Challenges for Internal Auditors during COVID-19
2020 Challenges: What should I be focusing on with my Management Systems (Quality, Environmental, Safety, Laboratory, Information Security…)
- What should I do to make sure my 3rd party audit goes well?
- What should I do to help my company through these challenging times?
With the pandemic and staff working from home, the management systems (ISO 9001, ISO 14001, ISO 45001 etc.) follow through can be a challenge, as well as the internal audit and improvement processes. Many organizations are working in smaller groups, performing more of the basic functions, and skipping some of the important documentation due to other important organizational needs. This does not leave us without opportunities to accomplish important tasks. Here are a few suggestions that will not only create improvements and risk reduction, but will also continue to support a management system’s requirements:
- Conduct internal audits focused on documentation and records. This can be done remotely and can also identify outdated language, redundant documentation that may not be consistent, and areas for improvement. These audits can be followed up with documentation and records process improvements. Future audits can always include increased production or manufacturing floor audits as a focus.
- Focus the audit and risk identification processes on contingency plans. This can allow an organization to document lessons learned and improve the organizations processes and contingency plans going forward. It will likely be some time before things in most organizations really return to normal, so improvements in these areas can be valuable for an organization.
- Management system staff and internal auditors can also assist departments and areas of the company organize and improve their processes in a changing environment. These staff are typically more trained and focused on this aspect of the work which can be of great value to many areas of an organization.
- Some specific areas to watch:
- IATF Temporary Change requirements
- Automotive PPAP requirements for internal changes
- IATF Shutdown and Startup requirements, where applicable
- Scheduling processes where order quantities are changing
- Changes to workflow and security requirements for staff working remotely
- Supplier management and development – many of the above items would also apply to the organization’s suppliers, and to protect your organization, you may want to ensure you are reviewing suppliers to determine if they are proactively addressing these changes and associated risks
One other very important area to consider is organizational changes. The Pandemic and related changes and created many organization, production, manufacturing and service changes. Due to the speed of the organization’s needs, many of these did not follow more formal change processes. These changes should be reviewed after the fact or retroactively to determine if all process requirements were met, or if corrective actions are needed. This would be another area where a focused internal audit or review could help an organization avoid future issues with customers or regulatory bodies.
Looking just at the Internal Audit process, the standards always have wording to the effect that areas should be audited based on Importance and Performance, so 2020 would be a great time to focus on what is really important based on these extraordinary times, and some of the more standard and consistent processes could be audited with less focus. This is one way that these groups could support their organizations in these challenging times.