- The author argues for a shift from traditional auditing to a risk-based approach, highlighting that this method not only enhances the performance of the audit program but also contributes significantly to the organization.
- Coleman explains that a risk-based approach involves analyzing the complexity of products and processes, considering newness and criticality, and understanding how these factors contribute to overall risk.
- Coleman advocates for integrating risk-based thinking into auditing approaches.
This “Quality Progress” journal article by Lance B. Coleman Sr. emphasizes integrating risk management into auditing processes. The author argues for a shift from traditional auditing to a risk-based approach, highlighting that this method not only enhances the performance of the audit program but also contributes significantly to the organization. Key to this approach is considering risk at every stage of the audit process, from structuring the program to planning, executing, reporting, and closing audits.
Coleman explains that a risk-based approach involves analyzing the complexity of products and processes, considering newness and criticality, and understanding how these factors contribute to overall risk. He presents tools like the decision tree, risk matrix, Pareto diagram, and risk rating to demonstrate the intersection of risk assessment and auditing. By focusing on risks, the audit program can allocate resources more effectively, concentrating on areas that require greater scrutiny due to their higher risk.
The article also discusses the importance of asking the right questions in audit program establishment and planning. Questions about who, what, when, where, why, and how in the audit process are all answered based on risk assessments. For instance, the perceived risks determine the frequency, depth, and qualifications required for auditors. Coleman also introduces a scenario comparing traditional and risk-based auditing, showing how the latter can uncover significant risks that might be overlooked in conventional methods.
In conclusion, Coleman advocates for integrating risk-based thinking into auditing approaches. By doing so, audit programs can offer more excellent value and effectiveness, addressing not just conformity and compliance but also identifying and managing potential organizational risks. This approach aligns with modern quality management practices, which increasingly prioritize risk assessment in achieving process excellence and operational efficiency.
Read the full article (access requires free ASQ sign-up)
Leave a Reply
You must be logged in to post a comment.