“…the reactions of all the many senior managers I have interviewed on the subject of internal auditing vary from boredom through resignation to simmering anger. It seems it’s only the ‘quality experts’ who think that such techniques are helpful.

“Some companies in the UK (Yell is a prime example) have negotiated with their ISO 9001 certification bodies to remove internal auditing as a requirement because it had no business advantage.”

“With regard to the auditing requirement [of ISO 9001:2000]: in the instances I know of, it is less a case of eliminating a requirement and more of taking a fresh look at the requirement and coming up with creative interpretations that:

• [primarily] make good business sense in the light [of] accepted good management practice.
• [secondarily] meet the requirements of the standard.

“So for example, if a management team takes the process approach seriously, involves internal and external customers and suppliers in process reviews, and so on, one can demonstrate compliance to clause 8.2.2 with no need for auditors or auditing AND can put in place practice that is more beneficial than the sort of apology for auditing that is typically tolerated by the certification bodies.

To paraphrase the Salvation Army’s William Booth “why should the devil have all the best interpretations of ISO 9001.””

“...if I read you correct Yell’s Certification Body have allowed them to ditch internal auditing in favour of process reviews and so on, which the CB accept as meeting the requirements of [ISO 9001:2000] 8.2.2 (shalls and all).”

“All I know for sure about Yell, Simon, is that they no longer do audits and that they invoked self assessment as {at least part of} their way of meeting the requirements of 8.2.2 I hope to know more soon."

“Here’s how another audit-free organization summarises its approach:

‘For many years our employees, mention of ISO 9001 Internal Audits evokes memories of auditors chasing auditees to catch up with internal audit schedules in the name of ensuring records are up to date for the benefit of the certification body; “to keep thee badge”. At NKUK we did not want to instigate a similar approach in our new business, we could not see that it would be beneficial in terms of our meeting our business aims. So, we said ”no” to Internal Audits.

However, we did want a system for reviewing the way our business operates, at regular intervals, in order to improve our effectiveness in terms of meeting the company’s objectives essentially to win work!

We developed our business in the form of four key, top level processes, each owned by one of the Directors.

Our business Processes are reviewed regularly, looking at information feeding into the process (inputs), information produced or the next process (outputs) and identifying ways of improving the mechanics. The exercise is termed the Process Review. Generally, the Process owner (a Director), one person from the upstream and downstream processes and a facilitator are present at the review (non-confrontational!). The result of the meeting is a series of actions, to improve the process in question, carries out by anyone available (Directors and Engineers alike – this ensures everyone gets involved in shaping the business). The results and actions from process review are revisited in the Management Review to check progress.

By carrying out a desk study to ensure the business processes are compliant with ISO 9001:2000 – for the whole system at the outset and from then on only for changes made to the system – we believe we have met the requirements of clause 8.2.2 of ISO 9001:2000, and our certification body agrees.

Esam Bakh, Nippon Koei UK.’ ”