for all organizationsQMS-Internal-Audit-1-Day-Trainng.ppt
MelkamuTesfayeYakob
137 views
104 slides
Jul 16, 2024
Slide 1 of 104
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
About This Presentation
Awareness creation
Slide Content
Presented by:
Jayzer L. Aquino
1
Jayzer L. Aquino
1
Welcome Participants!
House Rules:
-Mobile phones in silent mode
-Participants are encouraged to interact
-Feel free to ask questions relevant to the topic/ may interrupt the
speaker so we could immediately address the questions.
House Rules:
-Mobile phones in silent mode
-Participants are encouraged to interact
-Feel free to ask questions relevant to the topic/ may interrupt the
speaker so we could immediately address the questions.
Management System Internal Audit
Training 3
1.To know the basic principles and activities in conducting
Internal Audit.
2.To know how to audit the ISO 9001 & 14001:2015
requirements by using the principle of PDCA (Plan-Do-
Check-Act) and IPO (Input-Process-Output), Risk-Based
Thinking (QMS) and Life Cycle perspective (EMS)
3.Reference to the ISO 19011:2011 –employ the knowledge
and skills in conducting IA into your organization.
4.To appropriately report the audit findings –Good Practices,
Opportunities for Improvement and Nonconformities
Training 3
1.To know the basic principles and activities in conducting
Internal Audit.
2.To know how to audit the ISO 9001 & 14001:2015
requirements by using the principle of PDCA (Plan-Do-
Check-Act) and IPO (Input-Process-Output), Risk-Based
Thinking (QMS) and Life Cycle perspective (EMS)
3.Reference to the ISO 19011:2011 –employ the knowledge
and skills in conducting IA into your organization.
4.To appropriately report the audit findings –Good Practices,
Opportunities for Improvement and Nonconformities
PREREQUISITE/ Course Requirements
•Knowledge of ISO 9001/14001:2015 basic requirements
•Engaged in the implementation of QEMS
PURPOSE
•To check the conformity of the organization to the
requirements of the ISO 9001/14001
•To contribute for Continual Improvement of the
organization
•Knowledge of ISO 9001/14001:2015 basic requirements
•Engaged in the implementation of QEMS
PURPOSE
•To check the conformity of the organization to the
requirements of the ISO 9001/14001
•To contribute for Continual Improvement of the
organization
POST TRAINING ACTIVITIES
•All trainees need to be engaged in the next audit
•Trainees need to further read the ISO 9001/14001:2015
and ISO 19011:2011 standards
•All trainees need to be engaged in the next audit
•Trainees need to further read the ISO 9001/14001:2015
and ISO 19011:2011 standards
C o n t e n t s
Introduction to the Audit
Audit Principles
Overview of the ISO 9001/14001:2015 standards
The Audit Process
Workshops (Process Approach Audit) / PDCA / IPO /
Exercise / Role Play
Workshop on How to Write Audit Findings
Introduction to the Audit
Audit Principles
Overview of the ISO 9001/14001:2015 standards
The Audit Process
Workshops (Process Approach Audit) / PDCA / IPO /
Exercise / Role Play
Workshop on How to Write Audit Findings
Course References
ISO 9000 : 2015
QMS -Fundamentals and vocabulary
ISO 9001 : 2015
QMS -Requirements
ISO 14001:2015
EMS –Requirements
ISO 19011: Guidelines of Auditing
ISO 9000 : 2015
QMS -Fundamentals and vocabulary
ISO 9001 : 2015
QMS -Requirements
ISO 14001:2015
EMS –Requirements
ISO 19011: Guidelines of Auditing
8
ISO 9001:2015 and ISO
14001:2015 Overview
ISO 9001:2015 and ISO
14001:2015 Overview
1.Scope
2.Normative references
3.Terms and definitions
4.Context of the organisation
5.Leadership
6.Planning for the quality
management system
7.Support
8.Operation
9.Performance evaluation
10.Improvement
9
2.Normative references
3.Terms and definitions
4.Context of the organisation
5.Leadership
6.Planning for the quality
management system
7.Support
8.Operation
9.Performance evaluation
10.Improvement
9
P-D-C-A Methodology applied by ISO
“Plan-Do-Check-Act” (PDCA)
Plan: establish the objectives and processes necessary to deliver
results in accordance with customer requirements and the
organization's policies.
Do: implementthe processes.
Check: monitorand measureprocesses and service against
policies, objectives and requirements for the service and report the
results.
Act: take actions to continually improve process performance.
10
“Plan-Do-Check-Act” (PDCA)
Plan: establish the objectives and processes necessary to deliver
results in accordance with customer requirements and the
organization's policies.
Do: implementthe processes.
Check: monitorand measureprocesses and service against
policies, objectives and requirements for the service and report the
results.
Act: take actions to continually improve process performance.
10
12.07.2015
11
(Source: ISO/ 9001:2015)
11
(Source: ISO/ 9001:2015)
The standard follows the Plan –Do –Check –Act cycle i.e.
DO
Develop and Implement the
Management Structure and
Control Mechanisms necessary
to eliminate and reduce the
QEMS Issues
CHECK
The effectiveness of the
Planning and Action stages
against established criteria for
performance and, as
necessary, take action against
weaknesses to improve the
management and control
measures involved
PLAN
The approach to
Management of QEMS
Issues now and in the
future
ACT
Demonstrate and operate Top
Management commitment by
initiating continual
improvement against actual
and potential areas of need
DO
Develop and Implement the
Management Structure and
Control Mechanisms necessary
to eliminate and reduce the
QEMS Issues
CHECK
The effectiveness of the
Planning and Action stages
against established criteria for
performance and, as
necessary, take action against
weaknesses to improve the
management and control
measures involved
PLAN
The approach to
Management of QEMS
Issues now and in the
future
ACT
Demonstrate and operate Top
Management commitment by
initiating continual
improvement against actual
and potential areas of need
13
AUDIT –
Its Principles and Process
AUDIT –
Its Principles and Process
AUDIT
The word audit is derived from a Latin word
"audire" which means "to hear".During the
medieval times when manual book-keeping was
prevalent, auditors in Britain used to hear the
accounts read out for them and checked that the
organization's personnel were not negligent or
fraudulent
Source: Wikepedia
The word audit is derived from a Latin word
"audire" which means "to hear".During the
medieval times when manual book-keeping was
prevalent, auditors in Britain used to hear the
accounts read out for them and checked that the
organization's personnel were not negligent or
fraudulent
Source: Wikepedia
AUDIT
-A systematic, independentand documented
processfor obtaining audit evidenceand
evaluating it objectively to determinethe
extent to which audit criteria are fulfilled.
Management System Internal Audit
Training 16
processfor obtaining audit evidenceand
evaluating it objectively to determinethe
extent to which audit criteria are fulfilled.
Management System Internal Audit
Training 16
17
-Systematic -Planned, Process approach,
organized
-Independent –Auditors cannot audit their own
work
-Documented–audit findings /evidences are
recorded
-Objective Evaluation –audit findings are clear,
information is confirmed and validated
-Systematic -Planned, Process approach,
organized
-Independent –Auditors cannot audit their own
work
-Documented–audit findings /evidences are
recorded
-Objective Evaluation –audit findings are clear,
information is confirmed and validated
18
Identification of
Nonconformity
Analysis of
present system
Root Cause
Analysis
Selection of best
alternative
solutions
Self-Evaluation
and Future Plan
Standardization
Evaluation of
Result
Solution
Implementation
Plan
Do
Check
Act
Identification of
Nonconformity
Analysis of
present system
Root Cause
Analysis
Selection of best
alternative
solutions
Self-Evaluation
and Future Plan
Standardization
Evaluation of
Result
Solution
Implementation
Plan
Do
Check
Act
ISO 9001/14001:2015
Clause: 9.2.1 Internal audit
The organization shall conduct internal audits at
planned intervals to provide information on whether
the environmental management system:
a) conforms to:
1) the organization’s own requirements for its
environmental management system;
2) the requirements of this International
b) is effectively implemented and maintained.
Clause: 9.2.1 Internal audit
The organization shall conduct internal audits at
planned intervals to provide information on whether
the environmental management system:
a) conforms to:
1) the organization’s own requirements for its
environmental management system;
2) the requirements of this International
b) is effectively implemented and maintained.
Ethical conduct-
◦the foundation of professionalism
Fair presentation-
◦the obligation to report truthfully and accurately
Due professional care-
◦application of diligence and judgment in auditing
Independence-
◦the basis for the impartiality of the audit and objectivity of the
audit conclusions
Evidence based approach-
◦the rational method of reaching reliable and reproducible
audit conclusions in a systematic audit process
Management System Internal Audit
Training 20
◦the foundation of professionalism
Fair presentation-
◦the obligation to report truthfully and accurately
Due professional care-
◦application of diligence and judgment in auditing
Independence-
◦the basis for the impartiality of the audit and objectivity of the
audit conclusions
Evidence based approach-
◦the rational method of reaching reliable and reproducible
audit conclusions in a systematic audit process
Management System Internal Audit
Training 20
Key Definition of Terms in Auditing:
Audit criteria-set of policies, procedures or
requirements used as a reference against which
audit evidenceis compared
Note: If audit criteria are legal requirements –
the term “compliant”/non-compliant is used
Audit evidence–records, statements of fact or
other information which are relevant to the
audit criteria and verifiable
Note: Audit evidence can be qualitative or
quantitative.
Audit criteria-set of policies, procedures or
requirements used as a reference against which
audit evidenceis compared
Note: If audit criteria are legal requirements –
the term “compliant”/non-compliant is used
Audit evidence–records, statements of fact or
other information which are relevant to the
audit criteria and verifiable
Note: Audit evidence can be qualitative or
quantitative.
Audit findings –results of the evaluation of the
collected audit evidence against audit criteria
Note 1Audit findings indicate conformity or
nonconformity.
Note 2Audit findings can lead to the
identification of opportunities for improvement or
recording good practices.
Note 3 If the audit criteria are selected from legal or
other requirements, the audit finding is termed
compliance or non-compliance.
collected audit evidence against audit criteria
Note 1Audit findings indicate conformity or
nonconformity.
Note 2Audit findings can lead to the
identification of opportunities for improvement or
recording good practices.
Note 3 If the audit criteria are selected from legal or
other requirements, the audit finding is termed
compliance or non-compliance.
Audit conclusion –outcome of an audit, after
consideration of the audit objectives and all audit
findings
Auditee–organization being audited
Auditor –person who conducts an audit
Audit team–one or more auditors conducting an
audit, supported if needed by technical experts
Technical expert–person who provides specific
knowledge or expertise to the audit
consideration of the audit objectives and all audit
findings
Auditee–organization being audited
Auditor –person who conducts an audit
Audit team–one or more auditors conducting an
audit, supported if needed by technical experts
Technical expert–person who provides specific
knowledge or expertise to the audit
Observer–person who accompanies the audit
team but does not audit
Audit programme-arrangements for a set of
one or more audits planned for a specific time
frame and directed towards a specific purpose
Audit scope -extent and boundaries of an
audit
Note: The audit scope generally includes a description of the
physical locations, organizational units, activities and
processes, as well as the time period covered.
team but does not audit
Audit programme-arrangements for a set of
one or more audits planned for a specific time
frame and directed towards a specific purpose
Audit scope -extent and boundaries of an
audit
Note: The audit scope generally includes a description of the
physical locations, organizational units, activities and
processes, as well as the time period covered.
Audit plan–description of the activities and
arrangements for an audit
Conformity –fulfillment of a requirement
Management system–system to establish
policy and objectives and to achieve those
objectives
arrangements for an audit
Conformity –fulfillment of a requirement
Management system–system to establish
policy and objectives and to achieve those
objectives
26
Principles of Auditing
& Purpose
Principles of Auditing
& Purpose
SIX PRINCIPLES OF AUDITING:
-Help to make the audit an effective tool –for
improvement of QMS
-As guidance to the auditors to reach clear
audit conclusions with objectivity
1. Integrity
2. Fair Presentation
3. Due Professional Care
4. Confidentiality
5. Independence
6. Evidence-based Approach
-Help to make the audit an effective tool –for
improvement of QMS
-As guidance to the auditors to reach clear
audit conclusions with objectivity
1. Integrity
2. Fair Presentation
3. Due Professional Care
4. Confidentiality
5. Independence
6. Evidence-based Approach
AUDIT PLAYERS
Client
-party requesting the audit
Auditor
-conducting the audit /collects evidence and
findings
Auditee
-recipient of audit (entity/person)
Client
-party requesting the audit
Auditor
-conducting the audit /collects evidence and
findings
Auditee
-recipient of audit (entity/person)
First Party
-internal audit –own system
Second Party
-audit done by the organization to its external
(supplier/service) provider
Third Party
-audit done by an independent party of both
organization & supplier
TYPES OF AUDIT
-internal audit –own system
Second Party
-audit done by the organization to its external
(supplier/service) provider
Third Party
-audit done by an independent party of both
organization & supplier
TYPES OF AUDIT
“Plan-Do-Check-Act” (PDCA)
Plan: establish the objectives and processes necessary to deliver
results in accordance with customer requirements and the
organization's policies.
Do: implementthe processes.
Check: monitorand measureprocesses and service against
policies, objectives and requirements for the service and report the
results.
Act: take actions to continually improve process performance.
30
Plan: establish the objectives and processes necessary to deliver
results in accordance with customer requirements and the
organization's policies.
Do: implementthe processes.
Check: monitorand measureprocesses and service against
policies, objectives and requirements for the service and report the
results.
Act: take actions to continually improve process performance.
30
Action
(5.3) Establishing the
AUDIT PROGRAMME
(5.6)
Reviewing & Improving
the Audit Programme
(5.4) Implementing the
Audit Programme:
-Competence & Evaluation of Auditors
-Performing the Audit
(5.5) Monitoring the
Audit Programme
PDCA Cycle –Internal Audit Application
31
Check
Plan
Do
(5.3) Establishing the
AUDIT PROGRAMME
(5.6)
Reviewing & Improving
the Audit Programme
(5.4) Implementing the
Audit Programme:
-Competence & Evaluation of Auditors
-Performing the Audit
(5.5) Monitoring the
Audit Programme
PDCA Cycle –Internal Audit Application
31
Check
Plan
Do
32
33
Audit Criteria
-set of policies,
-procedures or
-requirementsused as a reference against which audit evidence is compared
•Conformity Assessment
ISO Standard, i.e. ISO 9001/14001
•Compliance Audit
Statutory and Regulatory
•Contractual Agreements
Others
Audit Criteria
-set of policies,
-procedures or
-requirementsused as a reference against which audit evidence is compared
•Conformity Assessment
ISO Standard, i.e. ISO 9001/14001
•Compliance Audit
Statutory and Regulatory
•Contractual Agreements
Others
34
Verify the implementation of –How?
Through a SYSTEMATIC PROCESS -APPROACH AUDIT
Verify the implementation of –How?
Through a SYSTEMATIC PROCESS -APPROACH AUDIT
35
PRODUCT AUDIT –concentrates on the outcome –final
product/service (as received by the customer/interested
parties)
PROCESS AUDIT –focus on processes (both core and
support process) –Ref. to SIPOR (Source –Inputs –
Process –Outputs –Receiver)
*** RISK-BASED / LIFE CYCLE PERSPECTIVE AUDIT –
Based on the priorities/impacts of risk as identified in the
organization
PRODUCT AUDIT –concentrates on the outcome –final
product/service (as received by the customer/interested
parties)
PROCESS AUDIT –focus on processes (both core and
support process) –Ref. to SIPOR (Source –Inputs –
Process –Outputs –Receiver)
*** RISK-BASED / LIFE CYCLE PERSPECTIVE AUDIT –
Based on the priorities/impacts of risk as identified in the
organization
36
VERTICAL Audit
-An in depth look at a specific department/section and verify
the implementation of the step by step procedures
-Common practice in Internal audit
HORIZONTAL Audit
-Focus on the inter-related processes /
interfaces
-Commonly used in 3
rd
party audit
VERTICAL Audit
-An in depth look at a specific department/section and verify
the implementation of the step by step procedures
-Common practice in Internal audit
HORIZONTAL Audit
-Focus on the inter-related processes /
interfaces
-Commonly used in 3
rd
party audit
37
38
IMPROVEMENT requirements of ISO
9001/14001:2015, clause 8.5
IMPROVEMENT requirements of ISO
9001/14001:2015, clause 8.5
39
Regardless of the nature / type of audit
findings…(including Non-conformance)
All are intended for CONTINUAL
IMPROVEMENT of “”
Regardless of the nature / type of audit
findings…(including Non-conformance)
All are intended for CONTINUAL
IMPROVEMENT of “”
*Short Introduction {formal or informal}
* Perform Audit
-Examination/ interview of staff, inspection of
documents, observation of activities and conditions
of the area concerned.
* Conclusion of deviation/ observation of the Auditor
* Wrap-up meeting, confirmation of deviation
* Preparation of audit summary/ rating system
* Maintenance of Audit
PERFORMING
FIRST PARTY AUDITS
* Perform Audit
-Examination/ interview of staff, inspection of
documents, observation of activities and conditions
of the area concerned.
* Conclusion of deviation/ observation of the Auditor
* Wrap-up meeting, confirmation of deviation
* Preparation of audit summary/ rating system
* Maintenance of Audit
PERFORMING
FIRST PARTY AUDITS
1] Initiating the audit
2] Conducting document review
3] Preparing for the on-site audit activities
4] Conducting on-site audit activities
5] Preparing, approving and distributing the
audit report
6] Completing the audit
7] Conducting audit follow-up
Guidelines for Auditing
ISO 19011
2] Conducting document review
3] Preparing for the on-site audit activities
4] Conducting on-site audit activities
5] Preparing, approving and distributing the
audit report
6] Completing the audit
7] Conducting audit follow-up
Guidelines for Auditing
ISO 19011
Guidelines for Auditing
ISO 19011:
7. Conducting audit follow-up
The conclusions of the audit may indicate the
need for correction, corrective, preventive or
improvement actions
Such actions are usually decided and undertaken
by the auditee within an agreed timeframe and
are not considered to be part of the audit.
ISO 19011:
7. Conducting audit follow-up
The conclusions of the audit may indicate the
need for correction, corrective, preventive or
improvement actions
Such actions are usually decided and undertaken
by the auditee within an agreed timeframe and
are not considered to be part of the audit.
Quality Management System Internal
Audit Training 46
FOUR METHODS OF OBTAINING INFORMATION:
1.Observation-if auditee’s work matches with the
procedure
2.Asking question-if auditee knows what he is doing
3.Verifying records kept-completeness of record
maintained
4.Selecting records-examination of records
Implementation Phase
Audit Training 46
FOUR METHODS OF OBTAINING INFORMATION:
1.Observation-if auditee’s work matches with the
procedure
2.Asking question-if auditee knows what he is doing
3.Verifying records kept-completeness of record
maintained
4.Selecting records-examination of records
Implementation Phase
Quality Management System Internal
Audit Training 47
oOBTAINING INFORMATION:
is the center of audit process,
An effective auditor must ask the right question
and behave in a manner which encourages the
flow of information.
Implementation Phase
Audit Training 47
oOBTAINING INFORMATION:
is the center of audit process,
An effective auditor must ask the right question
and behave in a manner which encourages the
flow of information.
Implementation Phase
48
Audit methods are dependent on the defined audit
objectives, scope, criteria, as well as the duration of audit in
the area.
1.Desktop Audit / Document audit
2.Sampling approach on documented information (no
specific rule in sampling)
3.Interview of auditees
4.Process approach
Audit methods are dependent on the defined audit
objectives, scope, criteria, as well as the duration of audit in
the area.
1.Desktop Audit / Document audit
2.Sampling approach on documented information (no
specific rule in sampling)
3.Interview of auditees
4.Process approach
49
Audit Trail can be TRACED in one of combination of the
following:
-Traced forward
Follow the chronological progress of the process
-Traced backward
Auditor audits the final product then re-trace it backwards
to preceding process
-Random Selection
The auditor selects the any point in the process path then
makes use of flowchart
Audit Trail can be TRACED in one of combination of the
following:
-Traced forward
Follow the chronological progress of the process
-Traced backward
Auditor audits the final product then re-trace it backwards
to preceding process
-Random Selection
The auditor selects the any point in the process path then
makes use of flowchart
50
Question
Observe Check
Ask what they do
What the
audit criteria
(requirement
s) says they
should do
See what they
actually do
Question
Observe Check
Ask what they do
What the
audit criteria
(requirement
s) says they
should do
See what they
actually do
51
What key things to look for and where?
•Task -work procedures, efficiency, productivity
•Objectives / Targets, e.g. KRAs,
•People –training, skills, competence
•Equipment / Work Environment
-maintenance, identification, capability, condition
•Documented Information
-identification, issue, content, adequateness, and distribution
-Retention, archiving, preservation, legibility, accessibility
What key things to look for and where?
•Task -work procedures, efficiency, productivity
•Objectives / Targets, e.g. KRAs,
•People –training, skills, competence
•Equipment / Work Environment
-maintenance, identification, capability, condition
•Documented Information
-identification, issue, content, adequateness, and distribution
-Retention, archiving, preservation, legibility, accessibility
52
THREE TYPES OF QUESTIONING
TECHNIQUES
Open Question
Probing Question
Closed Question
QUESTIONING TECHNIQUE
THREE TYPES OF QUESTIONING
TECHNIQUES
Open Question
Probing Question
Closed Question
QUESTIONING TECHNIQUE
53
OPEN QUESTION
is useful for starting an audit, allows the
auditee to give general explanation,
e.g “what is the context /
“what are the identified risks…..?
“What are the processes ….?
QUESTIONING TECHNIQUE
OPEN QUESTION
is useful for starting an audit, allows the
auditee to give general explanation,
e.g “what is the context /
“what are the identified risks…..?
“What are the processes ….?
QUESTIONING TECHNIQUE
54
PROBING QUESTIONS
-Digging deeper on the area /process
“ Can you explain the…?
“How do you determine the context /
risks….?
QUESTIONING TECHNIQUE
PROBING QUESTIONS
-Digging deeper on the area /process
“ Can you explain the…?
“How do you determine the context /
risks….?
QUESTIONING TECHNIQUE
55
CLOSED QUESTIONS
-Answerable by Yes or No.
“Do you have a documented information related
to…?”
“ Do you have job description…?”
QUESTIONING TECHNIQUE
CLOSED QUESTIONS
-Answerable by Yes or No.
“Do you have a documented information related
to…?”
“ Do you have job description…?”
QUESTIONING TECHNIQUE
56
•Verification of effectiveness of corrective action
taken.
•Clear NCR-if nonconformity has been corrected.
•Follow-up shall be done within specified time.
•Assigned auditor will make the follow-up audit.
Follow-up Phase
•Verification of effectiveness of corrective action
taken.
•Clear NCR-if nonconformity has been corrected.
•Follow-up shall be done within specified time.
•Assigned auditor will make the follow-up audit.
Follow-up Phase
57
Corrective and preventive action
1.The auditor is only responsible for identifying the
nonconformity.
2.The auditee is responsible for correcting
nonconformance.
3.Corrective action (s) should be implemented within the
time period agreed on during the closing meeting.
4.An action plan should be submitted to the management
representative and/or the team leader by the concerned
auditee.
Follow-up Phase
Corrective and preventive action
1.The auditor is only responsible for identifying the
nonconformity.
2.The auditee is responsible for correcting
nonconformance.
3.Corrective action (s) should be implemented within the
time period agreed on during the closing meeting.
4.An action plan should be submitted to the management
representative and/or the team leader by the concerned
auditee.
Follow-up Phase
58
Corrective and preventive action
5. Follow-up shall be made as per agreed time table
of corrective action.
6. Corrective and preventive shall be reviewed and
approved prior to implementation.
7. Corrective action shall be verified according to the
documented procedure.
Follow-up Phase
Corrective and preventive action
5. Follow-up shall be made as per agreed time table
of corrective action.
6. Corrective and preventive shall be reviewed and
approved prior to implementation.
7. Corrective action shall be verified according to the
documented procedure.
Follow-up Phase
Types of Audit findings
1. Good Points / Best Practices
2. Observation / Opportunities for Improvement
3. Potential NCs
4. Non-Conformance
Note: Classification of Audit findings / classifications may vary
in the organization
1. Good Points / Best Practices
2. Observation / Opportunities for Improvement
3. Potential NCs
4. Non-Conformance
Note: Classification of Audit findings / classifications may vary
in the organization
Basic Audit Questions
a) Are the processes identified & established?
b) Are the processes effective in providing the
required results?
c) Are the processes approximately describe in
procedures?
d) Are the interactions between processes defined,
controlled, and managed?
a) Are the processes identified & established?
b) Are the processes effective in providing the
required results?
c) Are the processes approximately describe in
procedures?
d) Are the interactions between processes defined,
controlled, and managed?
Quality of documentation
•identify the purpose of process
•identify the inputs
•identify the intended outputs
•establish the flow / sequence of activities
•Identify resources used
•identify what controls are in place ( procedure, instructions,
specifications, etc.)
•identify what planned monitoring arrangements are required
•identify the purpose of process
•identify the inputs
•identify the intended outputs
•establish the flow / sequence of activities
•Identify resources used
•identify what controls are in place ( procedure, instructions,
specifications, etc.)
•identify what planned monitoring arrangements are required
POINTSTOCONSIDERINTHECONDUCTOFAUDIT/
FINDINGS:
Evidenceofauditshallbecollectedthroughtheinterviews,
examinationofdocuments,observationofactivitiesandconditionof
theareabeingaudited.
1.Attheend,wewillcallforawrap-upmeetingtofinalize
thefindings.Wemaysometimesgiverecommendationsforsuch.
2.Auditissamplingandthereforefurtherdeviationsnot
detectedduringtheauditmayexist.Thefindingsandconclusionsof
theAuditorsdonotreleasethecompanyfromitsresponsibilityto
ensurecompliancewithandconstantobservanceoftherequirements
ofthestandards.
FINDINGS:
Evidenceofauditshallbecollectedthroughtheinterviews,
examinationofdocuments,observationofactivitiesandconditionof
theareabeingaudited.
1.Attheend,wewillcallforawrap-upmeetingtofinalize
thefindings.Wemaysometimesgiverecommendationsforsuch.
2.Auditissamplingandthereforefurtherdeviationsnot
detectedduringtheauditmayexist.Thefindingsandconclusionsof
theAuditorsdonotreleasethecompanyfromitsresponsibilityto
ensurecompliancewithandconstantobservanceoftherequirements
ofthestandards.
3.Audit Report need to be finalized as soon as possible.
4.Ifwefindadeviation,weshallexpectforacorrectiveactiontobe
setatagivenperiodoftime,whichmaybecompletedonorbefore
thatgiventimeorcanbeextendedto.
5.Conductfollow-upAudittoclosesuchissues.
4.Ifwefindadeviation,weshallexpectforacorrectiveactiontobe
setatagivenperiodoftime,whichmaybecompletedonorbefore
thatgiventimeorcanbeextendedto.
5.Conductfollow-upAudittoclosesuchissues.
AUDIT
Reasons for writing down all audit observations:
* To avoid misunderstanding
* To avoid omissions
* To assert how the process is demonstrated
* To sustain clarity
DOCUMENTATION
OF AUDITS
Reasons for writing down all audit observations:
* To avoid misunderstanding
* To avoid omissions
* To assert how the process is demonstrated
* To sustain clarity
DOCUMENTATION
OF AUDITS
1. Auditee -QMS & EMS Documentation
2. International Standards, e.g. ISO 9001/14001:2015
3. Audit Plan
4. Audit Notes / Audit Checklist (optional)
5. Deviation Report(s) / CAR / PAR
6. Audit Summary Report (optional)
RELATED DOCUMENTS
FOR AUDIT
2. International Standards, e.g. ISO 9001/14001:2015
3. Audit Plan
4. Audit Notes / Audit Checklist (optional)
5. Deviation Report(s) / CAR / PAR
6. Audit Summary Report (optional)
RELATED DOCUMENTS
FOR AUDIT
ROLES & RESPONSIBILITIES
*LEAD AUDITORS
-Overall in-charge of audit
-Represent audit team to auditee
management
*AUDITORS
-Cooperate and support the lead auditor
REQUIREMENTS
FOR AUDITORS
*LEAD AUDITORS
-Overall in-charge of audit
-Represent audit team to auditee
management
*AUDITORS
-Cooperate and support the lead auditor
REQUIREMENTS
FOR AUDITORS
AUDITOR’S
Qualification
CandidatesforAuditorshouldhavecompletedatleast
ISO9001&14001:2015IQATraining,passtheexam,
andevaluation
Candidatesshouldhavedemonstratedcompetencein
clearandfluentexpressionofconceptsandideas-
orallyandinwriting
Qualification
CandidatesforAuditorshouldhavecompletedatleast
ISO9001&14001:2015IQATraining,passtheexam,
andevaluation
Candidatesshouldhavedemonstratedcompetencein
clearandfluentexpressionofconceptsandideas-
orallyandinwriting
AUDITOR’S TRAINING
*Knowledgeandunderstandingofthestandardsagainstwhich
QMS&EMSauditswillbeperformed.
*Assessmenttechniquesonexamining,questioning,evaluating
andreporting.
*Additionalskillsrequiredformanaginganaudit,suchas
planning,organizing,communicatinganddirecting.
{Reference:(ISO19011)}
*Knowledgeandunderstandingofthestandardsagainstwhich
QMS&EMSauditswillbeperformed.
*Assessmenttechniquesonexamining,questioning,evaluating
andreporting.
*Additionalskillsrequiredformanaginganaudit,suchas
planning,organizing,communicatinganddirecting.
{Reference:(ISO19011)}
ATTRIBUTES OF A GOOD
AUDITOR
1. Objective
-mustbaseobservationfromfacts
2.Steadfast
-mustachieveauditobjectivesfairly
3.Polite
-foreveryone’sconcern:anAuditorisaguestoravisitor
4.Professional
-reportfindingsexactlyastheyarefoundwithout
fearorfavor
AUDITOR
1. Objective
-mustbaseobservationfromfacts
2.Steadfast
-mustachieveauditobjectivesfairly
3.Polite
-foreveryone’sconcern:anAuditorisaguestoravisitor
4.Professional
-reportfindingsexactlyastheyarefoundwithout
fearorfavor
5. Progressive
-technologychangesconstantly,soauditorsmustbe
keptabreastwithsuchdevelopments
6.Precisebutpractical
-bearinmindthatyouareworkingwithhuman
beingsanditisanaturalstatenottobeperfect
7.Punctual
-sticktotheplanandbeontime
ATTRIBUTES OF A GOOD
AUDITOR
-technologychangesconstantly,soauditorsmustbe
keptabreastwithsuchdevelopments
6.Precisebutpractical
-bearinmindthatyouareworkingwithhuman
beingsanditisanaturalstatenottobeperfect
7.Punctual
-sticktotheplanandbeontime
ATTRIBUTES OF A GOOD
AUDITOR
ATTRIBUTES OF A GOOD
AUDITOR
8. Principled
-becompletelyopenaboutconcerns;handlethe
confidentialinformationappropriately,thus,keepingtrustintact
9.Optimistic
-auditor’staskshouldnotberegardedasanegative
undertakingthatauditcouldbecomeasearchfor
failure;insteadshouldbeviewedasanopportunityfor
improvement
AUDITOR
8. Principled
-becompletelyopenaboutconcerns;handlethe
confidentialinformationappropriately,thus,keepingtrustintact
9.Optimistic
-auditor’staskshouldnotberegardedasanegative
undertakingthatauditcouldbecomeasearchfor
failure;insteadshouldbeviewedasanopportunityfor
improvement
10.Practical
-treateachthingfromapracticalpointofviewthat
auditisnotawasteoftimeandmoney
11.Prepared
-timespentinplanningandpreparationofaudit
shouldbeworthwhile
ATTRIBUTES OF A GOOD
AUDITOR
-treateachthingfromapracticalpointofviewthat
auditisnotawasteoftimeandmoney
11.Prepared
-timespentinplanningandpreparationofaudit
shouldbeworthwhile
ATTRIBUTES OF A GOOD
AUDITOR
REASON FOR APPLYING THE
AUDITOR’S PERSONAL ATTRIBUTES
Toobtainandassessobjectiveevidencefairly.
Toremaintruetothepurposeoftheauditwithoutfearorfavour.
Toevaluateconstantlytheeffectofauditobservations.
Totreatconcernedpersonnelinawaythatwillbestachievetheaudit
purpose.
Toreactwithsensitivitytothenationalconventions.
Toperformtheauditprocesswithoutdeviatingduetodestruction.
Tocommitfullattentionandsupporttoauditprocess.
Toreacteffectivelyinstressfulsituations.
Toarriveatgenerallyacceptableconclusionsbasedonaudit
observations.
Toremaintruetoaconclusiondespitepressuretochangethatisnot
basedonevidence.
(ISO19011)
AUDITOR’S PERSONAL ATTRIBUTES
Toobtainandassessobjectiveevidencefairly.
Toremaintruetothepurposeoftheauditwithoutfearorfavour.
Toevaluateconstantlytheeffectofauditobservations.
Totreatconcernedpersonnelinawaythatwillbestachievetheaudit
purpose.
Toreactwithsensitivitytothenationalconventions.
Toperformtheauditprocesswithoutdeviatingduetodestruction.
Tocommitfullattentionandsupporttoauditprocess.
Toreacteffectivelyinstressfulsituations.
Toarriveatgenerallyacceptableconclusionsbasedonaudit
observations.
Toremaintruetoaconclusiondespitepressuretochangethatisnot
basedonevidence.
(ISO19011)
FOUNDATION
OF TRUST FOR AN AUDITOR
1.0 Has an Improved Communication
1.1 Know thyself
1.2 Listen more than talking (75% listening)
1.3 Paraphrase to clear ideas
2.0Must be Prepared
2.1 Know the procedure
2.3 Choose a convenient audit time
3.0Must be Empathic
3.1 Be genuine and enthusiastic
3.2 Be sensible
3.3 Maintain eye contact
3.4 Exercise good humor
3.5 Boost morale
OF TRUST FOR AN AUDITOR
1.0 Has an Improved Communication
1.1 Know thyself
1.2 Listen more than talking (75% listening)
1.3 Paraphrase to clear ideas
2.0Must be Prepared
2.1 Know the procedure
2.3 Choose a convenient audit time
3.0Must be Empathic
3.1 Be genuine and enthusiastic
3.2 Be sensible
3.3 Maintain eye contact
3.4 Exercise good humor
3.5 Boost morale
4.0 Has an Objective Criteria
4.1 Agree on a standard to be followed
5.0Focus on problem, not on people
5.1 Refrain from blaming others
6.0Consult before deciding
6.1 Understand views before considering deviation
7.0Agree or disagree if necessary
7.1 Refrain from inevitable argument
7.2 Elevate unresolved issue
8.0 Build a working relationship
8.1 No to conventional audit, instead give recommendations
8.2 Understand the auditee’s limitations
8.3 Consider common courtesy; “thanks”, etc.
FOUNDATION
OF TRUST FOR AN AUDITOR
4.1 Agree on a standard to be followed
5.0Focus on problem, not on people
5.1 Refrain from blaming others
6.0Consult before deciding
6.1 Understand views before considering deviation
7.0Agree or disagree if necessary
7.1 Refrain from inevitable argument
7.2 Elevate unresolved issue
8.0 Build a working relationship
8.1 No to conventional audit, instead give recommendations
8.2 Understand the auditee’s limitations
8.3 Consider common courtesy; “thanks”, etc.
FOUNDATION
OF TRUST FOR AN AUDITOR
Internal Auditor’s Note:
1) Analyze data, don’t just accept, show where to improve solve
problem, identify risk
2) An auditor decision must be more substantive and value added
3) Increase competence of auditors like educating them to other
related trainings
4) Cannot audit if process was not fully understood. Team skill is a
mandate including understanding of legislative and how transfer of
information are made.
5) Audit is lots of analyzing, evaluating, asking complete objective
evidence and verification, so do 3rd party.
1) Analyze data, don’t just accept, show where to improve solve
problem, identify risk
2) An auditor decision must be more substantive and value added
3) Increase competence of auditors like educating them to other
related trainings
4) Cannot audit if process was not fully understood. Team skill is a
mandate including understanding of legislative and how transfer of
information are made.
5) Audit is lots of analyzing, evaluating, asking complete objective
evidence and verification, so do 3rd party.
MECHANICS
OF INTERNAL AUDIT
I. PREPARATION STAGE
1.Makeanauditplanandauditnotice.
2.Signontheauditnoticepriortodistributionofnotice&plan.
Ensurethatallaffectedpersonnelwereinformedespeciallythe
topmanagement
3.Ifrequestforchangesinplanexist,revisethenotice&distribute
againtosupersedetheformer.
4. Prepare the audit question list.
5. Brainstorm the questions with the team.
6. If time doesn’t permit, questions may not be asked completely
during the audit. On this effect, make a footnote on the question list.
OF INTERNAL AUDIT
I. PREPARATION STAGE
1.Makeanauditplanandauditnotice.
2.Signontheauditnoticepriortodistributionofnotice&plan.
Ensurethatallaffectedpersonnelwereinformedespeciallythe
topmanagement
3.Ifrequestforchangesinplanexist,revisethenotice&distribute
againtosupersedetheformer.
4. Prepare the audit question list.
5. Brainstorm the questions with the team.
6. If time doesn’t permit, questions may not be asked completely
during the audit. On this effect, make a footnote on the question list.
7.Abriefmeetingamongauditorspriortotheactualconductofaudit
isimportant.
8.Otherindividual/traineemayactasobserver,butnotallowedto
interfere/answerthequestions.
9.Astheteamcompletetheiraudit,theyshouldsitdowntogetherto
discussandevaluatetheirfindings.Figureoutthedeviations/
observations/CAR/PAR/NCR.
MECHANICS
OF INTERNAL AUDIT
isimportant.
8.Otherindividual/traineemayactasobserver,butnotallowedto
interfere/answerthequestions.
9.Astheteamcompletetheiraudit,theyshouldsitdowntogetherto
discussandevaluatetheirfindings.Figureoutthedeviations/
observations/CAR/PAR/NCR.
MECHANICS
OF INTERNAL AUDIT
II. AUDIT PROPER
1. Open and close the audit with courtesy.
{Formal or informal will do, which also depends on the situation.}
2. Require the representative of the auditeeto come along with the
team throughout the audit.
3. Remember the method of collecting audit data, which are as
follows:
a} interview
b} document check
c} observation
Note: Remember to dig deeper, if necessary, on the situation.
MECHANICS
OF INTERNAL AUDIT
1. Open and close the audit with courtesy.
{Formal or informal will do, which also depends on the situation.}
2. Require the representative of the auditeeto come along with the
team throughout the audit.
3. Remember the method of collecting audit data, which are as
follows:
a} interview
b} document check
c} observation
Note: Remember to dig deeper, if necessary, on the situation.
MECHANICS
OF INTERNAL AUDIT
MECHANICS
OF INTERNAL AUDIT
4.Betterstartwithaskingthechanges/improvementsinthe
area/process
5.AskabouttheperformancebasedontheKPIs,thenaskfor
documentation
6.Don’ttaketoomuchtimeduringtheaudit.
OF INTERNAL AUDIT
4.Betterstartwithaskingthechanges/improvementsinthe
area/process
5.AskabouttheperformancebasedontheKPIs,thenaskfor
documentation
6.Don’ttaketoomuchtimeduringtheaudit.
8.Thereshouldbeaconcretebasisfordeviation.Gatherfactsor
evidencestosupportsuch.
9.Showmaturity.Don’tbedispleasedbecausefewornothinghas
beenfound.
10.Showcourageandpolitenesstoeitherupperorlowerlevel.
MECHANICS
OF INTERNAL AUDIT
evidencestosupportsuch.
9.Showmaturity.Don’tbedispleasedbecausefewornothinghas
beenfound.
10.Showcourageandpolitenesstoeitherupperorlowerlevel.
MECHANICS
OF INTERNAL AUDIT
III. WRAP UP MEETING
1.Auditwrapupmeetingissuggestedtobeattendedbytop
managementandallconcernedparties.
2.Openthemeetingandalloweachteam-leadauditorstopresenttheir
report.
3.Whenpresentingdeviationitisassumedthatthefindingswere
discussedwithconcernedpersonnelforconfirmation(andelevated,as
necessarytotheheads)
4.Ifargumentstillexist…Pacify…Elevateproblemifneeded.
5.Signedoriginaldeviationreportshallbereturnedforreproduction
andendorsetheoriginalcopytotheauditeeforcorrectiveactions.
6.Closethewrapupbyaskingthetopmanagementforclosing
remarks
MECHANICS
OF INTERNAL AUDIT
1.Auditwrapupmeetingissuggestedtobeattendedbytop
managementandallconcernedparties.
2.Openthemeetingandalloweachteam-leadauditorstopresenttheir
report.
3.Whenpresentingdeviationitisassumedthatthefindingswere
discussedwithconcernedpersonnelforconfirmation(andelevated,as
necessarytotheheads)
4.Ifargumentstillexist…Pacify…Elevateproblemifneeded.
5.Signedoriginaldeviationreportshallbereturnedforreproduction
andendorsetheoriginalcopytotheauditeeforcorrectiveactions.
6.Closethewrapupbyaskingthetopmanagementforclosing
remarks
MECHANICS
OF INTERNAL AUDIT
.
IV.OTHERISSUES
1.Immediateactionisrequiredwithinaweekbuttheactual
completionofcorrectiveactionmayextenddependingonthe
situation.
2.Auditorsshouldthoroughlyevaluatethecorrectiveaction.
3.Suggestionsforcorrectiveactionmaycomefromthe
auditorsbutthisdoesnotbindtheauditee.
4.Evaluateissuesthoroughly,determineifthereshouldbea
necessityforafollowupaudittoresolvesuchissues.
MECHANICS
OF INTERNAL AUDIT
IV.OTHERISSUES
1.Immediateactionisrequiredwithinaweekbuttheactual
completionofcorrectiveactionmayextenddependingonthe
situation.
2.Auditorsshouldthoroughlyevaluatethecorrectiveaction.
3.Suggestionsforcorrectiveactionmaycomefromthe
auditorsbutthisdoesnotbindtheauditee.
4.Evaluateissuesthoroughly,determineifthereshouldbea
necessityforafollowupaudittoresolvesuchissues.
MECHANICS
OF INTERNAL AUDIT
5.Closethedeviationiftheactionassuresnon-recurrenceof
thesamefailure.
6.EstablishAuditSummaryReportandupdateitasnecessary
(ondevelopmentofactionsornextaudithighlights).
Distributethistoallconcernedincludingtopmanagement.
7.Documenttheinternal/externalauditsystemincluding
neededformsheets.
8.Makeagoodfilingsystem.
9.Makeanadvanceauditplan.
10.InternalAuditshallbescheduledonthebasisofaudit
statusorimportanceofactivity.
MECHANICS
OF INTERNAL AUDIT
thesamefailure.
6.EstablishAuditSummaryReportandupdateitasnecessary
(ondevelopmentofactionsornextaudithighlights).
Distributethistoallconcernedincludingtopmanagement.
7.Documenttheinternal/externalauditsystemincluding
neededformsheets.
8.Makeagoodfilingsystem.
9.Makeanadvanceauditplan.
10.InternalAuditshallbescheduledonthebasisofaudit
statusorimportanceofactivity.
MECHANICS
OF INTERNAL AUDIT
85
Reporting of
Audit Findings
Reporting of
Audit Findings
86
Objective
Evidence
Audit
Cirteria
Audit
Findings
Objective
Evidence
Audit
Cirteria
Audit
Findings
87
Types of Audit Findings:
-POSITIVE -exemplary conformance / best practices
-OPPORTUNITIES FOR IMPROVEMENT –e.g.
suggestions / recommendations
-POTENTIAL NON-CONFORMANCE –on the edge to be
NC, if not address
-NON-CONFORMANCE -non-conformance to a specific
requirement/s and/or based on risk or impact
Types of Audit Findings:
-POSITIVE -exemplary conformance / best practices
-OPPORTUNITIES FOR IMPROVEMENT –e.g.
suggestions / recommendations
-POTENTIAL NON-CONFORMANCE –on the edge to be
NC, if not address
-NON-CONFORMANCE -non-conformance to a specific
requirement/s and/or based on risk or impact
88
Three (3) Components of NCs:
Requirement Evidence Deviation
Three (3) Components of NCs:
Requirement Evidence Deviation
89
1.Requirement (e.g. Standards)
Ref. ISO 9001:2015 clause/s
Ref. applicable statutory / regulatory requirement
Ref. documented information / specifications
2.Evidence (Audit Evidence)
What was found?
Where it was found?
Who is accountable / responsible?
3.Deviation (Description of Failure)
- Answers the question –What was deviated? / extent of failure
1.Requirement (e.g. Standards)
Ref. ISO 9001:2015 clause/s
Ref. applicable statutory / regulatory requirement
Ref. documented information / specifications
2.Evidence (Audit Evidence)
What was found?
Where it was found?
Who is accountable / responsible?
3.Deviation (Description of Failure)
- Answers the question –What was deviated? / extent of failure
90
Need to cite the exact / specific reference:
ISO 9001 / 14001:2015 clause / sub-clause/s
State the whole requirement/phrase, e.g.
Regulatory Requirements
If the NC is based on procedure –state the
Document No. , Title, Section, …
Note: You need to be objective in raising NC
Need to cite the exact / specific reference:
ISO 9001 / 14001:2015 clause / sub-clause/s
State the whole requirement/phrase, e.g.
Regulatory Requirements
If the NC is based on procedure –state the
Document No. , Title, Section, …
Note: You need to be objective in raising NC
91
Record the EVIDENCE based from …
-What you’ve checked
-Whatyou’ve heard
-Whereit was found (location/area)
-Who is responsible / accountable
Note: As appropriate, be specific.
Record the EVIDENCE based from …
-What you’ve checked
-Whatyou’ve heard
-Whereit was found (location/area)
-Who is responsible / accountable
Note: As appropriate, be specific.
92
Normally stated in one sentence as to WHY the evidence
deviated the requirement/s
Description of Failure
STATE the problem…CLEAR / CONCISE
K.I.S.S –Keep It Short and Simple
Normally stated in one sentence as to WHY the evidence
deviated the requirement/s
Description of Failure
STATE the problem…CLEAR / CONCISE
K.I.S.S –Keep It Short and Simple
93
Purpose:
-To serve as evidence of problem noted “as of the time of
the audit”
-To provide the information, in order for the auditee to
properly address the problem
Purpose:
-To serve as evidence of problem noted “as of the time of
the audit”
-To provide the information, in order for the auditee to
properly address the problem
94
Nonconformity (NC):
Deviation of product/service or process from specified
requirements, or the absence of, or failure to implement
system elements, or a situation which would, on the basis
of available objective evidence, raise significant doubt
as to the conformity of what the supplier is supplying /
what the organization/functional unit is supplying to the
customers.
Nonconformity (NC):
Deviation of product/service or process from specified
requirements, or the absence of, or failure to implement
system elements, or a situation which would, on the basis
of available objective evidence, raise significant doubt
as to the conformity of what the supplier is supplying /
what the organization/functional unit is supplying to the
customers.
95
-Extent of conformity of quality
management system based on the audit
criteria and effectiveness
-Effective implementation, maintenance
and improvement of
-Extent of conformity of quality
management system based on the audit
criteria and effectiveness
-Effective implementation, maintenance
and improvement of
96
-Audit evidence gathered was based on samples
-Method of reporting / Classification of Findings
-Process of handling audit findings
-Post audit activities
-Audit evidence gathered was based on samples
-Method of reporting / Classification of Findings
-Process of handling audit findings
-Post audit activities
97
-Comments / opinions should be discussed related to
findings…. if possible resolved immediately
-If not resolved, comments/suggestions/opinions
should be recorded
-Comments / opinions should be discussed related to
findings…. if possible resolved immediately
-If not resolved, comments/suggestions/opinions
should be recorded
98
The Audit Report, should be:
-Dated
-Reviewed and approved by concerned personnel
-Distributed to appropriate recipients within agreed
completion date
The Audit Report, should be:
-Dated
-Reviewed and approved by concerned personnel
-Distributed to appropriate recipients within agreed
completion date
99
Guides on Writing
Audit Findings…
Guides on Writing
Audit Findings…
10
0
Note: the type/classification of audit findings may vary in
different organization
Typeof Audit
Findings
Nature How to handle
Opportunitiesfor
Improvement /
Observation
-No bearing if the auditee
willconsider or not
-For improvement
purposes
Auditeesare
encourage to
“consider “ / Optional
with the auditeeif
action is necessary.
Potential NCs -Auditevidence are not
clear;
-Audit criteria not clearly
specified
Auditees need to take
action –to PREVENT
from NC to OCCUR
Nonconformities -Clear deviation from
requirements
-Significant impact / RISK
in the system if not raise
as NC
Auditeesneed to take
action –to PREVENT
RECURRENCE of the
problem.
0
Note: the type/classification of audit findings may vary in
different organization
Typeof Audit
Findings
Nature How to handle
Opportunitiesfor
Improvement /
Observation
-No bearing if the auditee
willconsider or not
-For improvement
purposes
Auditeesare
encourage to
“consider “ / Optional
with the auditeeif
action is necessary.
Potential NCs -Auditevidence are not
clear;
-Audit criteria not clearly
specified
Auditees need to take
action –to PREVENT
from NC to OCCUR
Nonconformities -Clear deviation from
requirements
-Significant impact / RISK
in the system if not raise
as NC
Auditeesneed to take
action –to PREVENT
RECURRENCE of the
problem.
10
1
-Insufficient knowledge with the Audit Criteria
-Thinking of the “implication” of raising audit findings –or
the impact of the findings
-Not familiar with the structure of stating OFIs / Potential
NCs and NCs
-Choice of words / inappropriate
-Participants…. to share own experiences
1
-Insufficient knowledge with the Audit Criteria
-Thinking of the “implication” of raising audit findings –or
the impact of the findings
-Not familiar with the structure of stating OFIs / Potential
NCs and NCs
-Choice of words / inappropriate
-Participants…. to share own experiences
10
2
1.OFI (Opportunities for Improvement):
Statements need to start with or include:
-“May consider…”’
-“Consider to…”
-“It was observed that…consider to ….”
-“It would be better if…”
-“Consider to improve…”
-“Consider to review…”
-“Review the ….”
-“Consider to revisit”
-Note: Don’t use words like .. “shall”, “must”, “should”
2
1.OFI (Opportunities for Improvement):
Statements need to start with or include:
-“May consider…”’
-“Consider to…”
-“It was observed that…consider to ….”
-“It would be better if…”
-“Consider to improve…”
-“Consider to review…”
-“Review the ….”
-“Consider to revisit”
-Note: Don’t use words like .. “shall”, “must”, “should”
10
3
2. PNC (Potential Non-conformity):
Statements need to start with or include:
-“Ensure that the…
-“There’s a need to consider….otherwise (site the possible
consequences / impacts)
-“It is strongly suggest that…
-“It was observed that… however, it is strongly suggest that
action need to be taken… in order to prevent…
Note:
Depends on the context … the statement should
always imply…the potential impact/consequences
3
2. PNC (Potential Non-conformity):
Statements need to start with or include:
-“Ensure that the…
-“There’s a need to consider….otherwise (site the possible
consequences / impacts)
-“It is strongly suggest that…
-“It was observed that… however, it is strongly suggest that
action need to be taken… in order to prevent…
Note:
Depends on the context … the statement should
always imply…the potential impact/consequences
10
4
3. NC (Non-conformity):
Statements need to start with or include:
-“The requirement of…was deviated…based on the audit
evidence…
-“It was found out that there are inconsistencies on the
compliance to the requirements…
-Based on the evidence gathered…such as (bullets can be
included)….the requirement of …was deviated.
-“The following items….are not in accordance with the
criteria of …”
-Note: Outline of stating NC can be enumerated as (RED):
-Requirement?
-Evidence?
-Deviation?
4
3. NC (Non-conformity):
Statements need to start with or include:
-“The requirement of…was deviated…based on the audit
evidence…
-“It was found out that there are inconsistencies on the
compliance to the requirements…
-Based on the evidence gathered…such as (bullets can be
included)….the requirement of …was deviated.
-“The following items….are not in accordance with the
criteria of …”
-Note: Outline of stating NC can be enumerated as (RED):
-Requirement?
-Evidence?
-Deviation?
10
5
3. NC (Non-conformity):
Additional…
“The ISO 9001 clause (…) requires that…., however,
based on the sample/s taken….(…), the said
requirement was not complied / or not evident”
“As of the time of the audit, there were no objective
evidence / record presented as required by….(….”state
the requirement/s)…
“Section … of the procedure (“ref. Doc. No.,
rev.)…states that…, however,…”
5
3. NC (Non-conformity):
Additional…
“The ISO 9001 clause (…) requires that…., however,
based on the sample/s taken….(…), the said
requirement was not complied / or not evident”
“As of the time of the audit, there were no objective
evidence / record presented as required by….(….”state
the requirement/s)…
“Section … of the procedure (“ref. Doc. No.,
rev.)…states that…, however,…”
10
6
Question and Answer
6
Question and Answer
Thank you for Participation
QUESTIONS?
107
QUESTIONS?
107
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 137
- Slides 104
- Age 511 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
35 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
38 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
34 views
14
Fertility awareness methods for women in the society
Isaiah47
31 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
30 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
31 views