By Divyesh Soni GKE Consulting Pvt. Ltd. 2 Topics to be covered
1. What is Internal Audit?
2. Benefits of Internal Audit
3. Types of Audit
4. Methods of Audit
5. Points to be take care by Auditors
6. Points to be take care by Auditee
7. Phases / Steps for Internal Audit
8. Clause Wise Evidences for Audit – ISO 14001 & ISO 45001 What is an Audit 3
A systematic and independent
examination to determine whether System activities related results comply with planned arrangements and whether these arrangements are implemented effectively and are suitable to achieve objectives Benefits of Audits 4
1. To find out whether what we do vs what
we supposed to do. 2. Ensure compliance with the standard 3. Check of current status 4. Facilitate improvement 5. Enhance System Awareness 6. Increase interdepartmental understanding Audit Type 5
2nd PARTY CUSTOMER
CERTIFICATION 3rd PARTY BODY
1st PARTY ORGANIZATION
Types of Audits 6
• First Party Audit
• A First-Party Audit is performed within an organization to measure its strengths and weaknesses against its own procedures or methods and/or against external standards adopted by (voluntary) or imposed on (mandatory) the organization. a first-party audit is an internal audit conducted by auditors who are employed by the organization being audited.
• Second Party Audit
• A second-party audit is an external audit performed on a supplier by a customer or by a contracted organization on behalf of a customer.
• Third Party Audit
• A third-party audit is performed by an audit organization independent of the customer-supplier relationship and is free of any conflict of interest. Third-party audits may result in certification, registration, license approval etc. Methods of Auditing 7
•Trace Forward Audit of one sample from first to last activity.
•Trace Back Audit of one sample from last to first activity.
•Horizontal Audits (One Department to Other)
A horizontal audit occurs when you choose one process and track how it functions across all departments that interact with it.
•Vertical Audits (Only One Department)
Vertical audits involve assessing all processes and activities undertaken by a department. Forward and Backward 8
TRACE FORWARD
PROCEDURE INDEX FILE
TRACE BACKWARD Points to be taken care by Auditor 9
1. Must have detailed knowledge of System operating in the department
2. Must understand department’s operating procedures
3. Good knowledge of the standard
4. Must use checklist
5. Audit to be based on sample checking & objective evidence
6. Should not be biased
7. Acknowledge not knowing an answer
8. Cover all applicable clauses
9. Build a repo with the Auditee
10. Never argue
11. Be brief and precise.
Points to be taken care by Auditee 10
1. Ensure all records are maintained,
2. Continuous training to your people,
3. Everyone aware of job & responsibilities,
4. Ensure corrective action completed as per agreed schedule.
5. To be open – not to hide.
6. Cooperate with Auditors
7. Audit is not fault finding.
8. Do not be scared of NC’s.
9. Audits are for improvement.
Audit Life Cycle 11
• Four Phases / Steps
1. Planning & Preparation
2. Conducting the Audit
3. Communication regarding Audit Points
4. NC Writing, Follow Ups & Closer
PART 1: Planning 12
• Decide the audit teams
• Scope of audit
• Develop audit check lists
• Prepare an overall schedule of the audit
• Inform the auditors and auditees
• Status of previous audit results
• Arrange time of audit
• Prepare audit plan & circulate
PART 2: Conducting the Audit 13
• Before commencing with the audit, it is a good
practice to conduct an “opening meeting”. • The purpose of this meeting should be: 1. Meeting the auditees.
2. Confirming the audit program and clarifying unclear details,
agreeing to audit scope and applicable standards
3. Confirming the time frame of the audit
4. Confirming the arrangements for the closing meeting after the
audit Conducting the Audit 14
• Following are examined when auditing:
1. Documentation including Applicable Legal & Other Requirements
• Specifications • Testing • Grade Trained • Execution • Procedures • Inspection • Identification Person • Control • Records • Monitoring • Traceability • Job • Documentation • Document • Calibration & Description Number Maintenance • Policy & • Revision Status • Identification Objectives • Retention of Equipment Awareness Period • Interview with • Legal & Other People Requirements Part 3: Communication regarding Audit Points 16
When a non-conformity occurs?
Violation to any of the following results into NC:
1. Requirements Of Standards / Legal & Other 2. Company’s Stated Policies And Objectives 3. Company’s Documented Procedures 4. Work Instructions Categorization of Non-Compliances Major 17 • The complete absence of a statement or procedure to meet a requirement of standard • The breakdown or non-observance of a specified procedure or requirement Minor • A single observed lapse in the use of a defined procedure or requirement. Observation / OFI • Any Opportunity or Observation for Improvement based on Auditor Knowledge, Experience and Standard Requirements. Closing Meeting • Communication of Audit Findings
NOTE: A number (not specified) of minor NC’s against one procedure or
requirement, around the organization or in a single department Providing a breakdown can become a MAJOR NON-CONFORMANCE. Part 4: Reports & Corrective Actions 18
• Audit Reports 1. Audit notes 2. Audit observations 3. Non conformities 4. Category of non conformities 5. Supporting evidence 6. Signatures Writing Non Conformity Statements 19
1. Department audited 2. Date 3. Auditors & Auditee 4. Details of Non-compliance 5. Clause No. or Standard for the NC raised 6. Category of Non-Compliance 7. Objective Evidence
