Quality audit

Quality Audit
Quality audit is the process of systematic examination of a quality system carried out by an internal or external quality auditor or an audit team [1]. It is an important part of organization's quality management system and is a key element in the ISO quality system standard, ISO 9001.
Quality audits are typically performed at predefined time intervals and ensure that the institution has clearly-defined internal quality monitoring procedures linked to effective action. This can help determine if the organization complies with the defined quality system processes and can involve procedural or results-based assessment criteria.
With the upgrade of the ISO9000 series of standards from the 1994 to 2000 series, the focus of the audits has shifted from purely procedural adherence towards measurement of the actual effectiveness of the Quality Management System (QMS) and the results that have been achieved through the implementation of a QMS.
Audits are an essential management tool to be used for verifying objective evidence of processes, to assess how successfully processes have been implemented, for judging the effectiveness of achieving any defined target levels, to provide evidence concerning reduction and elimination of problem areas. For the benefit of the organisation, quality auditing should not only report non-conformances and corrective actions, but also highlight areas of good practice. In this way other departments may share information and amend their working practices as a result, also contributing to continual improvement.
Quality audits can be an integral part of compliance or regulatory requirements.

Definition

Periodic, independent, and documented examination and verification of activities, records, processes, and other elements of a quality system to determine their conformity with the requirements of a quality standard such as ISO 9000. Any failure in their proper implementation may be published publicly and may lead to a revocation of quality certification. Also called conformity assessment or quality system audit.

Audits can also be used for safety purposes. Evans & Parker (2008) describe auditing as one of the most powerful safety monitoring techniques and 'an effective way to avoid complacency and highlight slowly deteriorating conditions', especially when the auditing focuses not just on compliance but effectiveness. [4]

The processes and tasks that a quality audit involves can be managed using a wide variety of software and self-assessment tools. Some of these relate specifically to quality in terms of fitness for purpose and conformance to standards, while others relate to Quality costs or, more accurately, to the Cost of poor quality. In analyzing quality costs, a cost of quality audit can be applied across any organization rather than just to conventional production or assembly processes

The principle behind Quality Audit

The principles of Quality Audit, in the sense we mean it here, are based on the style of quality standards used in several formal national and international standards such as the ISO-900x international quality standards. These standards do not in themselves create quality. The logic is as follows.

Every organisation should define comprehensive procedures by which their products or services can be delivered consistently to the desired level of quality. As was discussed in the section on Quality Management, maximum quality is rarely the desired objective since it can cost too much and take too long. The average product or service provides a sensible compromise between quality and cost. There is also a legitimate market for products that are low cost and low quality.

Standards authorities do not seek to make that business judgment and enforce it upon businesses, except where certain minimum standards must be met (eg all cars must have seat belts that meet minimum safety standards, but there is no attempt to define how elegant or comfortable they are).

The principle is that each organisation should create thorough, controlled procedures for each of its processes. Those procedures should deliver the quality that is sought. The Quality Audit, therefore, only needs to ensure that procedures have been defined, controlled, communicated and used. Processes will be put in place to deal with corrective actions when deviations occur. This principle can be applied to continuous business process operations or recurring project work. It would not be normal to establish a set of quality controlled procedures for a one-off situation since the emphasis is consistency.

This principle may be applied whether or not the organisation seeks to establish or maintain an externally recognised quality certification such as ISO-900x. To achieve a certification, the procedures will be subjected to internal and external scrutiny.
Preparing for Quality Audit
Thorough procedures need to be defined, controlled, communicated and used.

Thorough Procedures should cover all aspects of work where conformity and standards are required to achieved desired quality levels. For example, one might decide to control formal program testing, but leave the preliminary testing of a prototype to the programmer's discretion.
Procedures Any recurring aspect of work could merit regulation. The style and depth of the description will vary according to needs and preferences, provided it is sufficiently clear to be followed.
Defined A major tenet is that the defined procedures are good and will lead to the desired levels of quality. Considerable thought, consultation and trialing should be applied in order to define appropriate procedures. Procedures will often also require defined forms or software tools.
Controlled As with any good quality management, the procedures should be properly controlled in terms of accessibility, version control, update authorities etc.
Communicated All participants need to know about the defined procedures - that they exist, where to find them, what they cover. Quality reviewers are likely to check that team members understand about the procedures.
Used The defined procedures should be followed. Checks will be made to ensure this is the case. A corrective action procedure will be applied to deal with shortcomings. Typically the corrective action would either be to learn the lesson for next time, or to re-work the item if it is sufficiently important.
There is no reason why these Quality Audit techniques should conflict with the project's Quality Management processes. Where project work is recurring, the aim should be for the Quality Methods and other procedures to be defined once for both purposes.
Problems may occur where the current project has significant differences from earlier ones. Quality standards may have been set in stone as part of a quality certification. In extreme situations this can lead to wholly inappropriate procedures being forced upon the team, for example, using traditional structured analysis and design in a waterfall style approach for what would be handled best using iterative prototyping. The Project Manager may need to re-negotiate quality standards with the organization’s Quality Manager.
Operating Quality Audit
A Quality Audit approach affects the entire work lifecycle:
• Pre-defined standards will impact the way the project is planned
• Quality requirements for specific work packages and deliverables will be identified in advance
• Specific procedures will be followed at all stages
• Quality Methods must be defined and followed
• Completed work and deliverables should be reviewed for compliance.
This should be seen as an underlying framework and set of rules to apply in the project's Quality Management processes.