Suggestion -
Training: Have one person get 3rd party internal audit training. That person can develop a company internal auditing class to train other employees in your facility that will do internal auditing. Make sure all training is documented.
This is what I did also - Had our top QA receive Internal Auditor Training, then we developed a course to train the rest of the employees. Document Everything, and voila! There's your internal audit team, while it may only be made up of a few people, I also agree with what everyone else's suggestion is - try to have people auditing departments they are not familiar with/ do not regularly work in.
When we started this program it was very hard because the auditors had 1. No clue what an audit is really looking for 2. Anything about the material that they were looking at. The way that I remedied this problem, especially in the Internal Audit Inception phase was to have a "coach" sit in with on the audits. I had the more experienced auditors/ those who have sat through say, a BRC audit, coach the newbies on what they were looking for like if a topic takes you down a rabbit trail, how to get what you are getting at and move on, or how to assess that what the person being audited offers as evidence really satisfies the standard ... things like that. Having a coach with them made them feel less pressure and they quickly became aware of what was expected and how to conduct themselves as auditors.
A book that really helped me develop this training (although it is ISO geared, the principals are really all the same) is called "An audit of the system, NOT of the people" By Edward P. Link (I think you can get them online for maybe $$10-15) This really hit home the point when we were struggling with audits. Every audit came back, well so and so was doing this wrong and this guy was violating this GMP and so on and so forth. When they understood that it wasnt the person that was failing, it was the system - it seemed to click what the audits were for.
As far as using 3rd party audits - just be careful! We had gotten sited once (when I was young and dumb and didnt know how to fight back) for using a third party audit in our open processing areas. 3.4.2 - All internal audits shall be carried out by appropriately trained competent auditors, who are independent from the audited department - We used a customers 3rd party inspection, but could not verify that they were appropriately trained. It does not talk about using 3rd party audits in the BRC standard - you need to look in the interpretation guide for the fine print (Section 3.4.2 Of the Interpretation Guide, the last two sentences** The use of external auditors may need to be considered if internal resources are insufficient. Note that training records for external personnel shall be available.
Hope this helps! Good Luck!!!