PSCR: PRODUCT SAFETY & CONFORMITY REPRESENTATIVE - ÜRÜN GÜVENLİK VE UYGUNLUK TEMSİLCİLİĞİ

               IATF 16949:2016 INTERNAL AUDITS AND RELATED TO REQUIREMENTS

The objectives of the Internal Auditors are not to identify nonconformities in the organization. The primary objectives of the internal audits and internal auditors should be to verify and correct the QMS requirements at ISO 9001, IATF 16949, and all other customer expectations. If any nonconformities occur, the organization’s auditors should be controlled by QMS, and if any nonconformities occur, they should be followed and corrected.

I would like clear up a major misunderstanding about internal audits.

The organization must prepare an internal audit program within a 3-year plan. The standard does not tell us to prepare a 3-year plan. It says that within 3 years, all areas within the scope must be inspected at least once in 3 years.

Preparing for the internal audit programs can be planned by the organization. The standard does not specify any methods or ways. It only states that all internal audits should be separated in terms of the system, product, and process. So, before internal audits, the organization should create a plan for the internal audits, and first determine the internal audit methods. For example, audit frequencies, requirements of planning, determining of the path with criteria and responsibilities, resources, list of auditors, and so on. The organization should be defined and documented how to create audit plans with all steps. In addition to this, the organization should be described unconformities process and nonconformity closing process.

IATF 16949 internal audits include 3 different inspections: System Audit, Process Audit, and Product Audit. Internal audits should always be prepared based on process, not based on department. The organization should schedule audits, process audits, and product audits separately for every 3 years. During planning, the lead auditor should review all general and specific risk analysis, critical areas, quality issues, nonconformities, CSR’s, complaints, etc. After the analysis, the areas, processes, and products to be inspected should be planned in order of priority. It is better to consider existing risks and anticipating the risks that may occur later. During the process, risk analysis should be reviewed at least once a year but all updates should be documented on the risk analysis and the other related documents. During the auditing, all shifts should be considered, and according to the shifts and the frequency of internal audit should be organized and documented. And according to updates, issues or changes should be updated the internal audit plan and frequency should be updated. For example, the HR department had not had any non-conformities in the last 2 years and the organization can be included in HR to the audit plan once. On the other hand, Let’s say the machining process had many quality problems, PPM Levels were so high if the organization makes an audit plan once a year for the machining process, this decision will be wrong. The organization should see the critical points and risks of machining. And, should plan at least twice. The standard of IATF 16949 says that the process, product, and system audit plan should be organized separately for 3 years. And, according to the critical points and risks, the organization should change the frequency of audits.

In QMS audits only effectiveness is evaluated. Customer-specific requirements CSRs should be considered while auditing the QMS. Accordingly, they should be included in the scope of the audit. CSR audits should be audited and followed up separately in addition to internal audits.

Process audits are focused on efficiency and effectiveness. For example, VDA 6.3 (WV) If the organization’s customers are like FORD, the organization should meet their specific requirements. For example heat treatment process CQI 9. Due to OEM requirements, in addition to the IATF 16949 requirements, should be a prepared internal plan as a special customer needs and audited. If the organization does not have customer requirements, it can manage an internal audit plan by itself. On the other hand, if there are 3 shifts in the production process controls, each shift should be added in the audit plan and inspected. If 3 shifts working in a process, the handover work should also be monitored, including shift changes. Furthermore, If there have internal process audits, the lead auditor should check including in the system and the field such as FMEA, Control Plan, operation card, and so on.

During the product audits, including the product inspection, storage, packaging, and shipping are audited. Each process should be reviewed for how the production parts are manufactured. Product audits are also focused on efficiency and effectiveness. For example special requirement VDA 6.5 (WV). If the organization also has no customer requirements, it can manage an internal audit plan by itself.

In the organization, all audits should be documented and reported to the related department’s manager and the top management. All nonconformities should be followed and closed urgently. During the audits, all the lead auditors should be objective and impartial.