Objectivity and Impartiality of the Audit Process
Adam Isaacs Rae
Managing Director - Quality & Regulatory Consultant @ The Other Consultants | Medical Devices | Market Access Specialist | Scottish Business Owner ??????????????
Happy New Year!
Firstly, before I get into things - I should do what everyone on LinkedIn, and any social media is doing and wish you a Happy New Year. No, it's not because everyone else is doing it, it’s because I mean it…
I do though, and again, I would like to say thank you so much for your support on this newsletter, it really means a lot to me.
Anyway, enough of that and let’s continue diving into internal auditing as this has been a theme of mine for a wee while.
ISO 13485 clause 8.2.4 specifies the following: The selection of auditors and conduct of audits shall ensure objectivity and impartiality of the audit process. Auditors shall not audit their own work.
With that being said, I introduce my latest creation…
This is unfortunately the reality for many organisations, particularly SMEs as a result of resource and cultural elements.
The quality department end up conducting the audits.
My disclaimer is that the type of audits we’re talking about typically have audit objectives based upon demonstrating conformity to ISO 13485.
This can create a scenario where audits are not necessarily as effective as they should be, therefore, the organisation is unable to identify areas of nonconformance, or utilise the QMS to manage areas that it knows are nonconforming.
This is the result of a number of things:
So what’s the answer, Adam, you may be asking?
It becomes difficult when you try and understand what independence is, though…
领英推荐
ISO 19011: 2018 specifies the following auditing principle (e):
Independence: the basis for the impartiality of the audit and objectivity of the audit conclusions
At the end of this paragraph, is the key statement as it shows the standard understands the difficulty that small organisations may experience.
What are the consequences of not using objective and impartial auditors?
The fact that the standard understands and mentions it does not mean the organisation should allow the QM to do all of the audits all the time. If this is the case, and the auditor detects that overall the interal audit sub-system is ineffective, this could lead to bigger issues detected within audits, but also more importantly, it could cause other issues in the QMS such as an ineffective customer complaints handling process, or unaligned vigilance and reporting requirements for example.
Furthermore, it is a waste of the organisations resource. Auditing is a high resource activity. To name some things in the process, we have the auditees involved, the auditor, writing the plan, writing the report, following up and closing actions for example. This isn’t to mention that auditing or being audited (the unfortunate role) is often not someones day job, so the day job they are away from is often then running behind.
Having said that, the best way to answer this question is with another question:
Given that auditing is a mandatory part of the standard, do you really want to do that and still leave nonconformances on the table that may flag during inspections, or not cause you to know the areas of the QMS that could use improving?
How can I try and demonstrate independence?
Responsibility, Accountability, Consulted and Informed (RACI) Matrix is often used, however that can be a very complex thing sometimes.
One of ways I think is good, is to leverage the responsibilities (which should already be defined in the QMS), and link these to your list of internal auditors. So when you are developing your audit schedule, you can select Process / Procedure X with Auditor 1 - and you can justify that the auditor has no direct role in that procedure for example as per the roles and responsibilities.
This is where it comes back to using a planning document to substantiate and defend your audit programme assignment.
Thanks and Bye!
I really do believe that utilising well trained, competent auditors that are truly completely independent of the Quality department is the best and most effective solution. These can be team members that are within separate departments, or they can be external auditors that are conducting internal audits on your behalf.
The benefit of this is that it removes the responsibility of quality to be that voice that is always raising risks. The voice of externals can be a really powerful factor.
RA/QA | MedTech | Entrepreneurship | Podcasting
2 个月Great piece Adam Isaacs Rae I find that there should be a balance between using externals and using "internal" people. The former can be good for raising / identifying more complex regulatory risks while the latter can be good for lower risk stuff (this also minimises the inherent conflict that may arise when raising NCs)
I couldn't agree more. Not only do externals (i.e., independent contractors) provide a fresh perspective, they also help prevent potential conflicts within the team.
Managing Director - Quality & Regulatory Consultant @ The Other Consultants | Medical Devices | Market Access Specialist | Scottish Business Owner ??????????????
2 个月Previous poll - https://www.dhirubhai.net/posts/adam-isaacs-rae_iso13485-medicaldevices-qualitymanagement-activity-7275399504571297793-twUZ?utm_source=share&utm_medium=member_ios
Managing Director - Quality & Regulatory Consultant @ The Other Consultants | Medical Devices | Market Access Specialist | Scottish Business Owner ??????????????
2 个月I also publish this on my substack newsletter - https://theotherconsultants.substack.com/p/objectivity-and-impartiality-of-the