qms audit process june 2015
TRANSCRIPT
IMTIAZ UR REHMAN
17.06.2015
QUALITY MANAGEMENT SYSTEM AUDIT -INTRODUCTION
Presenter’s Name
01.01.15
AuditingWhat is an audit?
Systematic, independent and documented process for obtaining evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled
Why audit?Requirement of ISO 9001:2008Monitor and measure the management system
Measurement for adequacy / gap Measurement for performance
Promote continuous improvement of the management system
Principles relating to auditors:
Ethical conduct Fair presentationDue professional care
Principles relating to audit:
IndependenceEvidence-based approach
•Identifies improvement opportunities•Continuous improvement if performed regularly•achieves planned results and yields continual improvement of processes.
Verifies conformity to requirements
Provides a measurement of effectiveness of the management system to top management
BENEFITS OF AUDITING
Increases awareness and understandingReduces risk of management system failure
Types of Audits Registration / Certification: The initial audit to get an
organization's system certified
Surveillance : ongoing periodic review of an organization's quality management system, by a third party registrar
Product: often referred to as a quality audit -- is an inspection of a final product before delivering it to a supplier or a customer
• Customer contract Audit: ensures that the agreement is being executed in accordance with the intent of all parties to the contract
Gap assessment / Pre-assessment: comparison of actual performance with potential or desired performance
Combined audit / joint audit: of a firm/country by two different entities simultaneously having some common interests.
Your
Process
Act
DoPlan
Check
PDCA (Plan-Do-Check-Act)
Continual
Improvement
The Plan-do-Check-Act (PDCA) methodology applies to all processes
•Deploy and conform with plan
•Activities•Controls•Documentation•Resources•Objectives
•Analyze/review•Decide/change•Improve effectiveness
•Measure and monitor for conformity and effectiveness
Process Auditing “Turtle Diagram”
With what?Resources With who?
Personnel
What results?Performanceindicators
OutputsToWhom/Where
InputsFrom Whom/Where
How done?Methods/Documentation
Process(specific value-added activities)
Process Auditing Example
With what?• Order processing
system
With who?• Customers•Competent sales and processing staff
What results?• Order processing
time• Number or orders• Value of orders• Contract accuracy
OutputsProduction/Service Delivery
Inputs• Customer requirements• Sales staff
How done?• IT system• Processing system• Terms and conditions• Contract review procedure
ContractReview
Elements of Quality Management System Audit
Typical Audit Activities
Typical Audit Activities
1
2
4
Initiating the Audit
3
Conducting Document Review
Preparing for On-site Activities
Conducting for On-site Activities
Typical Audit Activities
5
6
8
Preparing & Reviewing Audit Report
7
Distributing Audit Report
Corrective Actions Report
Conducting Audit Follow-up
1. INITIATING THE AUDIT
Initiating the audit includes:
Appointing the audit team leaderDefining audit objectives, scope, criteriaDetermining feasibility of the auditSelecting the audit teamEstablishing initial contact with the auditee
8.2.2
Selecting the Audit TeamFor Team size and competence, consider:
Audit objectives, scope, criteria, and durationWhether audit is combined or jointCompetence of team to meet objectivesStatutory, regulatory, contractual and accreditation/certification requirementsIndependence of the team
Personal
Attributes
Ethical
Diplomatic
Open-
minded
Auditor CompetencePersonal Attributes
Observant
Perceptive
Versatile
Determined
Decisive
Self-reliant
2. Conducting Document Review
A review of documentation includes:Should be conducted prior to on-site audit activities unless deferring review is not detrimental to the effectiveness of the audit
May include relevant QMS documents, records, and previous audit reports
May include a preliminary site visit
4.2.3
3. Preparing on-site Audit Activities
One Approach is to:oIdentify audit scope and process(es) within scopeoIdentify applicable factors (inputs, outputs, measures, resources, etc.)oUse these points and other requirements
(ISO 9001-2008, system documentation, etc.) to:Plan what to look atPlan what to look for (audit evidence)
• Prepare checklist
Audit checklist structure:
Process/Activity Audited:
Requirement Source Evidence Notes
ISO 9001:2008Clause # or other
requirement
What to “look at”
What to“look for”
Notes
4. Conducting on-site Audit Activities
Conduct opening meeting
Communicate during the audit
Explain roles and responsibilities of participants
Collect and verify information
Generate audit findings
Prepare audit conclusions
Conduct closing meeting
Opening Meeting
Hold opening meeting with auditee top management and those responsible for processes audited
Meeting may be informalChaired by team leaderAudit team presentPurpose is to confirm all prior arrangements
Review
Sources of
information
Collect by
appropriate sampling
& verification
Evaluate against
audit criteria
Collecting and Verifying Information
Audit Conclusions
Auditing Process Collect information relevant to:
Audit objectives, scope, and criteria interfaces between functions, activities and processes
Collect audit evidence by appropriate sampling and verify and record it
Be aware on sampling limitations, if acting on the audit conclusion Use only information that is verifiable as audit evidence
Interview: Personnel that manage, perform, and verify activities Also ensure they are responsible for the activity being audited Listen carefully to responses
Observe: Identity, status, condition, processes, equipment, activities,
environment, and people
Auditing Techniques
During Interview…….. Show interest Be tactful and polite Show patience and understanding Remember to say please and thank you Ask the right person Don`t say you understand when you do not Put auditee at ease Ask short questions and listen Reflect right attitude, tone of voice, body
language, and facial expressions Smile and show eye contact Avoid interruptions Avoid insulting and arrogant remarks Give praise when appropriate
Empower Teams
Respect Individuals
Maintain Agility
Own Decisions
Maintain Agility
Enjoy Work
Questioning TechniquesOpen question
Using why, who, what, where, when, or how gets more than a yes or no answer
Expansive question Further elaborates the current point
Opinion question Asks opinion about current point
Non-verbal Uses body language, for example: raise eye-brow to elicit further
informationAVOID (or minimum) Repetitive question
Repeats back response in form of a question Hypothetical question
Uses what if, suppose that, etc. Closed questions as they draw answers in yes or no
5. Preparing & Reviewing the Audit Report
• Audit focus must be on conformity and effectiveness, NOT on
finding nonconformities
• The auditee must be given the benefit of any doubt where there
is insufficient audit evidence
• Evaluate audit evidence against audit criteria to generate audit
findings
• Indicate if findings are conformities, nonconformities or
opportunities for improvement
• Meet (audit team) to review findings
• Specify (with supporting evidence) or summarize conformity by
location, function, or processes, as required by audit plan
Nonconformity Non-fulfillment of a specified requirement:
Not doing it Partially doing it Doing it the wrong way
Specified requirement: Conditions of the customer contract Quality standard (ISO 9001:2008) Quality management system Statutory or regulatory requirements
Nonconformity (Minor)
Failure to comply with a requirement which (based on judgment and experience) is not likely to result in QMS failureExamples:
A two month lapse in the internal audit program A training record not available No actions taken to improve system based on previous
result findings
6. Distributing Audit Report
• Issue within agreed time period
• If delayed, provide reasons and agree on new issue date
• Report must be dated, reviewed, and approved as per procedures
• Distribute to recipients designated by audit client
• Report is property of audit client
• Recipients and audit team must respect the confidentiality of the report
• Maintain confidentiality of audit documents, information, and report
• Notify audit client and auditee ASAP if disclosure of audit information is required
7. Corrective Action Report
1. Audit conclusions may require corrective, preventive, or
improvement actions
2. Auditee receives the nonconformity report
3. Auditee decides and carries out these actions within agreed
timeframe
4. Auditee prepares a corrective action plan
5. Auditee submits the plan to auditors
6. Auditors evaluate and approve the plan
7. Auditee implements the approved corrective action plan
8. Conducting Audit Followups
1. Auditor verifies the implementation and effectiveness
2. Audit team number should verify completion and effectiveness
of actions taken
3. This verification may be part of a subsequent audit
4. Records of all actions taken by auditor and auditee
Questions?
Thank you