Traditional internal audits fulfill an important need for companies with fresh ISO 9001:2000 Quality Management System implementations, but for companies with mature systems, those registered for more than five years, an innovative approach to auditing called “Appreciative Internal Quality Audit” can take them beyond compliance to excellence. In effect, the Appreciative Audit approach both raises the bar and adds value for the 65,000+ North American organizations that spend a total of more than $4.5 billion on internal audits each year (see the SIDEBAR: About Internal Audits of Business Processes). Traditional audits are often an exposé of everything that’s wrong with a company. As such, they can be viewed by those responsible for business processes as a “necessary evil” and a disruption to work. The “Appreciative Internal Audit”, a name and method invented by the author, adds value by approaching process-based audits in a completely different way. Over two consecutive but independent, annual internal quality audit cycles, at one of the world’s leading providers of broadband communications and storage products (hereinafter referenced as BCSX Inc., to respect client confidentiality), a new kind of internal audit evolved that joined the practices of traditional Internal Quality Audits with the techniques of Appreciative Inquiry. Appreciative Inquiry is a discovery method that includes “…the art and practice of asking questions that strengthen a system’s capacity to apprehend, anticipate, and heighten positive potential….”1 An Appreciative Audit helps reveal and enhance what’s right and correct or discard what’s not. This creates a value-added experience that encourages the workforce by building solutions based on the fundamental truth that in every company, department or project, something works.
Figure 1: Overview of Typical Audit Activities
Initiating the audit Conducting the Document Review Preparing for the on-site audit activities Conducting onsite audit activities Preparing, approving and distributing the audit report Completing the audit
Source: ISO 19011:2002 Guidelines for Quality and/or Environmental Management Systems Auditing 2002
About Internal Audits of Business Processes
According to the ISO 19011:2004 Guidelines for Quality and/or Environmental Management Systems Auditing, audits are “…a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled….”2 In 2002, the Institute of Internal Auditors (IIA) broadened the definition to emphasize internal auditing as a proactive and customer-focused process to improve an organization’s operations in support of its overall objectives: “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.”3 Like many business process improvement systems, internal audits use Deming’s “Plan, Do, Check, Act” (PDCA) cycle4 to stimulate organizational change. Figure 1 shows an overview of the typical Internal Audit process. Typically, businesses conduct internal audits because they are an indirect requirement of their customers, regulatory agencies and other stakeholders. These requirements are usually driven by an obligation for the business to be registered to an ISO standard like ISO 9001:2000 (Quality Management Systems) or ISO 14001 (Environmental Management Systems). These international standards, and industry specific standards based on them, contain mandatory requirements for annual internal audits. According...