IMS INTERNAL AUDITPrinciples of internal audits, phases of audit, opening meeting, execution and audit closure .pptx

JustinBNickaf 71 views 57 slides Aug 18, 2024
Slide 1
Slide 1 of 57
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34
Slide 35
35
Slide 36
36
Slide 37
37
Slide 38
38
Slide 39
39
Slide 40
40
Slide 41
41
Slide 42
42
Slide 43
43
Slide 44
44
Slide 45
45
Slide 46
46
Slide 47
47
Slide 48
48
Slide 49
49
Slide 50
50
Slide 51
51
Slide 52
52
Slide 53
53
Slide 54
54
Slide 55
55
Slide 56
56
Slide 57
57

About This Presentation

Principles of internal audits, phases of audit, opening meeting, execution and audit closure

Size: 3.12 MB
Language: en
Added: Aug 18, 2024
Slides: 57 pages

Slide Content

IMS INTERNAL AUDITING 1 45001

Audit Process

Internal Audit A systematic , independent and documented process for obtaining objective evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled. INTERNAL AUDIT

Types of Audit Internal audits are conducted by, or on behalf of an organization (audit client) itself. External provider audit; Other external interested party audit. Certification and /or accreditation audit; Statutory, regulatory and similar audit.

Principles of Auditing Principles relating t o auditor s : E t hical c o ndu c t Fair pre s enta t ion Due profes s ional c a re Confidentiality Principles relating t o audi t : Indepen d en c e Ev idenc e -based approach

M a naging an Audit Progr a m Pro c e s s Flow PLAN DO C H ECK ACT A UTH O R I Z E ES T A BL ISH I M P L E M E N T M O N I T O R & R EVIEW I M P R OVE OBJE CT IVES E X T E N T R OLES R ES OURC ES P R O C E DUR ES S CH E DU LE A UD I T S E V AL U A T E A UD I T O R S SELE C T T EA M S D I R E C T A CT IVI T IES M AI N T AIN R E C O RD S M O N I T OR R EVIEW I D E NT I F Y N EED F OR C A/ P A I D E NT I F Y OPPO R TUN I T IES T O I M P R OVE A UD I T OR C O M PE T E NC E & E V A LU Z A T ION SPE C I F IC A UD IT A CT IVI T IES

Overview of typical audit activities Initiating the audit Conducting document review Preparing, approving & distributing the audit report Completing the audit Conducting audit follow up 1. Planning for the audit 2. Conducting the audit 3. Reporting the audit 4. Corrective action & follow-up 8 Preparing for the on-site audit activities Conducting on-site audit activities

Overview of typical audit activities Initiating the audit Appoint the audit team leader defining audit objectives, scope & criteria determining the feasibility of the audit selecting the audit team establishing initial contact with the auditee Conducting document review reviewing relevant management system documents, including records, and determining their adequacy with respect to audit criteria. Preparing for the on-site audit activities preparing the audit plan assigning work to the audit team preparing work documents Planning the Audit 1 9

Overview of typical audit activities Conducting on-site audit activities - conducting opening meeting communication during audit roles and responsibilities of guides and observers collecting and verifying information generating audit findings preparing audit conclusions conducting closing meeting Conducting on-site audit activities 2 10

A Value Added Auditor 3 INTEGRATED MANAGEMENT SYSTEM PROCESS BASED INTERNAL AUDITING

Personal Attributes Ethical – fair, truthful, sincere, honest and discreet Open minded – willing to consider alternative ideas or points of view Diplomatic – tactful in dealing with people Observant – actively aware of physical surroundings and activities. Perceptive – instinctively aware of and able to understand situations. 12

Personal Attributes Versatile – adjust readily to different situations Tenacious – persistent, focused on achieving objectives Decisive – reaches timely conclusions based on logical reasoning and analysis; and Self reliant – acts and functions independently while interacting effectively with others. 13

Initiate the Audit Program 4 INTEGRATED MANAGEMENT SYSTEM PROCESS BASED INTERNAL AUDITING

Audit Objectives Ensure conformance to the standards and own policies Evaluate the effectiveness of the measures planned Improve the current Integrated Management System Investigate nonconformities including incidents. In Summary: To take an independent and accurate snapshot to see what an organization or process looks like at a point in time . 15

Process Approach to Auditing 7 INTEGRATED MANAGEMENT SYSTEM PROCESS BASED INTERNAL AUDITING

What to Look for during Internal Audit? 17 Conformance Effectiveness Improvement 3 key aspects of process

Conformance Conformance is the basic principle. Compare the actual activities against the audit criteria. In other words, “do what have written and recorded down what you have done.” 18 What shall be done What is actually done VS

Conformance Auditing 19 IMS Manual Procedure Activities Records

Effectiveness How do we know if a process is effective? Is it … able to maintain ‘mountains’ of documentation? able to follow procedures strictly? able to produce results? 20

Effectiveness of a Process Effectiveness of a process is shown by the results it achieved with the delivered output. Hence, auditors shall look at indicators/ measurable metrics to tell whether organization requirements (objectives) are met. 21

Process Characteristics Every process has these characteristics: Process owner(s) Process is defined and if appropriate, documented Process linkages/ interfaces are established Process Performance Measurement is defined and monitored Records to show evidence of achievement and control 22

Process Analysis 23 Why? (target, measurement & improvement) With Who? (responsibility, competency) OUTPUT INPUT PROCESS HOW? (procedures & methods of controls) With What? (equipment, material resources) 4 Questions about a Process WHO – responsibility, authority and competencies required WHAT – kinds of resources needed to perform the process WHY – objective/target for the process, plus measurement & improvement HOW – controls method to achieve desired results

Audit Planning 8 INTEGRATED MANAGEMENT SYSTEM PROCESS BASED INTERNAL AUDITING

Preparations for the Audit Select audit team. Assign audit team activities Audit plan. Check-lists Assemble working documents . 25

Check-lists Aide memoire Concise Avoid tick sheets or standard Should not take over audits Useful for new auditors Helps in time management Can update or add on during course of audit Can evolve over time. 26

Why Use Check-lists? Ensures continuity and depth of audit Ensures all relevant aspects are covered Gives structure to interviews Provides help if stuck More professional. 27

Inputs to Check-list Creation ISO 9001, ISO 14001 and OHSAS 18001 Standard Documented Integrated Management Systems (IMS) Regulatory requirements Known or classic problems Knowledge of area/system/process Previous check-lists 28

Process Approach to Checklist Creation Consider the applicable requirements from the standards Look at: Input Output Interface (i.e. supporting processes) The 4 basic questions from process analysis i.e. Who (responsibility & competency) What (resources) How (controls and methods) Why (objectives/goals & measures) Applicable regulatory requirements or code of practice. 29

Typical Questions … Who is the process owner? What is the purpose of your process? Why did you set this as your performance indicator? What are the inputs to your process? What are your process outputs? What are the process parameters? How do you control your process? What do you do with these measurements? 30

Conducting the On-site Audits 9 INTEGRATED MANAGEMENT SYSTEM PROCESS BASED INTERNAL AUDITING

The Audit Triangle 32 Observe (See what they actually do) Question (Ask them what they do) Check (Confirm evidence of conduct)

Asking Questions – Filter Funnel Open questions Encourage auditees to talk freely Use What, Where, When, Why, How and Who? Probing questions? Follow-up or focus on more precise details Closed questions Used where you want a clear ‘Yes’ or ‘No’ answer Don’t forget the ‘Please Show Me’! 33

Key Points for Interview Who do we audit? The person responsible for the activity to be audited How to begin? Ask the auditee to explain / describe the activity When? Normal working hours 34

Audit Process Introduce yourself Explain purpose of audit Ask open question(s) Use probing questions for details Follow “audit triangle” & look for evidence Where nonconformities are detected, confirm with auditee to ensure not mistaken Thank auditee & move on to next 35

Auditors Should . . . Avoid ‘nit-picking’ Take good points into account Be punctual Avoid arguments Audit against specifications Respect confidentiality Audit the system not the individual 36

Interviews Techniques Be courteous at all times (never act superior) Ask auditee to explain tasks Match questions to levels of responsibility - Management/ Executive Officer – about policy, management structure, support, etc. - Operators – about areas of operation, specific controls, tasks Use appropriate language for questioning (tone or level)

Techniques Listen carefully to what is said. Allow time for auditee to think Use open-ended questions. Avoid closed, direct or leading questions Follow a “trail of questioning” Validate (please show me) Interviews

Techniques Remember alternative situations (what happens if) Use the “silent question” where appropriate Be systematic (summarize to show understanding) Feedback results Thank the auditee Interviews

Types of Questioning Leading question [ I am sure that you have a procedure for operating your forklift? ] Closed question [ Do you have a procedure for operating your forklift? ] Open question [ Could you explain to me your procedure for operating the forklift? ]

Controlling the Audit Auditor Should Remain assertive Avoid lengthy discussion or observation Keep track of schedule – not to be led or misled Be thorough and efficient Avoid becoming sidetracked or bogged down Do not antagonize or dictate

Basic Rules Establish that relevant documents are of correct issue Do not let only one person do all the talking Observe work progression when necessary Evaluate physical evidence and controls Make comprehensive notes Seek verification Do not assume people will lie but need to verify statement, if necessary Controlling the Audit

Audit Reporting 10 INTEGRATED MANAGEMENT SYSTEM PROCESS BASED INTERNAL AUDITING

Nonconformities Must Be Factual/objective Clear & concise Define the exact instance Give reference (to ISO 9001, ISO 14001 and OHSAS 18001/ documented IMS) Locatable Acknowledged 44

Non-Conformance Definitions Audit findings No-conformance vs. Non-conformance Non-conformity NC Requires Documented Request for Action Documented as Corrective/Preventive Action Request ( CPAR ) Non-conformance Report (NCR) Finding Statement

Requirements Non-conformance should be raised clearly against audit criteria State clearly the nature of non-conformance - Absence of documentation - Inadequate documentation - Lack of implementation - Inadequate implementation - Lack of evidence Non-Conformance

Classification Major – (System Breakdown) total failure to fulfill a specified requirement of the standard that is applicable to the organization Absence of documented procedure required by the standard Non-implementation of the entire procedure Absence of documentation to demonstrate conformance to the system requirements of the standard Aggregation of minor non-conformances Non-Conformance

Classification Major When a non-conformance is directly related to a significant and immediate hazard to the organization’s ESH performance. When a non-conformance is directly related to a failure to report a legal non-compliance to an enforcement authority where required to do so by a license condition, authorization, etc. Non-Conformance

Classification Major When a non-conformance is directly related to a failure to recognize and record when an objective or target is not met. When a non-conformance has led to, or is a failure of a procedure to identify and/or evaluate a hazard or which is obviously and highly significant. When a non-conformance is failure to act, either by means of setting of an objective or applying operational control, or monitoring related parameter in instances where ESH risks is identified and evaluated as highly significant. Non-Conformance

Classification Minor –lapse in the system that has limited effect on the integrity of ESHMS - Part of a procedure not implemented - Missing records, data, document Observation – potential source of a non-conformance - Trivial lapse in the system - No direct evidence of failure - Suspect in terms of a long-term sustainability of the system - Action taken is not mandatory but encourage Non-Conformance

Documenting the Finding Should include - Q ESHMS documents or clause of the standard not being complied - Area/ Function where the NC was found - Audit evidence - Classification (where applicable) - Name of auditor, date of audit and agreed close-out date Non-Conformance

CLEAR CONCISE SUPPORTED BY EVIDENCE BASED ON FACTS Non-Conformance

Finding statement System-Based The current method of handling, storage and disposing hazardous wastes is inadequate against the requirements of DAO 29, as evidenced by: WTP sludge is not secured and labeled Contaminated materials are mixed and disposed with ordinary wastes, Storage area is accessible to everybody Non-Conformance (Finding Statement)

How To Get The Most Out Of Internal Audit Must be a ‘ no-blame’ culture Auditor and Auditee should work in partnership. Encourage staff to reveal problem areas Both Auditor and Auditee should look for improvements Audits must be seen as essential part of business Positive terms can be used (e.g. ‘finding’ not ‘nonconformity ’) ‘Findings’ or ‘nonconformities’ should be seen as ‘opportunity to improve’ Must be adequate time and resources for Auditee /Auditor to perform audit 54

AUDIT ASSIGNMENTS 55

Audit Agreements Draft report shall be submitted by Dec. 3 – 10:00am Auditors Meeting on Dec. 3 – 1:00pm Draft report shall consider all findings and observations Final report and CPARs shall be submitted by Dec. 4 – 5pm. All CPAR’s RCAs shall be due by Dec. 7 (for actionable items) 56

end INTEGRATED MANAGEMENT SYSTEM PROCESS BASED INTERNAL AUDITING
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 71
  • Slides 57
  • Age 471 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
29 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views
View More in This Category