internal iso auditor training
TRANSCRIPT
-
7/27/2019 Internal ISO Auditor Training
1/46
Internal ISO
Auditor Training
-
7/27/2019 Internal ISO Auditor Training
2/46
Auditing Fundamentals(Definitions)
Auditing a systematic, independent, anddocumented process for obtainingobjective evidence and evaluating it to
determine the extent to which it effectivelymeets the audit criteria
Quality simply put, conformance torequirements
Nonconformity an instance of notmeeting requirements
-
7/27/2019 Internal ISO Auditor Training
3/46
Purpose of Auditing
To determine conformity To determine effectiveness To provide opportunity to improve To meet regulatory requirements For certification
-
7/27/2019 Internal ISO Auditor Training
4/46
-
7/27/2019 Internal ISO Auditor Training
5/46
Classification of Audits(Internal vs. External)
Internal audit performed within anorganization to measure the organizationsown performance
External audit audits held by anorganization on an outside source (suchas a vendor). Also when an outside party,such as NUPIC or ISO Registrar performsan audit of an organization
-
7/27/2019 Internal ISO Auditor Training
6/46
Classifications of Audits(Based on Party)
First Party audit performed by acompany on itself (internal audit)
Second Party audit performed by a
company on an outside source (externalaudit)
Third Party audit performed by anindependent organization for or on thecompany, such as an ISO Registrationaudit (external audit)
-
7/27/2019 Internal ISO Auditor Training
7/46
Process Audits
Focus on specific process elements Used to:
- Determine whether a process iseffectively implemented and maintained
- Determine if a process conforms to a standardsuch as ISO 9001:2008
- Identify continual improvement opportunities
- Verify that corrective actions have beenimplemented and are effective
-
7/27/2019 Internal ISO Auditor Training
8/46
Audit Independence andObjectivity
Independence auditors are independentwhen they render impartial and unbiased
judgment in the conduct of their
engagement Objectivity auditors should have no
direct responsibility for the area beingaudited; and should maintain an unbiasedand impartial mindset in regard to allengagements
-
7/27/2019 Internal ISO Auditor Training
9/46
Audit Preparation and Planning(Authority)
Who has authorized the audit? - Organizational Authority: QA Manager - Policy Authority: supplier audits required
by Quality Manual/Procedures- Contracts: may require audits- Regulatory: NUPIC to verify 10CFR50 Appendix B
-
7/27/2019 Internal ISO Auditor Training
10/46
Audit Planning and Preparation(Audit Scope)
Scope includes:- Type of audit
First, second, or third party- Depth of Audit
Activities, facilities, locations to beaudited
-
7/27/2019 Internal ISO Auditor Training
11/46
Audit Planning and Preparation(Selecting Auditors)
Auditors should be selected based on thefollowing:
Attributes: fair, unbiased, etc.
Independence: no responsibility for areasbeing auditedQualifications: see next slide
Availability
-
7/27/2019 Internal ISO Auditor Training
12/46
Audit Planning and Preparation(Auditor Qualifications)
Possess good verbal and written skills Possess interviewing skills and good
listening skills
Be trained and qualified- Receive this training (initial requirement),
including successfully passing test- Per QAP-18, Audits, perform 2 internal
audits under a qualified Lead Auditor (on-the-job requirements)
-
7/27/2019 Internal ISO Auditor Training
13/46
Audit Planning and Preparation(Audit Checklist)
Based on audits purpose and scope Needs space for auditee response Needs space for auditor observations
Advantages
Promotes planning for audit
Ensures consistent audit approach
Serves as a memory aid
Provides objective evidence that audit was performed
Provides information base for future audits
-
7/27/2019 Internal ISO Auditor Training
14/46
-
7/27/2019 Internal ISO Auditor Training
15/46
Audit Planning and Preparation(Process Audit Planning)
-
7/27/2019 Internal ISO Auditor Training
16/46
Audit Planning and Preparation(Completed Turtle Diagram Example)
-
7/27/2019 Internal ISO Auditor Training
17/46
Audit Planning and Preparation(Audit Strategy)
Random Selection of Samples- Flowcharts used to understand process- Auditor looks at information for items that
are:completedin progress
ready to start (if applicable)
-
7/27/2019 Internal ISO Auditor Training
18/46
Audit Planning and Preparation(Audit Schedule)
Documents all routine audits Shows audits planned by month Written to cover a year Allows some flexibility Approved by QA Manager
-
7/27/2019 Internal ISO Auditor Training
19/46
-
7/27/2019 Internal ISO Auditor Training
20/46
Audit Planning and Preparation(Audit Notification and Agenda)
Gives advanced notice to auditee Includes purpose, scope, dates and
auditors name
Provides times for opening and closingmeetings
Provides time frame for daily auditor
meetings/conferences (as required)
-
7/27/2019 Internal ISO Auditor Training
21/46
Sample Audit Plan
-
7/27/2019 Internal ISO Auditor Training
22/46
Audit Performance(Opening Meeting)
Lead Auditor provides:- introduction of team members- the audit purpose, scope, and objective- the anticipated duration of the audit- may discuss classifications of findings- tentative time and date of closing
meeting
-
7/27/2019 Internal ISO Auditor Training
23/46
Audit Performance(Methods)
Auditors should approach the audit usingthe 5W/1H method for interviews anddocumentation of objective evidence.
Who does it?What is the process?When is it done?Where is it done/documented?Why is it done like this?How is it done?
-
7/27/2019 Internal ISO Auditor Training
24/46
-
7/27/2019 Internal ISO Auditor Training
25/46
Audit Performance(Open vs. Closed Ended Questions)
Open-ended Closed-ended
What do you do first? Is this what you do?
How do you record thatresult?
Do you document thatresults?
Where do you record thatresult?
Is this where you recordthat result?
Please show me theshop instruction?
Is there a procedure for this?
-
7/27/2019 Internal ISO Auditor Training
26/46
Audit Performance(The art of listening)
Eliminate any distractions Listen for content Suspend all judgment Listen for themes in answers Seek clarification of answers
-
7/27/2019 Internal ISO Auditor Training
27/46
Audit Performance(Verifying Records/Documents)
Sampling selection:- Necessary due to time limits- Auditor should select samples- Examine samples in detail- No set amount of samples- Cover relevant time period
- Look at control of records/documents- Record all samples examined as
objective evidence
-
7/27/2019 Internal ISO Auditor Training
28/46
-
7/27/2019 Internal ISO Auditor Training
29/46
Audit Performance(Audit Findings)
May be used to identify any and/or all of the following:- Positive findings/strengths
- Opportunities for improvement or observations
- Nonconformities (major or minor)
-
7/27/2019 Internal ISO Auditor Training
30/46
Audit Performance(Nonconformities)
A well documented nonconformity willhave three parts:- a description of the problem
- explanation of the requirement- reference the objective evidence related
to the nonconformity
-
7/27/2019 Internal ISO Auditor Training
31/46
Audit Performance(Nonconformity Classification)
Major the absence or total breakdown of a process- A number of minor nonconformities against one
clause/section of a process can represent a totalbreakdown of a process and thus be consideredmajor
Minor failure to meet on requirement of a clause of the standard or a singleobserved lapse in following one item of aprocedure
-
7/27/2019 Internal ISO Auditor Training
32/46
-
7/27/2019 Internal ISO Auditor Training
33/46
Audit Performance(Documentation)
-
7/27/2019 Internal ISO Auditor Training
34/46
-
7/27/2019 Internal ISO Auditor Training
35/46
Audit Performance(Exit Meeting)
Meeting to present audit observations andfindings
Lead Auditor presents team findings, with
clarification as necessary from auditors Discuss need (if any) for follow-up audit Opportunity to thank auditee for support
-
7/27/2019 Internal ISO Auditor Training
36/46
Audit Reporting(Timely Reporting)
Checklists and associated notes should becompleted and turned into Lead Auditor assoon as possible after the audit
Report should be completed by Lead Auditor as soon as possible after audit
Any associated CPARs should bewritten/issued at the same time
Timely reports add value
-
7/27/2019 Internal ISO Auditor Training
37/46
Audit Reporting(Report Contents)
Audit scope, objectives, criteria Identification of auditors and auditees Audit findings, including nonconformities Any recommendations, opportunities for
improvement Assessment of process effectiveness Summary of audit process
Distribution listNOTE: Audit reports should be traceable from thereport and any CPARs generated
-
7/27/2019 Internal ISO Auditor Training
38/46
Audit Reporting(Items NOT included in report)
Confidential or proprietary information Subjective Opinions Minor deficiencies corrected during the
audit Specific names of employees associated
with findings
Anything not discussed during the exitmeeting
-
7/27/2019 Internal ISO Auditor Training
39/46
Audit Reporting(Report Retention)
Purpose- meet quality requirements- allow for review of audit work- follow up on corrective actions- future audit planning- reference for developing future audit
checklists
-
7/27/2019 Internal ISO Auditor Training
40/46
Audit Follow-up and Closure(General)
Follow-up:- a process by which internal auditors
determine the adequacy, effectiveness,and timeliness of action taken bymanagement/process owners onreported audit findings
- The largest cause of failure in internal
audits is the lack of effective correctiveaction taken on the nonconformitiesidentified
-
7/27/2019 Internal ISO Auditor Training
41/46
Audit Follow-up and Closure(Action)
Action should be taken by agreed upontime
Review documented evidence
Should be performed on-site Is only a review of corrective actions
NOT another audit
-
7/27/2019 Internal ISO Auditor Training
42/46
Audit Follow-up and Closure(Documented Evidence)
Evidence may be in the form of:- Records of action taken- Training certificates- Amended Procedures- New equipment
-
7/27/2019 Internal ISO Auditor Training
43/46
Audit Follow-up and Closure(Process)
1. Auditor:- identifies problem and issues CPAR
2. Auditee:- evaluates the corrective action- performs root cause analysis- develops an action plan
- implements the corrective action- standardizes the action
-
7/27/2019 Internal ISO Auditor Training
44/46
-
7/27/2019 Internal ISO Auditor Training
45/46
Audit Planning Practical
-
7/27/2019 Internal ISO Auditor Training
46/46