IQA Training 9001-2008

EFFECTIVE INTERNAL
QUALITY AUDITING TO
ISO 9001:2008
I
COURSE OBJECTIVES:
Q
At the end of the course, the participants
A should be able to:
Understand the principle of internal auditing;
 Plan and conduct effective and efficient internal audits

of their Quality Management System;
 Induce and guide continual improvements in their QMS

through internal QMS audits, leading to improved
organizational performance and enhanced customer
satisfaction.
Effective Internal Auditing to ISO 9001:2008 2

I
COURSE OUTLINE:
Q
A
• 1.1 Principle of Management System Auditing
D • 1.2 Managing the Internal Audit program
ay • 1.3 Planning the Internal Audit
1
• 2.1 Conducting the Internal Audit
D • 2.2 Reporting the Audit Findings
ay • 2.3 Post-audit Activities
2
I
METHODOLOGY:
Q
A
Open
Lecture Workshop
Forum

I
1.1 Principle of Mgt. System Auditing:
Q
Why Audit is essential ?
A
A management tool for monitoring and verifying the
effective implementation of an organization’s Quality
Management System
To identify areas of conformity and nonconformity
against customer requirements, applicable statutory
and regulatory requirements, and established planned
arrangement in the QMS.
To provide a systematic discipline for corrective or
preventive actions if actual or potential
nonconformities are found

I
Q
Why Audit is essential ?
A
To provide information on which an organization can
act to improve its performance (identify opportunities for
continual improvements)
It is essential part of conformity assessment activities
such as 3rd party certification and of supply chain
evaluation

I
Q
Tool for Review and Improvement
A
Internal QMS Audit is a tool

to review and improve the
whole Quality Management
System and should always
be properly done.

I
Q
Likely effects on QMS of a week IA system
A
 Inadequate review of the Quality Management System

vs. the requirements
Conclusions not reliable basis for Top Management to

evaluate the effectiveness of Quality Management
System implementation
Diminished people’s full support to the Quality
Management System

I
Q
How internal auditing is viewed:
A
IF NOT PROPERLY DONE –
Internal auditing is usually seen as :
a way of finding fault with the individual
threat
a waste of time
bureaucratic exercise

I
Q
A
IF PROPERLY DONE –
Internal auditing is seen as a tool that:
Identifies strengths and weaknesses of the QMS and
the organization in general
Identifies continual improvement opportunities and
guides their effective implementation
Confirms if the QMS helps in achieving customer
satisfaction and other business performance goals
Helps assure monitoring of legal compliance, if any
Becomes a tool for organizational growth and progress

I
Q
A
IN A NUTSHELL –
Internal quality audits are essential……
….to determine, by an unbiased means and through

factual information on quality performance, whether the
quality system is effective in maintaining control by
checking the prescribed quality objectives are being
achieved and the resultant products and services meet
specified customer and regulatory requirements.

I
Q
Important terms and definitions:
A (ISO 19011:2002)
A systematic, independent
AUDIT and documented process for
obtaining audit evidence and
evaluating it objectively to
determine the extent to which
audit criteria are fulfilled.

I
Q
A (ISO 19011:2002)
Audit Criteria – Set of principles, procedures or requirements

used as a reference against which audit evidence is compared
Audit evidence – records, statement of fact or other information,
which are relevant to the audit criteria and verifiable
Audit findings – Result of the evaluation of the collected audit
evidence against audit criteria
Audit Conclusion – outcome of an audit provided by an audit
team after consideration of the audit objectives and all audit
findings
Audit Plan – description of the activities and arrangement for an
audit

I
Q
A (ISO 19011:2002)
Audit Scope – extent and boundaries of an audit; generally

includes a description of the physical locations, organizational
units, activities and processes, as well as the time period
covered
Audit Program – set of one or more audits planned for a specific
timeframe and directed towards a specific purpose
Auditee – organization being audited
Audit Client – organization or person requesting an audit
Competence– demonstrated personal attributes and
demonstrated ability to apply knowledge and skills

I
Q
A (ISO 19011:2002)
Auditor:
Person with competence to
conduct an audit.

I
Q
Types of Audit:
A
Internal Audit – Conducted by, or on behalf of the organization
itself for internal purposes and can form the basis for an
organization’s self-declaration of conformity. Internal audits can
be conducted separately for each management System, or as an
integrated audit procedure for various existing management
system. Also called first party audit
External Audit– conducted by any interested party (e.g. by

customer or other persons in their behalf), by a regulatory body
or by a 3rd party certification body.
- Can be conducted as combined audit, joint audit, or integrated
audit

I
Q
2 Types of External Audit:
A
Supplier Audit – also called
2nd party audit; you audit the SOIC
Management System of your
Supplier
Third-Party Audit – a
Certifying Body or a
regulatory Body audits your Certifying
organization’s Management Body Supplier
System

I
Q
Principles of Auditing:
A
1.Ethical Conduct: the foundation of
professionalism
Trust
Integrity
Confidentiality
Discretion
These are essential to auditing

I
Q
A
2.Fair presentation: the obligation to report truthfully &
accurately
Audit reports, audit conclusions
must reflect accurately the audit
activities
Significant obstacles encountered
during the audit and unresolved
diverging opinions between the
audit team and the auditee should
be reported.

I
Q
A
3.Due professional care: the application of
diligence and judgment in auditing
Auditors exercise care in accordance with
the importance of the task they perform
and the confidence placed in them by the
audit client and other interested parties.
Having the necessary competence is an
important factor.

I
Q
A
4.Independence: the basis for impartiality of the audit
and objectivity of the audit conclusions.
Auditors are independent of the
activity being audited and are free
from bias and conflict of interest.
Auditors maintain an objective state
of mind throughout the audit process
to ensure that the audit findings and
conclusions will be based only on
objective evidence.

I
Q
A
4.Evidence-based approach: the rational; method for
reaching reliable and reproducible audit conclusions
in a systematic audit process.
 The audit evidence is verifiable.
 The audit evidence is based on available

information during the audit.
 Appropriate use of sample related to the

confidence that can be placed to the
audit conclusions.

I
Q
Class discussion:
A
1. What would you consider as the
most important principle among
the 5 Principles of Auditing?
Why?
2. Can you think of potential
obstacle(s) for each of the 5
principle of auditing?
3. How can you can overcome the
obstacle you have identified?

I
1.2Managing the Internal Audit Prog.:
Q
A 1
Authority for
the Audit Audit Program
Program
PDCA
2
Establish the Audit
Plan
Program
Auditor Competence
5 3
Improving the Implementing the and Evaluation
Act Do
Audit Program Audit Program Audit Activities
4 Monitoring and
Reviewing the Check
Audit Program

I
Q
A 1 Authority for the Audit program
-granted by Top Management
 Management Representative
 Establish, implement, monitor, review and improve the audit
program and the IMS
 Identify the necessary resources and ensures they are
 provided
Appointed by Top Management and is a member of the
organization’s management
2 Establish the Audit Program
1. Define audit program objectives-to direct the planning and
conduct of audits
2. Define the extent of audit program-influenced by the size,
nature and complexity of the organization

I
Q
A 2 Establish the Audit Program
3. Define audit program responsibilities-assigned to one or more
auditors who has general understanding of audit principles and
has management skills as well as technical and business
understanding relevant t activities to be audited.
4. Determine and provide audit program resources
5. Establish audit procedure(s)
Note: Planning the audit program, including defining an audit procedure is covered
under
Section 1.3 Planning the Internal Audit

I
Q
A Typical audit program document includes
1. Audit objectives
2. Extent of audit program-based on
-scope, duration of each audit, frequency, audit criteria (mgt
standards), issues from previous audits (e.g. schedule matrix,
other QMS matrices, if any)
3. Audit team and responsibilities
4. Audit resources – e.g. reference standards. checklist, tickler
5. Audit methods – e.g. audit procedure, QOC, PDCA
6. Audit plan
7. Reporting arrangement

I
Exercise # 1
Q
A Preparing an Audit Program
1. Form 3 groups.
2. Prepare an Annual Internal QMS Audit Program for SOIC,
with an audit interval of 6 months.
3. Class presentation.
Duration: Preparation – 30 minutes

Presentation – 5 minutes / group
See Annexes
Annexes

I
Q
A 3 Implementing the Audit Program
1. Scheduling the audits
2. Evaluating auditors
3. Selecting audit teams
4. Directing audit activities
5. Maintaining records
Note: Implementing the Audit Program is covered in detailed under

Section 2.1 Conducting the Internal Audit and
Section 2.2 Reporting the Internal Audit Findings

I
Q
A 4 Monitoring & reviewing the Audit Program
1. Monitoring and reviewing the program
2. Identify needs for corrective / preventive action
3. Identify opportunities for improvement
5 Improving the Audit Program
Note: Monitoring & reviewing the Audit Program and Improving the Audit
Program is covered in detailed under
Section 2.3 Post Audits activities

I
1.3 Planning the Internal Audit:
Q
A Essential Elements
1. Documenting the internal audit process
2. Selecting / training the internal auditors
3. Preparing the audit plan
4. Ensuring auditor competence and availability
5. Securing approval for the audit plan
6. Communicating the audit plan
7. Preparing for the internal audit

I
Q
A Understanding the Requirements
 8.2.2 Internal Audit (ISO 9001:2008)
The organization shall conduct internal audits at planned intervals
to determine whether the QMS:
a) Conforms to planned arrangement to the requirements of the standard,
and the QMS requirements established by the organization, and
b) Is effectively implemented and maintained.
An audit program shall be planned, taking into consideration the

status and importance of the process and areas to be audited, as
well as the results of the previous audits. The audit criteria, scope,
frequency and methods shall be defined. Selection of auditors
and conduct of audits shall ensure objectivity and impartiality of
the audit process.

I
Q
A Understanding the Requirements
 8.2.2 Internal Audit (ISO 9001:2008)
 Auditors shall not audit their own work.
 A documented procedure shall be established to define the
responsibilities and requirements for planning and conducting
audits, establishing records and reporting results.
 Records of the audits and their results shall be maintained
(see 4.2.4).
The management responsible for the area being audited shall
ensure that any necessary corrections and corrective actions are
taken without undue delay to eliminate detected nonconformities
and their causes. Follow-up activities shall include verification of
the actions taken and the reporting of verification results.

I
Q
A
First things first . . .
 Have you documented your Internal Audit procedure?
 Does your procedure define responsibilities and requirements for
 planning and conducting internal audits?
 reporting internal audit results?
 maintaining internal audit records?
 Who will have overall responsibility for audits?

I
Q
A Audit procedure – should address the
following:
a. Audit program preparation
b. Assuring auditor competence
c. Assigning roles and responsibilities for auditors and audit team
d. Planning and conducting audits
e. Conducting audit follow-up and corrective action verification
f. Monitoring effectiveness of the audit program
g. Reporting to Top Management on the overall results and
achievements of the audit program

I
Q
A IQA PROCEDURE and FORMS
 There can be one general procedure to cover the internal audit

process, or one procedure plus several work instructions that may
cover the following key points:
a. preparing the audit program
b. selection of auditors
c. conducting audit findings
d. reporting audit findings
e. follow-up and corrective action verification
 There necessary forms may also be specified in the procedure.

I
Q
A Sample Internal Audit Procedure
Prepare annual
audit program
Auditor training Ensure auditor

Assign auditors availability
Auditor selection
Prepare/approved Company-wide
Audit plan Division / dept.
Document review
Conduct the audit
Auditor selection
Prepare audit report

conclusions, recommendations
C/CA proposed/performed
Conduct follow-up Close NCR’s
(if with NCR’s)

I
Q
A Preparing the Audit Plan
 Important things to consider

a. Adequacy of audit time allocated - # hours, day
b. Auditor competence and independence
c. Consistency with Audit Program
d. Consider “status and importance of activities”, customer and
legal requirements, and planned arrangement
 Audit Planning Approach
a. Company-wide audit plan
b. Per Division / Department Audit Plan
c. Combination of Company-wide and division/department plan

I
Q
A Audit Frequency
 Consider the following criteria:

a. Customer feedback
b. Management requirements
c. Organization (changes? New appointments?)
d. Staff performance
e. methods/technology
f. Level of maintenance of QMS; modifications
g. Previous nonconformities and corrective/preventive action
 Audit should be organized at planned intervals based on overall
audit program

I
Q
A Assigning the Auditor
 Check availability of auditor (must be independent of area to be

audited
 Brief the auditor on the objectives of the audit
 Define the limits of the area to be audited
 Appraise auditor of any special requirements, e.g. follow-up of

corrective action, priority areas for verification, etc.

I
Exercise # 2
Q
A Preparing an Audit Plan
1. Form 3 groups.
2. Prepare a company-wide audit plan for SOIC (from among
the member of the group). Choose one department and
prepare a departmental audit plan.


I
Q
A Who can Audit?
There are four Qualification Criteria:

 EDUCATION – An IQA should have appropriate education and can
clearly express concepts and ideas through verbal and written
communications.
 TRAINING – A IQA should be trained in internal auditing techniques

and must be familiar with the requirements of the standards (ISO
9001:2008).
 EXPERIENCE – An IQA should have appropriate, practical

workplace / industrial experience.

I
Q
A Who can Audit?
There are four Qualification Criteria:

 PERSONAL ATTRIBUTES–
 An Internal Auditor should:
a. Be open-minded and mature, and possesses sound judgment,
analytical skills and tenacity
b. Have the ability to perceive situations in realistic and positive way
c. Understands the operation of the company and the requirements
of its customer
d. Be interested in finding opportunities for improvements
e. Have a good sense of balance (able to adequately cover all
requirements of standard within allotted time).

I
Q
A Tasks of the Internal Audit
 The Internal Auditor should be able to apply his attributes in

order to:
a. Obtain and assess evidence in a fair manner
b. Preserve his independence and integrity
c. Be flexible to changing situations during the audit
d. Interact with auditee’s in a positive way
e. Add value to auditee’s process or activities
f. Perform the audit process fully and adhere to the audit plan
g. Arrive at acceptable conclusions based on audit findings and
objective evidence
h. To stand his group despite possible pressure of contrary views

I
Q
A Good Auditor Behavior – Some tips!
 Establish rapport –
(a) introduce yourself to the auditee(s)
(b) explain why you are there, your aims
(c) explain how audit will be conducted
(d) Brake the ice, create positive climate
 Show courtesy – say “please…,”, “thank you”, etc.
 Be non-judgmental
 Work with facts-not your opinions or value judgment
 Don’t criticize nor find fault

I
Q
 Control emotions (impatience, disappointment, fatigue, etc.)

 Be firm and assertive (do not be passive or nor aggressive)
 Admit your mistakes or misunderstanding, if they occur
 Compliment, where appropriate
 Be fair, objective and impartial
 Understand but don’t get drawn into auditee’s internal problem
 Record information openly-let auditee see what is being written
down avoid surprises)
 Be firm and tenacious, but flexible

I
Q
 Do not waste time (yours or theirs)

 Be tactful and diplomatic
 Prioritize on the basis of significance and degree of importance
of area being audited and facts therein
 Communicate clearly, both verbal and non-verbal
 Carry yourself in a professional manner
(a) With management – project dignity and competence
(b) On the shop floor – suitable comfortable attire; don’t
“overpower” personnel on the shop floor

I
Q
A Auditor’s Responsibilities
 Be prepared
 Comply with the audit plan
 Communicate audit requirements
 Carry out the audit effectively and efficiently
 Record and report findings
 Conduct follow-up audits
 Keep complete records
 Treat all information in confidence

I
Q
A Rules for Auditors
 Independent of area to be audited

 Remains within the scope of audit
 Be objective, report facts not conjectures
 Collect and analyze evidence that is relevant
 Fair – don’t nit-pick; consider the good points
 Observe proper ethical behavior
 Observe confidentiality

I
Q
A Auditor planning for each Audits
 Auditors reads and understand the QMS documentation and

business process
 Communication with the auditee to confirm audit schedule
 Preparation of the audit agenda and checklist (should reflect

Plan-Do-Check-Act approach)
 Auditors checks that his audit kit is complete (with audit plan,
previous audit reports, forms and note pads, references, pens)

I
Q
A Auditor Preparation
 Read any previous audit reports
 Read the Quality Manual, Procedure Manual, Work Instructions;

Plans (e.g. Quality Plan) of the area or function to be audited.
 Talk to the previous auditor(s), if possible
 Prepare checklist (good practice but optional)
- note the points to be covered

- make an audit trail

I
Q
A Purpose of Checklist
 Provide a general flow of the audit

 Ensures adequacy of coverage of audit
 Helps the auditor recall key audit points
 Helps auditor plan for critical elements of the QMS in general
and of the function in particular
 Helps ensures depth and breadth to audit coverage
Caution:
Checklist should serve only as aide-memories and should not
limit the auditor during the audit

I
Q
A Prepare for Audit Trail
 Note from the documentation the business process and sub-

processes from start to finish
 Verify if process has quality objectives, and if met
 Know (and note) the steps of each process and plan how to
check if they are in accordance with the steps in the appropriate
procedure
 Remember: Audit using P-D-C-A approach

I
Q
A Preparing the Checklist of Questions
 Check which elements of the Standard apply to the area to be

audited
 Check key requirements in the document
 Check for any problems which normally are known to occur in
the process to be audited
 If necessary, ask other people for advice
 Refer to other previous audit checklist/reports
 Sequences questions in a logical way and also to permit P-D-C-A
approach to auditing

I
Q
A
Key
Value-adding activities
Information flow
Figure 1-Model of a process-based quality management system

(ISO 9001:2008)

I
Q
A Audit Using PDCA Approach
The IQA auditors may cover the following key points:
1. What are the key objectives for the function/process ?

 Are objectives, quantitative targets and programs define?
 Do they define desired outcomes of function?
 Do they address customer requirements?
 Do they relate to the organization’s Quality policy?
 Do they relate to the Eight QMP’s?
 Do they relate to legal requirements, if any?

I
Q
2. Are resources available and managed, as planned, to achieve
objectives?
 Is there a process for defining and allocating resources?
 Are resources needs identified, adequate, accounted for?
 Does this include financial, specialized skills, equipment,
technology and the like?
3. Are key activities and methods for achieving objectives
identified, documented and controlled?
 Are plans, procedures, SOP, formula, etc. documented?
 Are process and operating criteria defined?
 Are responsibilities and authorities defined?

I
Q
4.What measures are available to demonstrate achievement of
objectives, and what evidence is available to demonstrate
continual improvement for the function / process?
 Review and assess, among others:
 Process capability, equipment reliability
 Waste rates, variances vs. budget and other metrics
 Legal compliance (No NOV, No accidents, etc.)
(findings should be backed up by data and company records)
 Performance monitoring and monitoring results: analyses
 Actions taken for un-met objectives, product nonconformities,
significant process deviations

I
Q
A Auditor’s final Check
 Notebook, writing instruments

 Copy of relevant QMS documents
 Copy of audit plan confirmed by the auditee
 Copy of the standards (ISO 9001:2008)
 Copy of Internal Audit procedure, work instructions – if not
available at the auditee’s area
 Copy of audit checklist, if any
 Forms for audit findings / report preparation
 Previous nonconformity reports for verification of effectiveness
of corrective actions

I
Exercise # 3
Q
A Preparing a PDCA Audit Checklist
1. Form 3 groups.
2. Identify what are the relevant requirements of ISO 9001:2008
in the function(s) to be specified by the tutor.
3. Prepare a simple PDCA matrix and checklist

See Annexes
Annexes

I
2.1 Conducting the Internal Audit:
Q
A First things first…
 Have you prepared an audit plan?
 Is the audit plan approved?
 Have you communicated the audit plan to

all concerned?
 Have you rechecked and re-confirmed the
auditor’s and auditee’s availability?
 Have you prepared your opening meeting

agenda?

I
Q
A Note:
For maintenance audits, prepare an Audit

Program. This should contain:
 Frequency of audits; schedules
 Functions or processes to be covered at
each audit based on QMS
 Sites, if multiple, to be covered at each
audit
 List of qualified auditors

I
Q
A A
O
p
u
e
d
n
ii
g
P
M
tn
re
o
e
p
t
The Audit Agenda
ein
rg
C
l
o
s
i
n
g
M
e
e
t
i
n
g

I
Q
A The Opening Meeting
 What to say during the opening meeting

 Refer to Opening Meeting agenda
 Who should attend the opening meeting

 Audit Team and Management team to be audited
 Who should manage the opening meeting
 Chaired and managed by the Lead Auditor or Team
Leader

I
Q
A The Opening Meeting
Review / discuss the following Opening Meeting for the audit

program, to include:
 Objective and scope of audit and audit criteria
 The schedule of events; other arrangements
 Definition of nonconformities, major and minor
 How you will report the audit results
 Compliance with safety and security
requirements , if any
 Confidentiality of audit data
 Resolve any question and items for clarification
from the auditees

I
Q
A Tips for effective Opening Meeting
 Come prepared! Bring an opening meeting agenda !

 Choose a suitable meeting place.
 Be punctual (come on time or ahead of the auditees)
 Be efficient! (if possible, do not exceed 15 minutes)

 Explain carefully the audit flow and objectives.
 Be professional, Observe courtesy at all times
 Create a positive atmosphere for the audit – emphazise the
partnership between the auditor and auditee in seeking
conformity and continual improvement

I
Exercise # 4
Q
A Conducting the Opening Meeting
1. Form 3 groups.
2. Group 1 - to conduct a mock Opening Meeting (with
instruction from the tutor)
Group 2 – to act as auditees (Management Team)
Group 3 – to observe the proceedings.
3. Group 3 to provide feedback to the class

Group 3 feedback – 5 minutes

I
Q
A Contacting the Auditees
 Confirm the date and time of the audit
 Send copy of audit plan
 Confirm the documents which apply to the area to be

audited
 Check if there are special considerations for protective

clothing, safety, security, etc.

I
Q
A Preparing the Checklist of Questions
(some items to consider)
 Quality objectives (define; adequate? Aligned with
and supportive of Quality Policy?)
 Resources
 Capability of processes (effective?; efficient?)
 Process and Product performance
 Performed measurements
 Improvement plans and planning results

I
Q
A Remember what to audit against -
 Requirements of ISO 9001:2008
 Requirements of the company, as documented

in the QMS documentation
 Planned arrangements (under clause 7.1)

I
Q
A Conducting the Audit
 Interview the staff responsible for each task

 Obtain audit evidence by:
Asking Questions: inquire about task details

Observing actual task: watch the task being
C Q done
Checking records: confirm if task done is
consistent with the documented procedure;
O cross checks with what records reveal
 Follow the audit trail (sequence of process steps)

I
Q
A Conducting the Audit
 Compare and evaluate practice against the documented

QMS (conforming? at variance
 Use checklist to guide you in completing audit
 Define nonconformity where lapses of the practice against
QMS documentation might be found
 Record objective evidence/s of the nonconformity
 Confirm with the auditee the presence of nonconformity
 Point out observation; areas for improvement

I
Q
A What key things to look for and where?
 Task – work methods defined, efficiency
 People – training, skills, competence and motivation
 Documents / Record
– identification, issue, content, correctness and distribution
– retention, preservation, legibility, accessibility
 Equipment; Work Environment

– identification, capability, condition, safety, sanitation

I
Q
A Interview Plan
 Identify person to be interviewed

 Introduce yourself
 Explain why you are there
 Ask the person to describe what their job involves and what
objectives / targets do they need to achieve
 Ask specific, relevant questions
 Checks the facts and record your findings
 Thank auditee when audit is completed

I
Q
A Obtaining Information
 To be effective, auditors must ask the right question and in

the right manner; adjust to the level of the auditee
 The auditor should encourage a free flow of information

from auditee, but keep him on track

I
Q
A The Questioning Technique
Three types of Questions used:
1. Open Questions
 Allow the auditee to talk about the tasks he is doing or
involved in;
 Reflects the degree of awareness of the auditee
Typical questioning line:
“How does this …… ?”
“What is the purpose …… ?”
 Beware! The auditee might explain and talk too much.

I
Q
2. Probing Questions
 Usually used as a follow-up or “funneling question, to zero in
on auditor’s point of interest
 Designed to draw more information
 Used to test understanding and awareness of auditee
 “cornerstone” of effective auditing approach
e.g. “ could you please explain further re ….. ?

Always follow-up!

I
Q
3. Close Questions
 Used to find out specific information and establish specific
facts
“Have you completed the …… ?”
“Do you …… ?”
 Usually receives a “yes” or “no” responce
 Used sparingly
- Auditees might feel they are being interrogated!
- Does not allow more information to surface.

I
Q
A Basic Auditing Questions
If you did 5W’s and 1H , then Show Me!

Who did what, when, where, why?
How?
Can you “show me” the evidence.
(record or objective evidence)

I
Q
A
Effective Question Ineffective Questions
Direct question Tricky questions
Open / probing questions Leading questions
Clear, specific questions Ambiguous questions
Single question at a time Multiple questions at a time
RESULT: RESULT:
Adequate data and Inadequate data are
information are collected as collected. Might lead to
basis in forming confusion and inaccurate
conclusions. conclusions.

I
Q
A Good Auditor Communication Skills
 Communication is both verbal and non-verbal.

 Non-verbal communication involves :
-body language
-sound of speech
-style of speech
-facial expression
 It also involves LISTENING !

I
Q
A Class discussion:
1. Can you think of potential

barriers to effective
communication during the
audit.
2. As an auditor, can you think
of ways to overcome the
identified barriers to effective
communication
3. How can you improve your
listening skills?

I
Q
A Taking Notes:
 Use clipboard to allow convenient writing of
observation
 Do not impede the flow of audit (write fast,
ask accurately, listen attentively)
 Don’t write everything, just the important points
 Record :
-conformities, nonconformities, potential
nonconformities
-items to be followed up in succeeding audits
-good points in practices, procedures
-improvement opportunities; observations

I
Q
A Remember:
 Be fair – don’t nit-pick, which can lead to
confrontation
 Record the good points, along with
nonconformities
 Don’t argue with auditee; find a positive way
to resolve matters
 Don’t use interrogating tone
 Listen attentively; don’t monopolize
discussions
 Remain objective, calm and friendly

I
Exercise # 5
Q
A Conducting the Opening Meeting
1. Form 2 groups.
2. Group 1 – to act as auditees (Management Team)
Group 3 – to act as audit team.
3. Organized your respective groups.
4. Review the given scenario for the mock audit

Mock audit – 30 minutes

I
2.2 Reporting the Audit Findings:
Q
A The Audit Reporting Cycle
 Discuss and agree on Findings

 Record Findings
 Hold Closing Meeting
 Issue Audit Report
 Update Records
 Agree to undertake follow-up audit, if needed
 Carry out and record results of Follow-Up audit

I
Q
A What to report ?
 Good points or conformities
 Non-conformities (NC’s)
 Opportunities for improvement (OFI’s) or
audit observations

I
Q
A 2 Levels of Audit Reporting
1. Individual auditor to Auditee (concerned function)

 The auditor informs the concerned department
head (usually during the audit wrap-up) about the
audit results in his/her area; may include issuance
of an NC report.
2. Audit Team to Top Management

 The lead auditor informs Top Management about the
audit result either during a formal Closing Meeting,
through the completed Audit Report Summary, or
during the Management Review

I
Q
A Points in Reporting Audit Findings
 Discuss with auditee basis of findings

 Verify if auditee accepts findings (disagreement
may indicate weak basis for findings)
 Resolve problems, if any, through objective
discussions
 Record findings at first opportunity; keep notes on
relevant data (don’t rely on recollections)

I
Q
A 2 Types of Nonconformities
1. MINOR
 A failure to meet one requirement of a clause of ISO 9001
or other reference document, or a single lapse in following
the organization’s Quality Management System.
2. MAJOR
 The absence or the total breakdown of a System to meet
the requirements of a clause of ISO 9001 or other related
documents. A number of minor nonconformities against one
clauses can represent a total breakdown and thus be
considered as a major nonconformity

I
Q
A Class discussion:
Assess the following scenarios

whether a nonconformity exists.
1. The calibration report does
not specify traceability
2. No training record was
available.
3. The operator was not able to
recite the quality policy
4. The work instruction was not
posted at the production area

I
Exercise # 6
Q
A Writing a Nonconformity report
1. Form 3 groups.
2. Based on the scenarios to be specified by the tutor, write an
NC report or observation report and identify the specific
clause(s) of the standard.

See Annexes
Annexes

I
Q
A Opportunities for Improvement (OFI)
1. OFI’s that are Potential Nonconformities

 These are observations which, if not addressed
earl enough, or if just left to continue, may result in
a deviation against the QMS requirements and
potential NC (serves as early warning).
2. OFI’s that can result to Improvements

 These are observations which, if looked into more
closely and acted upon, can result in incremental
improvement to the QMS.

I
Q
A Audit Report Forms
1. For reporting the audit conclusions and a concise

summary of the audit findings
2. For reporting the OFI’s
3. For reporting the Nonconformity
 Please see Annex for the sample forms.

I
Q
A Contents of an NC Report Form
 Unique identification number
 Department or area audited
 Auditors name and signature
 Name of auditee
 Date of audit
 Description of nonconformity
 Nonconformity; major? Minor?
 ISO 9001:2008 clause number
 Auditee’s signature

I
Q
A Contents of an Audit Report Form
 Audit reference-year, quarter, etc.
 Organization’s particulars
 List of key managers / staff audited
 List of the audit team
 Overall conclusions
 Summary of findings
 Reference to NC reports
 Overall recommendation
 Auditee’s signature

I
Q
A The Closing Meeting
1. What to say during the closing meeting

 Refer to Closing Meeting Agenda
2. Who should attend the closing meeting
 Audit Team and Management Team audited
3. Who should manage by the Lead Auditor or Team
Leader
 Chaired and managed by the Lead Auditor or
Team Leader

I
Q
A Closing Meeting Agenda
 Thank the auditees for their time and cooperation
 Present a balanced summary; point out good points and
areas for improvement
 Report any nonconformity – invite the individual auditor
to report their respective findings
 Report the overall conclusions and recommendations
 Invite comments from auditees
 Resolve any inquiries, concerns
 Obtain consensus form auditees on nonconformity
reports (accepted?)

I
Q
A Closing Meeting Agenda
 Confirm completion of audit of designated areas or

functions
 Establish date of submissions to auditor of corrective
action
 Commend auditees for accomplishments
 Thank auditees for their cooperation
 Reiterate the sampling nature of the conducted
 Reiterate confidentiality

I
Exercise # 7
Q
A Conducting a Closing Meeting
1. Form 3 groups.
2. Based on the results of the previous exercises,
Group 1 will conduct a mock Closing Meeting
Group 2 – To act a Management Team (auditees)
Group 3 – To observe and evaluate the proceedings.
3. Group 3 will provide feedback to the class about its
observation.


I
2.3 Post Audit Activities:
Q
A What happens next!
 For the concluded audit:

- Agree on the corrective actions
- Agree on site follow-up audit, if necessary
- Compile the audit report and submit to Top Management
 Review the Audit Program
 Improve the Audit Program
 Prepare for the next audit

I
Q
A
Activity Responsibility Requirements
Corrective action (CA) Auditee Adequate to address
Proposal the detected NC and its
CA review and approval Auditor root causes
CA implementation Auditee
CA verification and NC Auditor Removes detected NC

close-out and prevents recurrence
of root causes
PA implementation on Auditee
reported OFI’s

I
Q
A Corrective / Preventive Action
 Auditee analyzes root cause of nonconformity
 Auditee defines the corrective or preventive action
 The auditee / manager defines the timescales
 Timescales must be realistic and timely
Corrective action – to prevent recurrence of

nonconformity and its causes
Preventive action – to prevent potential nonconformity
from occurring and its cause

I
Q
A Follow-up Actions
 Auditor verifies and evaluates corrective actions

upon submissions; approves, if OK
 Auditor records results of verification and evaluation
 Auditor escalates problems to senior manager, if

corrective action not completed

I
Q
A Post-Audits Actions
 Audit reports submitted for management review

 Reports include corrective / preventive actions,
Management representative’s assessment of QMS
effectiveness and efficiency, based on internal audit
results
 Continual improvement plans, based on internal audit
results

I
Conclusion and Final Note:
Q
A Challenge to Internal QMS Auditors
 Understanding ALL the requirements of ISO

9001:2008 Quality Management System standard
 Auditor competence, selection, preparation
 Audit planning
 Audit documentation

I
Q
A Indicator of a good Internal Audit
 QMS performs effectively as a real support to the

achievement of organizational performance
objectives, including customer satisfaction and
continual improvements
 Organizational and process improvements
 Strengthens team work across organization
 Enhances sense of purpose among process owners
 Stronger commitment to do the right thing

I
Q
A SPREAD THE WORD:
“If there are
deficiencies in our
system, it’s better for
the auditors to find
them rather than our
customers and
stakeholders.”

Thank you for your attention.

IQA Training 9001-2008

Uploaded by

Copyright:

Available Formats

IQA Training 9001-2008

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

IQA Training 9001-2008

Uploaded by

Copyright:

Available Formats

EFFECTIVE INTERNAL

Understand the principle of internal auditing;

 Plan and conduct effective and efficient internal audits

 Induce and guide continual improvements in their QMS

Effective Internal Auditing to ISO 9001:2008 2

Effective Internal Auditing to ISO 9001:2008 4

Effective Internal Auditing to ISO 9001:2008 5

Effective Internal Auditing to ISO 9001:2008 6

Internal QMS Audit is a tool

Effective Internal Auditing to ISO 9001:2008 7

 Inadequate review of the Quality Management System

Conclusions not reliable basis for Top Management to

Effective Internal Auditing to ISO 9001:2008 8

a way of finding fault with the individual

Effective Internal Auditing to ISO 9001:2008 9

Effective Internal Auditing to ISO 9001:2008 10

….to determine, by an unbiased means and through

Effective Internal Auditing to ISO 9001:2008 11

Effective Internal Auditing to ISO 9001:2008 12

Audit Criteria – Set of principles, procedures or requirements

Effective Internal Auditing to ISO 9001:2008 13

Audit Scope – extent and boundaries of an audit; generally

Effective Internal Auditing to ISO 9001:2008 14

Effective Internal Auditing to ISO 9001:2008 15

External Audit– conducted by any interested party (e.g. by

Effective Internal Auditing to ISO 9001:2008 16

Effective Internal Auditing to ISO 9001:2008 17

These are essential to auditing

Effective Internal Auditing to ISO 9001:2008 18

Effective Internal Auditing to ISO 9001:2008 19

Effective Internal Auditing to ISO 9001:2008 20

Effective Internal Auditing to ISO 9001:2008 21

 The audit evidence is based on available

 Appropriate use of sample related to the

Effective Internal Auditing to ISO 9001:2008 22

Effective Internal Auditing to ISO 9001:2008 23

Effective Internal Auditing to ISO 9001:2008 24

Effective Internal Auditing to ISO 9001:2008 25

Effective Internal Auditing to ISO 9001:2008 26

Effective Internal Auditing to ISO 9001:2008 27

Duration: Preparation – 30 minutes

Effective Internal Auditing to ISO 9001:2008 28

Note: Implementing the Audit Program is covered in detailed under

Effective Internal Auditing to ISO 9001:2008 29

Effective Internal Auditing to ISO 9001:2008 30

Effective Internal Auditing to ISO 9001:2008 31

An audit program shall be planned, taking into consideration the

Effective Internal Auditing to ISO 9001:2008 32

Effective Internal Auditing to ISO 9001:2008 33

Effective Internal Auditing to ISO 9001:2008 34

Effective Internal Auditing to ISO 9001:2008 35

 There can be one general procedure to cover the internal audit

Effective Internal Auditing to ISO 9001:2008 36

Auditor training Ensure auditor

Prepare audit report

Effective Internal Auditing to ISO 9001:2008 37

 Important things to consider

Effective Internal Auditing to ISO 9001:2008 38

 Consider the following criteria:

Effective Internal Auditing to ISO 9001:2008 39