How to conduct an ISO 9001 internal audit

An ISO 9001 internal audit is a critical component of maintaining an effective quality management system (QMS). It makes sure that your organisation is compliant with the ISO 9001 standard and identifies areas for improvement. Internal audits should be conducted regularly and focus on evaluating whether your processes meet the ISO 9001 requirements.

Carrying out a thorough internal audit can help you maintain ISO 9001 certification, avoid non-conformance, and continually improve your operations.

What is an ISO 9001 internal audit?

An internal ISO 9001 audit is a self-assessment process that reviews your organisation’s quality management system (QMS) to ensure it complies with ISO 9001 requirements. Unlike external audits, which are conducted by a third-party certification body, like Citation ISO Certification, internal audits are carried out by a qualified person in your organisation or a trained internal auditor.

The purpose of the internal audit isn’t just to check for compliance but also to identify opportunities for improvement, find any inefficiencies, and assess risks.

Steps to conduct an ISO 9001 internal audit

Audit planning

The first step in conducting an internal audit is to develop a detailed audit plan. The audit plan outlines everything that will be covered, including the departments or processes to be audited, and the specific ISO 9001 clauses.

• Define the audit scope: Which areas of your QMS will be evaluated?
• Set audit objectives: Are you aiming to identify non-conformities, review process efficiency, or evaluate risk management practices?

Prepare the audit checklist

Once you have your plan, create a checklist based on the specific clauses of ISO 9001 that apply to your organisation. The checklist helps auditors stay focused and ensures that all critical areas are reviewed. It should cover key aspects of ISO 9001, such as document control, risk management, corrective actions, and quality objectives.

Conduct the audit

Now it’s time to complete the audit. The internal auditor will review processes, documentation, and records to ensure compliance with the QMS and ISO 9001 standards. Auditors should also interview employees to understand how procedures are implemented and observe daily operations to see if processes are being followed correctly.

During the audit, it’s essential to:

• Take detailed notes
• Gather evidence (e.g., documentation, records)
• Record any non-conformances or observations

Document findings

After completing the audit, the next step is to document all findings in an audit report. This report should include:

• A summary of the audit process.
• Non-conformances identified.
• Areas of potential improvement.
• Observations regarding compliance with ISO 9001 requirements.

Analyse non-conformances

If any non-conformances are found during the internal audit, the next step is to analyse the main cause of the problem. Non-conformance could come from gaps in processes, poor training, or lack of resources. Conducting a root cause analysis helps identify the issue, allowing your organisation to fix it with corrective action. See our blog on non-conformance in ISO 9001, or our guide on ISO non-conformance for more information.

Corrective actions

The goal of corrective action is to eliminate the root cause found in the previous step and prevent it from happening again or returning. It’s important to set a timeline for corrective actions and assign responsibilities to specific team members.

Follow-up audits

Once corrective actions are implemented, it’s important to conduct follow-up audits to check that the non-conformances have been addressed and that the correct processes are now in place to keep your business compliant with ISO 9001 regulations.

Importance of ISO 9001 internal audits

Internal audits are an integral part of continuous improvement and risk management within an ISO 9001 QMS. They help organisations identify weaknesses, correct issues before external audits, and make sure the system is functioning effectively.

Regular audits also enable organisations to:

• Mitigate risks by identifying potential issues before they escalate.
• Enhance operational efficiency by identifying areas where processes can be streamlined.
• Ensure compliance with internal and external regulations, reducing the risk of non-conformance.

Get support with your ISO 9001 audit from us

Conducting an ISO 9001 internal audit may seem like a daunting task but with the right preparation, tools, and mindset, it can be extremely valuable to your business. By following the steps outlined above, you’ll be able to carry out a successful internal audit that identifies non-conformities, boosts efficiency and keeps your QMS in great shape!

Remember, internal audits are not just about ticking boxes. They’re a great opportunity to optimise your organisation’s performance and make sure you continue with long-term success.

If you’re looking for ISO certification, or support with audits, then why not do it with us? Our ISO consultants will be there for you every step of the way, making sure that the QMS created fits your business.

Contact us today if you have any questions on how ISO 9001 could work for you.