Appreciative Internal Audit: A Strength-Based Approach to Quality System Auditing – A Case Study. Jon Morris President JDQ Systems Inc. Vancouver, BC, Canada
Traditional internal audits fulfill an important need for companies with fresh ISO 9001:2000 Quality Management System implementations, but for companies with mature systems, those registered for more than five years, an innovative approach to auditing called “Appreciative Internal Quality Audit” can take them beyond compliance to excellence. In effect, the Appreciative Audit approach both raises the bar and adds value for the 65,000+ North American organizations that spend a total of more than $4.5 billion on internal audits each year (see the SIDEBAR: About Internal Audits of Business Processes). Traditional audits are often an exposé of everything that’s wrong with a company. As such, they can be viewed by those responsible for business processes as a “necessary evil” and a disruption to work. The “Appreciative Internal Audit”, a name and method invented by the author, adds value by approaching process-based audits in a completely different way. Over two consecutive but independent, annual internal quality audit cycles, at one of the world’s leading providers of broadband communications and storage products (hereinafter referenced as BCSX Inc., to respect client confidentiality), a new kind of internal audit evolved that joined the practices of traditional Internal Quality Audits with the techniques of Appreciative Inquiry. Appreciative Inquiry is a discovery method that includes “…the art and practice of asking questions that strengthen a system’s capacity to apprehend, anticipate, and heighten positive potential….”1 An Appreciative Audit helps reveal and enhance what’s right and correct or discard what’s not. This creates a value-added experience that encourages the workforce by building solutions based on the fundamental truth that in every company, department or project, something works.
Figure 1: Overview of Typical Audit Activities
Initiating the audit Conducting the Document Review Preparing for the on-site audit activities Conducting onsite audit activities Preparing, approving and distributing the audit report Completing the audit
Source: ISO 19011:2002 Guidelines for Quality and/or Environmental Management Systems Auditing 2002
About Internal Audits of Business Processes
According to the ISO 19011:2004 Guidelines for Quality and/or Environmental Management Systems Auditing, audits are “…a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled….”2 In 2002, the Institute of Internal Auditors (IIA) broadened the definition to emphasize internal auditing as a proactive and customer-focused process to improve an organization’s operations in support of its overall objectives: “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.”3 Like many business process improvement systems, internal audits use Deming’s “Plan, Do, Check, Act” (PDCA) cycle4 to stimulate organizational change. Figure 1 shows an overview of the typical Internal Audit process. Typically, businesses conduct internal audits because they are an indirect requirement of their customers, regulatory agencies and other stakeholders. These requirements are usually driven by an obligation for the business to be registered to an ISO standard like ISO 9001:2000 (Quality Management Systems) or ISO 14001 (Environmental Management Systems). These international standards, and industry specific standards based on them, contain mandatory requirements for annual internal audits. According...
References: & Footnotes:
1 - Reprinted with permission of the publisher. A Positive Revolution in Change: Appreciative Inquiry, Copyright© 2005 by David L. Cooperrider and Diana Whitney, Berrett-Koehler Publishers, Inc., San Francisco, CA. All rights reserved. www.bkconnection.com 2 - Technical Committees ISO/TC 176 and ISO/TC 207ISO, International Organization for Standardization, ISO 19011:2004 Guidelines for Quality and/or Environmental Management Systems Auditing, ASQ Quality Press, 2004 3 – From The Professional Practices Framework (IIA, 2002a), Copyright 2004, by The Institute of Internal Auditors, Inc., 247 Maitland Avenue, Altamonte Springs, Florida 32710-4201 U.S.A. Reprinted with permission. 4 - W. Edwards Deming. Deming is generally credited for defining the PDCA cycle, however, he referred to it as the Shewhart Cycle, named after his teacher W. A. Shewhart (1931) 5 - Edwin Colyer, The Power of ISO, BRANDCHANNEL, BusinessWeek, 2005. 6 - Technical Committee ISO/TC 176, International Organization for Standardization, ANSI/ISO/ASQ Q9001-2000 Quality management systems - Requirements, ASQ Quality Press, 2000. 7 - Sue Annis Hammond, The Thin Book of Appreciative Inquiry, 2nd Edition, Thin Book Publishing Co., Copyright 1996. Reprinted with permission. www.thinbook.com 8 - Technical Committee ISO/TC 176, International Organization for Standardization, ANSI/ISO/ASQ Q9001-2000 Quality management systems - Requirements, ASQ Quality Press, 2000, Section 8.2.2
About the Author
Jon Morris is a senior member of the ASQ and an accomplished quality practitioner with 17 years of experience in the application of quality methodologies to effect business improvement. Jon has an MBA from the Ivey School of Business and is an ASQ Certified Quality Engineer and Certified Six Sigma Black Belt. Jon 's experience extends from the implementation and audit of formal quality systems for ISO 9001 registration, through the implementation of Lean Six Sigma methods, to software application design that supports continual improvement efforts. As President of JDQ Systems Inc. (www.jdq.com), Jon continues to consult on strategic improvement initiatives while providing leadership to the JDQ team based on quality principles.
1. Introductory text - what we are doing, how and why “When your company is at its best, there is a synergy in the business processes and activities that serve our customers. From the Quality Assurance perspective, and as Internal Auditors, we think that the Internal Audit process should contribute to the identification and sharing of “best in class” practices. As a result we think that Internal Audits become a more “value– added” QA process by searching out the best we have to offer and recording “findings” that reflect positive change and outcome. As we see it, the only nonconformance would be our inability to find something positive in the documented business processes in which we have invested so much time and effort. We think today’s audit will actually be wonderfully unexpected for all of us. We hope to help carry forward our best practices” 2. Stage-setting questions - build rapport with and get info about auditee a) Describe a time you were involved in a meaningful internal audit. What was the high point of the experience? What role did you play? (i.e. Auditor/Auditee) b) How did you contribute to the experience? 3. Topic (i.e., Process) questions - explore past, present and future of process being audited: a) Imagine that it is 6 months from now and your company is being awarded its ISO 9001:2000 certification. The system obviously conforms to the requirements of the International Standard and to the quality management system requirements established by your company, but what would convince you that the QMS was effectively implemented and maintained? b) What would actually make you proud of the accomplishment? c) Internal audits are planned and conducted once a year. How does this process contribute to the effectiveness of the Quality Management System? d) Can you describe a time when the process of escalating an audit finding to a corrective action resulted in real business process improvement? e) If you are an auditor, how does the audit checklist help you? f) If you could arrange and participate in an audit that was either on-site, “virtual” using video conferencing, or via email exchange, which approach would be more effective? Can you describe a specific (audit related or not) experience that lead to this conclusion? 4. Concluding questions - wrap up interview a) Now let’s look five years into the future. You are attending an award ceremony where a major customer is publicly thanking the President for outstanding performance and quality. What is happening in the company that has earned the award? b) What were the first steps the company had to take to make this happen? c) How was the Internal Audit process a contributor to this desired outcome?
Please join StudyMode to read the full document