Do’s and Don’ts in a Quality Audit

Quality audits play a fundamental role in the establishment of a company’s Quality Management System (QMS).

An audit provides the opportunity for an organization to take corrective actions and address the identified non-conformances to get its processes in line with its intended goals.

Regulatory authorities across the globe have mandated manufacturers to undertake initial and surveillance quality audits to oversee if their processes are as per internationally accepted standards like ISO 13485 or ISO 9001 or cGMP or any other relevant standard applicable to the quality systems.

As a result of these requirements, organizations are taking proactive steps and launching a quality audit program to regularly check and maintain their compliance with the appropriate requirements and be audit ready at all times.

In order to set up an quality audit program, it is important to know the types of quality audits and what important aspects every manufacturer should pay attention to while participating in such quality audits.

What are the types of Quality Management System Audits?

Quality Management Systems (QMS) audits are often classified based on the relationship among the participants of the audit. Audits can be of the following types:

Different Types of Quality Audits (Based on Relationship Among The Participants of the Audit)

● First-Party Audit: First-party audits are internal audits conducted by certified auditors within the organization to verify that the processes are carried out in accordance with the company’s standard operating procedures and external standards adopted by the organization (e.g. ISO 13485 for Medical Devices-QMS, ISO 9001, etc.). Further, it is emphasized that the auditor shall have no interest in the audit findings and conduct the audit in an independent manner.

● Second-Party Audit: Second-party audits are ones, conducted by the manufacturers of their suppliers to ensure that the products manufactured or services provided are in line with the requirements in the agreements.

● Third-Party Audit: A third-party audit is conducted by a certification body or an auditing organization that is independent of the manufacturer or supplier. This is typically arranged by the manufacturer to obtain a QMS certificate for their organization in order to show proof of compliance with widely recognized standards.

Different Types of Quality Audits (Based on Mode of Conducting the Audit)

On-Site Audit: A personal audit carried out on location at a manufacturer’s or supplier’s facility, including a physical inspection of the documentation and infrastructure.

Off-Site/Remote Audit: An online audit conducted by the auditor using electronic means of communication (e.g. teleconferencing) to understand and evaluate the manufacturer’s controls over processes. 

While the types of audits vary widely based on several factors, all the audits share a common set of phases that need to be pursued in order to successfully perform the audit. 

What are the phases of a Quality Management System Audit?

phases of quality audit

Audit planning and preparation: This includes the preparation of an audit plan including the time schedule at which each activity of the audit shall be conducted including the locations/departments within the facility wherein the audit shall take place.

Audit execution: Following the preparation and communication of the audit plan to the auditors and auditees within the organization, the audit is carried out in accordance with the plan, beginning with a kick-off meeting.

Audit closure: The audit shall be closed with the closing meeting wherein both the auditor and auditee shall discuss the findings.

● Audit reporting: The results of the audit investigation are compiled by the auditors in the form of an audit report which shall be forwarded to the auditees for taking mandatory actions toward the findings as necessary.

Once the auditee takes the necessary corrective actions against the findings provided by the auditor and submits the corrective action plan to the auditor, the auditor may issue a certification to the auditee based on the completeness of the corrective action plan.

The main intent of these audits, as we know, is to finally achieve certification for the quality systems that will allow the company to showcase the standard and quality of products and/or services offered by the company.

Such certification is obtained via third-party audits, and it’s of the essence that an organization knows how to go about these. 

Things to Keep in Mind Before Going Into Third Party Quality Audit

The following items need to be checked by auditees in order for the audit to go smoothly, quickly, and with the fewest possible non-conformances:

Onsite Quality Audits

Ensure an audit plan and audit schedule have been prepared together with the audit team leader and communicated to all employees within the organization.

Make sure members of top management, including the CEO, are present in the opening and closing meetings of the audit.

Schedule appointments with the management staff, and ensure they are available at the scheduled hours per the audit plan.

Be sure to adopt a proactive strategy and get ready for the audit before the auditor visits.

Provide the auditor with meeting space and access to areas of the facility where the auditees can be assessed confidentially.

Maintain meeting room decorum and refrain from engaging in any informal discussions with the auditor.

Confirm the access, the auditor has to all facilities (e.g. manufacturing, storage, lavatories, etc) within the audit scope.

Before the audit, locate all the documents and records that the auditor might need.

Liaison with the auditor regarding travel arrangements, such as preferred hotels and airports, travel restrictions, and any special considerations.

Verify the availability of updated versions of the Quality Manual, Standard Operating Procedures, Quality Records, etc.

Onsite Quality Audits

Send meeting invites in accordance with the audit plan to the auditors and the appropriate management personnel.

Before recording the audit meetings, make sure to get the auditor’s approval.

Confirm that auditors only have view access to the documentation that will be shared in electronic format.

Make certain that the auditor is aware of the importance of maintaining the confidentiality of electronic documents.

Ensure that the auditor is able to get access to requested documents during the audit.

Avoid displaying the entire desktop screen. Instead, present or share only the screen where the document is active.

To avoid any potential background noise during the audit, make sure to always mute your call and only unmute it when necessary.

Be sure to attend the remote audit in a space that is free from any type of disruption.

Confirm if there is sufficient power backup, so as to avoid interruptions during the audit.

While all these considerations are of the essence when undergoing a certification audit, there are many other impromptu situations that can come up during the audit and must be dealt with in a professional and ethical manner.

At the end of the day, nothing beats readiness where the emphasis is on the robustness of documentation and effective implementation of quality systems.  

Worried about setting up a QMS and facing quality audits? 

Elexes is here to help you.

Our dedicated team of regulatory and quality professionals has years of experience supporting our clients in establishing QMS and has successfully acquired certifications for many of our clients.

For further details, please contact us at

Posted in

Parul Chansoria

Post a comment

Your email address will not be published.