There are two types of audits, internal and external. An internal audit is normally performed by employees or may even be performed by a contracted outside firm. An internal audit is also known as First Party Audit.
An external audit is comprised of a Second Party Audit and a Third Party Audit. The Second Party Audit is normally performed by the customer, such as the supplier. The Third Party Audit is performed by a registrar such as IAPMO R&T. Third Party Audit is also known as an independent audit. This type of audit gains more integrity because it is not biased.
The job of an auditor is to validate documentation and to make sure that employees are properly trained to do their jobs. Everyone whose job affects quality is subject to be questioned. The higher an employee’s position, the higher the level of responsibility; therefore, a more thorough audit of that employee will be required. The auditor is to be escorted throughout the audit and he/she will let the escort know immediately when a problem has been found.
The person being audited should not answer a question if he or she does not know the answer. For instance, they should not answer a question for another person or about another job that he or she is not responsible for. If a question is not clear, the auditor should be asked to repeat the question. Always tell the truth and do not try to hide information. One false statement or answer can break confidence or may even jeopardize the entire audit. Always be patient and wait for the auditor to ask the questions.
Lastly, do not try to hide from the auditor and do not volunteer information, simply answer the questions being asked in the most concise manner possible. Do not try to answer questions beyond what is being asked. Moreover, do not speculate or tell stories.
Some typical questions that may be asked during an audit are:
a) What is the quality policy and what does it mean to you?
b) What are your quality responsibilities?
c) What documents do you follow and where are they?
d) How do you know you are using the most current document?
e) If a problem is encountered, how do you handle it?
f) What do you do when you find a non-conforming product?
In summary, the ISO 9001:2000 audit ensures that employees know what documents affect their jobs, what documents are to be followed, what forms need to be filled out and what kinds of training they need to have. In other words, the audit ensures that the company operates in accordance with the specified procedures or specification