledgeable" about the area being audited. A person that knows nothing about sanitation, for example, would not be qualified to audit the housekeeping/hygiene/sanitation sections.
Marshall
Thank you everyone who answered it has been a great help :-)
I was hoping someone could give me some further advice on the internal audit fundamental.
I am confused with who can actually do the internal audits. Can the Haccp Coordinator or does it have to be someone more independant. If someone else from the production factory did this what qaulifications would they require in order to be acceptable?
Thank you!
Dear haccpcor,
Yr intended standard (if any) is unmentioned and similarly the “affiliation” of the Haccp Coordinator. This makes it slightly difficult to give precise comments.
Nonetheless yr queries are typical of many previous threads here for which a variety of opinions seem to ultimately exist. Perhaps an overlap with the “business end” of Food Safety Standards also contributes to the range of responses.
This short 2010 thread contains an “operational”, BRC-oriented response to yr OP from one, long-time, contributing auditor to this forum -
http://www.ifsqn.com...its/#entry34308
With some similar assumptions to above, the implication is that the basic answer to yr 1st question is probably YES. MQAEX for an earlier BRC version was similar to above thread.
As a partial counter-example but with, perhaps, not dissimilar conclusions, can compare this 2007 BRC thread -
http://www.ifsqn.com...ard/#entry17647
Whether current BRC standard / other standards have operationally (and minimally) the same requirements appears, as frequently the case, to depend on individual "interpretations" of specific Standard's text. Such is the life of an auditee. :smile:
Rgds / Charles.C
PS – these posts / threads may also be of interest -
http://www.ifsqn.com...n-6/#entry58842
HACCPCOR,
Just one other point I would add, which nobody seems to have mentioned ..... it may be allowable eg BRC, ISO22000, to have your internal audits carried out by a suitably qualified / experienced external ie 3rd Party auditor.
As long as their qualifications / expertise is documented this is a useful option for some companies eg those without enough resources or where they don't have the experience / training.Their is, of course, the added expense associated with this.
As an independent consultant, I have successfully fulfilled this role at BRC and ISO22000 certificated businesses.
Good Luck!
DP2006
CREATE A AUDIT CHECKLIST WHICH EVEN A LAYMAN CAN AUDIT WITH WHICH COVERS ALL AREAS. SELECT A INTERNAL AUDIT TEAM AND TRAIN THEM ON BASICS. AFTER A FEW AUDIT THEY WILL ALSO BECOME OF REQUIREMENTS.
AS U KNOW AN AUDITOR CANNOT AUDIT HIS OWN WORK, HENCE STAFF FROM UNRELATED DEPARTMENTS MAY BE NEEDED TO ASSIGNED TO AUDIT A PARTICULAR DEPARTMENT OR SET OF REQUIREMENTS.
The specific requirements for internal auditing are dependent on the standard(s) you are following.
In general:
Auditors must be trained and possess the relevant technical and product knowledge to ensure the effectiveness of the audit.
As for training, our auditors are trained either through formal 3rd party internal audit training or more typically internally through a company developed internal audit training program. Training records are maintained to document competency of training.
Auditors must not be biased or influenced and therefore are required to be independent from the process or department being audited. We split one person out of QA to do the bulk of our internal audits so that she does not report through the quality function. However, ultimately, and especially in smaller companies, at some level the auditor will report through to the same person as the areas being audited. It is a matter of how far removed that relationship is.
Example:
A production employee auditing the quality function may report to a production supervisor who reports to a production manager who reports to the plant manager.
A quality employee auditing the production function may report to a quality supervisor who reports to a quality manager who reports to the plant manager.
In both cases the auditors ultimately report through to the plant manager. Even in a larger company corporation this would hold true.
So your system needs to describe how you accomplish unbiased and independent internal audits based on your specific organizational structure. It could tie back into your management committment in that you have a statement of support from the upper level of management for impartial and unbiased internal auditing between departments.