logging in or signing up Practical Auditing SidC Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 596 Category: Others/ Misc License: All Rights Reserved Like it (3) Dislike it (0) Added: January 14, 2011 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... By: trichysayee (12 month(s) ago) Superb Excellant Saving..... Post Reply Close By: SidC (12 month(s) ago) Thank you. I sent a copy to your email. Saving..... Edit Comment Close Premium member Presentation Transcript PRACTICAL AUDITINGContinual Improvement Program for Internal Quality Auditors : PRACTICAL AUDITINGContinual Improvement Program for Internal Quality Auditors By Sid Calayag Agenda : Agenda PDCA and Process Approach Interview/Question Technique Notes, Check List & Cheat Sheet Report Writing Toughest ISO 9001:2000 Clauses How to Audit Difficult Clauses How to Audit Undocumented Process Auditor’s Code of Ethics 2 Auditor Training rev 0 022009 Warm-up Exercise : Warm-up Exercise The exercise will be used to gauge your present knowledge must be completed in 10 minutes. Countdown starts now. . . 3 Auditor Training rev 0 022009 Process Based Approach : 4 Process Based Approach RESOURCE MANAGEMENT MEASUREMENT, ANALYSIS & IMPROVEMENT Slide 5: THE PDCA CYCLE Interview and Question Technique : Interview and Question Technique Interview Reason Steps Question Techniques Closed-ended Question Open-ended question Show-me Question 6 Auditor Training rev 0 022009 Interview Reason : Interview Reason Supplements the documented process Determines the actual defined process Principal way of obtaining information Allows auditee to explain work practices Ascertains understanding and commitment Auditor Training rev 0 022009 7 Interview Steps -1 : Interview Steps -1 Interview persons at their workplace Conduct interviews during normal hours Put person at ease (lower anxiety level) Explain your purpose (what you want) Ask about their job (question; observe) Verify responses (confirm understanding) Auditor Training rev 0 022009 8 Interview Steps - 2 : Interview Steps - 2 Check the facts (use other sources) Record evidence (notes on checklist) Make tentative conclusion (no secrets) Give opportunity to discuss other topics Thank for their time and cooperation Auditor Training rev 0 022009 9 Summary on Interview : Summary on Interview Remember, it is an interview, not an interrogation! Investigate a claim; accept an admission. Auditor Training rev 0 022009 10 Questioning Techniques - 1 : Questioning Techniques - 1 Ask question and then actively listen Rely primarily on open-ended questions Avoid closed question (except to confirm) Ask for explanations and examples Rephrase your question for clarification Restate answer for your understanding Keep neutral; don't disagree or interrupt Auditor Training rev 0 022009 11 Questioning Techniques - 2 : Questioning Techniques - 2 Ask "suppose" or "what if" questions Find basic flaws with simple questions Ask the blunt question about quality Nod in agreement to maintain dialog Use silence for expanded responses Observe unguarded facial expressions Learn from remarks of nearby people Auditor Training rev 0 022009 12 Close and Open-ended Question : Close and Open-ended Question Open-ended question can be used in determining the actual process during the interview. Close-ended question can be used to conclude the result of the interview. Auditor Training rev 0 022009 13 Sample Summary on Questioning Techniques : Summary on Questioning Techniques STOP TALKING - LISTEN Do not ask closed questions unless to conclude item Maintain a 20% talking : 80% listening ratio USE THE SIX HONEST SERVING MEN “I keep six honest serving men They taught me all I knew Their names were WHAT and WHY and WHEN And HOW and WHERE and WHO” (The Elephant Child - Kipling) SHOW ME Notes, Check List & Cheat List : Notes, Check List & Cheat List Taking Notes in an Audit Check List Cheat List 15 Auditor Training rev 0 022009 Taking Notes in an Audit : Taking Notes in an Audit One use of a checklist is as a repository for your notes Take brief notes on what you have read, heard, and seen Capture specific references record what people are telling you about their practices Some of your notes will be used immediately for your next line of questioning Auditor Training rev 0 022009 16 Check List : Check List Requirements for check list Standard requirement Customer requirement Organizational requirement Legal requirement Auditor Training rev 0 022009 17 Advantages on Using Check List : Advantages on Using Check List Checklists, if developed and used properly: Promote planning for the assigned audit Ensure a consistent audit approach Act as a sampling plan and time manager Serve as a memory aid and confidence builder Provide a repository for notes on evidence Auditor Training rev 0 022009 18 Drawback on Using Check List : Drawback on Using Check List Drawback May result in poor coverage. Restrict interview questions May cause the auditor to use an outdated tool if not updated according to the new standard Auditor Training rev 0 022009 19 Summary on Check List : Summary on Check List A checklist should guide auditors through the system flow from quality policy, to objectives, to processes, to measurements, to results, to actions, and eventually to continual improvement. Auditors should use the checklist as a planning tool for their assignment and be willing to pursue other areas of investigation. Auditor Training rev 0 022009 20 Cheat Sheet : Cheat Sheet A "cheat sheet" is a concise set of notes used for quick reference Job notes may not accurately describe the tasks, in conflict with written instructions, or unapproved by management. ISO 9001:2000, clause 4.2.3 states that "Documents required by the quality management system shall be controlled." So, if cheat sheets are needed by employees to carry out their activities, these would be viewed as documents that must be controlled. Auditor Training rev 0 022009 21 Report Writing : Report Writing Use CPLANES as a reminder C – Clause P -- Procedure or Instruction L -- Location A – Activity N – Nature of Deficiency E – Evidence S – Scale of Deficiency Auditor Training rev 0 022009 22 Writing Nonconformity Reports : Writing Nonconformity Reports Conformity, Conformance, or Compliance? 23 Auditor Training rev 0 022009 Exercise No. 1 : Exercise No. 1 How well do you know the new ISO 9001:2000 standard? Can you identify the clauses for these requirements? 1. Reviewing the system at planned intervals 2. Identifying the status of product measurements 3. Maintaining process equipment 4. Handling, packaging, and storing products 5. Preventing the "recurrence" of nonconformities 6. Maintaining evidence of conformity of acceptance criteria 7. Ensuring requirements are complete and unambiguous 8. Identifying the control of outsourced processes 9. Planning for design review, verification, and validation 10. Including a quality manual in the documentation 24 Auditor Training rev 0 022009 Toughest Requirements : Toughest Requirements 4.1 General Requirements 5.1 Management Commitment 5.4.1 Quality Objectives 5.4.2 Quality Management System Planning (vs. 7.1 Planning of Product Realization) 7.3.1 Design and Development Planning 25 Auditor Training rev 0 022009 Toughest Requirements : Toughest Requirements 7.5.2 Validation of Processes for Production and Service Provision 8.2.1 Customer Satisfaction 8.5.1 Continual Improvement 8.5.3 Preventive Action 26 Auditor Training rev 0 022009 Most Common Audit Findings : Most Common Audit Findings * Internal Audit Findings 1. Customer satisfaction data and assessment (8.2.1 . . . 2. Documentation gaps (4.2.3 . . . 3. Continual improvement process (8.5.1 . . . 4. Objectives not measurable (5.4.1 . . . 5. Collection and analysis of data (8.4 . . . 6-7. Top management commitment and responsibility (5.4 . . . 6-7. Record keeping gaps (4.2.4 . . . 8-9. Competency requirements (6.2.2 . . . 8-9. Effective control of processes (4.1 . . . * Ref. : <http://standardsgroup.asq.org/news/psi/IMS06-2002E-Implementing_ISO_9001-BD.pdf> 27 Auditor Training rev 0 022009 Most Common Audit Findings : Most Common Audit Findings * Registrar Audit Findings 1. Documentation gaps 2-3. Objectives not measurable 2-3. Top management commitment and responsibility 4. Continual improvement process 5-6. Customer satisfaction data and assessment 5-6. Effective control of processes 7-8. Collection and analysis of data 7-8. Record keeping gaps 9. Competency requirements * Ref. : <http://standardsgroup.asq.org/news/psi/IMS06-2002E-Implementing_ISO_9001-BD.pdf> 28 Auditor Training rev 0 022009 Comparison of Rankings : Comparison of Rankings Auditor Training rev 0 022009 29 Internal Audit Findings 1. Customer satisfaction data and assessment 2. Documentation gaps 3. Continual improvement process 4. Objectives not measurable 5. Collection and analysis of data 6-7. Top management commitment and responsibility 6-7. Record keeping gaps 8-9. Competency requirements 8-9. Effective control of processes Registrar Audit Findings 1. Documentation gaps 2-3. Objectives not measurable 2-3. Top management commitment and responsibility 4. Continual improvement process 5-6. Customer satisfaction data and assessment 5-6. Effective control of processes 7-8. Collection and analysis of data 7-8. Record keeping gaps 9. Competency requirements How to Audit Difficult Clauses : How to Audit Difficult Clauses 4.1 General Requirements Clause 4.1 covers the requirement for your organization to set up a quality management system and broadly defines the associated activities. These activities are described in greater detail in the remainder of the standard. And, when you audit these other clauses, you are in essence auditing clause 4.1. 30 Auditor Training rev 0 022009 How to Audit ISO 9001:2000, Clause 4.1 : How to Audit ISO 9001:2000, Clause 4.1 By recognizing its linkages to the clauses in the remainder of the standard. Audit those other areas well and you are in effect auditing clause 4.1. Auditor Training rev 0 022009 31 How to Audit Difficult Clauses : How to Audit Difficult Clauses 5.0 Management Responsibility 5.1 Management Commitment 5.4.1 Quality Objectives 5.4.2 Quality Management System Planning (vs. 7.1 Planning of Product Realization) 32 Auditor Training rev 0 022009 How to Audit Difficult Clauses : How to Audit Difficult Clauses 5.1 Management Commitment Look for evidence on how top managers ensure their commitment is well known throughout the organization and records that show how they are keeping their promise 33 Auditor Training rev 0 022009 How to Audit Difficult Clauses : How to Audit Difficult Clauses 5.4.1 Quality Objective Are You Setting SMART Quality Objectives? Is it specific? Is it measurable Is it achievable Is it relevant Is it timed? 34 Auditor Training rev 0 022009 How to Audit Difficult Clauses : How to Audit Difficult Clauses 5.4.2 Quality Management System Planning (vs. 7.1 Planning of Product Realization) Organizations must decide how to monitor, measure, and analyze their processes, as well as, be ready to implement the actions necessary to achieve planned results and continually improve the processes. Even outsourced processes are included in the planning. Determine how this is done using process approach. 35 Auditor Training rev 0 022009 How to Audit Difficult Clauses : How to Audit Difficult Clauses 7.0 Product Realization 7.1 Planning of Product Realization 7.3.1 Design and Development Planning 7.5.2 Validation of Processes for Production and Service Provision Determine how the quality plan is developed. 36 Auditor Training rev 0 022009 How to Audit Difficult Clauses : How to Audit Difficult Clauses 8.0 Measurement, analysis and Improvement 8.2.1 Customer Satisfaction 8.5.1 Continual Improvement 8.5.3 Preventive Action 37 Auditor Training rev 0 022009 Auditing Undocumented Process : Auditing Undocumented Process Auditing a Process that is Undocumented Refer to the guide provided to you separately Auditor Training rev 0 022009 38 Summary on Audit Practice : Summary on Audit Practice Audits examine compliance from three perspectives: Documents (or definitions) that indicate the process is adequate Records that show the process is implemented (being practiced) Results that prove the process is effective (objectives are met) By using the process approach in auditing, you will be able to gather all the evidence that you need in auditing for any clause that you may encounter in the field. Auditor Training rev 0 022009 39 EXERCISE No. 2 : EXERCISE No. 2 Auditor Training rev 0 022009 40 Internal Auditor Quiz The purpose of the exercise is to provide practice in assessing evidence in an objective manner.. Slide 41: Auditor Training rev 0 022009 41 Workshop Mock-up audit of Engineering Department 5.4.1 Quality Objectives 7.3.1 Design and Development Planning Tips on Auditing : Tips on Auditing Adjust your audit approach Evaluate the effectiveness of the system Remind auditors how to verify conformity Know how to audit an undocumented process Improve your current internal audit practices 42 Auditor Training rev 0 022009 Auditor Conduct : Auditor Conduct Be critical Be side-tracked Argue Swear Be late Be sarcastic Compare Pass opinions Apportion blame AN AUDITOR SHOULD NOT Code of Conduct for Auditors : Code of Conduct for Auditors Purpose To communicate the integrity, objectivity, confidentiality, and competence expected of internal auditors, as well as, to provide a means for them to pledge their commitment to these principles. Auditor Training rev 0 022009 44 Code of Conduct for Auditors : Code of Conduct for Auditors Integrity The integrity of internal auditors establishes trust and provides the basis for relying on their judgment. As an internal auditor, I pledge to: Perform my work with honesty, accuracy, fairness, and responsibility. Not engage in activities that might discredit the audit profession or my organization. Auditor Training rev 0 022009 45 Code of Conduct for Auditors : Code of Conduct for Auditors Objectivity Internal auditors must be objective in gathering, evaluating, and communicating information about the activities being examined. They must make a balanced and impartial assessment of all the relevant facts and not be unduly influenced by their interests, or those of others, in making judgments. As an internal auditor, I pledge to: 3. Not join in any activity or relationship that may affect my unbiased assessment. 4. Not accept anything that may impair, or appear to impair, my judgment. 5. Disclose all the material facts to avoid any distortion of my audit report. Auditor Training rev 0 022009 46 Code of Conduct for Auditors : Code of Conduct for Auditors Confidentiality Internal auditors must respect the value and ownership of the information they receive and not disclose it without the appropriate authority (unless obligated for legal or professional reasons). As an internal auditor, I pledge to: 6. Be prudent in the use and protection of the information acquired during my audit duties. 7. Not use the information for personal gain or in any way detrimental to the organization. Auditor Training rev 0 022009 47 Code of Conduct for Auditors : Code of Conduct for Auditors Competence Internal auditors must apply their knowledge, skills, and experience in the performance of their assessment duties. As an internal auditor, I pledge to: 8. Engage only in audits where I possess the needed knowledge, skills, and experience. 9. Perform audits in accordance with the procedures and practices of my organizations. 10. Continually improve my proficiency and the quality and value of my audit services. 11. Assist other auditors under my supervision to develop their audit management skills. 12. Report any complaints regarding my performance and address them to avoid recurrence. Auditor Training rev 0 022009 48 Addendum : Addendum Exercise No. 3 – take home exercise ISO 9000 : 2005 – ISO 9001: 2008 – Sample Question for Top Management Auditor Training rev 0 022009 49 Exercise No. 3 : Exercise No. 3 This is an exercise to see how nonconformities are reported This is a take-home exercise. The answer shall be submitted later. 50 Auditor Training rev 0 022009 Internal Auditor Quiz : Internal Auditor Quiz Answers for the ISO 9001:2000 Clause Quiz The correct clauses for the ten requirements are: 1. Reviewing the system at planned intervals = 5.6.1 [also 8.2.2 regarding audits] 2. Identifying the status of product measurements = 7.5.3 3. Maintaining process equipment = 6.3 (b) 4. Handling, packaging, and storing products = 7.5.5 5. Preventing the "recurrence" of nonconformities = 8.5.2 (not 8.5.3) 6. Maintaining evidence of conformity of acceptance criteria = 8.2.4 7. Ensuring requirements are complete and unambiguous = 7.3.2 [implied by 7.2.2 (a)] 8. Identifying the control of outsourced processes = 4.1 9. Planning for design review, verification, and validation = 7.3.1 (b) [implied by 7.1] 10. Including a quality manual in the documentation = 4.2.1 (b) How did you do on the quiz? Do you agree with these answers? 51 Auditor Training rev 0 022009 Back ISO 9000:2005 : ISO 9000:2005 It makes no changes to the basic principles of quality management stated in ISO 9000:2000 It is essentially a tidying-up exercise to ensure consistency within ISO Standards It will probably have little, or no real impact on our quality system Auditor Training rev 0 022009 52 ISO 9001:2008 : ISO 9001:2008 ISO 9001:2000 is due for an update in 2008. It is currently at Draft International Standard (DIS) stage Changes to the standard are very small It will replace ISO 9001:2000 Auditor Training rev 0 022009 53 How to Audit Difficult Clauses : How to Audit Difficult Clauses 6.0 Resource Management 6.1 Provision of Resources 6.2 Human Resources 6.3 Infrastructure 6.4 Work Environment 54 Auditor Training rev 0 022009 Process Approach Interview Question PDCA Note Check List Cheat Sheet Sample Question for Top Management : Sample Question for Top Management How do you influence/oversee the quality policy? What quality targets have been set for each department for this fiscal year? What about plant-wide targets? How did you influence these targets? What is your basis? How do you ensure that the integrity of the quality management system is maintained when changes are implemented? (i.e., costdowns, new products, hirings/layoffs...) How do you use our "Key Measurables" information to ensure continual improvement in quality? Auditor Training rev 0 022009 55 Sample Question for Top Management : Sample Question for Top Management How are your Objectives developed? How do you use the Policy? What does the System gain from Management Review? Please provide an example of Improvement within the company. "If you could do it, what one thing in the Management System would you improve?“ Auditor Training rev 0 022009 56 Sample Question for Top Management : Sample Question for Top Management How do you contribute to achieving your organization's objectives? How are objectives determined? How are employees trained on objectives? How is progress against objectives communicated to the organization? What processes and/or tools are in place to help achieve objectives? Is there evidence of progress? Auditor Training rev 0 022009 57 Back You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Practical Auditing SidC Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 596 Category: Others/ Misc License: All Rights Reserved Like it (3) Dislike it (0) Added: January 14, 2011 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... By: trichysayee (12 month(s) ago) Superb Excellant Saving..... Post Reply Close By: SidC (12 month(s) ago) Thank you. I sent a copy to your email. Saving..... Edit Comment Close Premium member Presentation Transcript PRACTICAL AUDITINGContinual Improvement Program for Internal Quality Auditors : PRACTICAL AUDITINGContinual Improvement Program for Internal Quality Auditors By Sid Calayag Agenda : Agenda PDCA and Process Approach Interview/Question Technique Notes, Check List & Cheat Sheet Report Writing Toughest ISO 9001:2000 Clauses How to Audit Difficult Clauses How to Audit Undocumented Process Auditor’s Code of Ethics 2 Auditor Training rev 0 022009 Warm-up Exercise : Warm-up Exercise The exercise will be used to gauge your present knowledge must be completed in 10 minutes. Countdown starts now. . . 3 Auditor Training rev 0 022009 Process Based Approach : 4 Process Based Approach RESOURCE MANAGEMENT MEASUREMENT, ANALYSIS & IMPROVEMENT Slide 5: THE PDCA CYCLE Interview and Question Technique : Interview and Question Technique Interview Reason Steps Question Techniques Closed-ended Question Open-ended question Show-me Question 6 Auditor Training rev 0 022009 Interview Reason : Interview Reason Supplements the documented process Determines the actual defined process Principal way of obtaining information Allows auditee to explain work practices Ascertains understanding and commitment Auditor Training rev 0 022009 7 Interview Steps -1 : Interview Steps -1 Interview persons at their workplace Conduct interviews during normal hours Put person at ease (lower anxiety level) Explain your purpose (what you want) Ask about their job (question; observe) Verify responses (confirm understanding) Auditor Training rev 0 022009 8 Interview Steps - 2 : Interview Steps - 2 Check the facts (use other sources) Record evidence (notes on checklist) Make tentative conclusion (no secrets) Give opportunity to discuss other topics Thank for their time and cooperation Auditor Training rev 0 022009 9 Summary on Interview : Summary on Interview Remember, it is an interview, not an interrogation! Investigate a claim; accept an admission. Auditor Training rev 0 022009 10 Questioning Techniques - 1 : Questioning Techniques - 1 Ask question and then actively listen Rely primarily on open-ended questions Avoid closed question (except to confirm) Ask for explanations and examples Rephrase your question for clarification Restate answer for your understanding Keep neutral; don't disagree or interrupt Auditor Training rev 0 022009 11 Questioning Techniques - 2 : Questioning Techniques - 2 Ask "suppose" or "what if" questions Find basic flaws with simple questions Ask the blunt question about quality Nod in agreement to maintain dialog Use silence for expanded responses Observe unguarded facial expressions Learn from remarks of nearby people Auditor Training rev 0 022009 12 Close and Open-ended Question : Close and Open-ended Question Open-ended question can be used in determining the actual process during the interview. Close-ended question can be used to conclude the result of the interview. Auditor Training rev 0 022009 13 Sample Summary on Questioning Techniques : Summary on Questioning Techniques STOP TALKING - LISTEN Do not ask closed questions unless to conclude item Maintain a 20% talking : 80% listening ratio USE THE SIX HONEST SERVING MEN “I keep six honest serving men They taught me all I knew Their names were WHAT and WHY and WHEN And HOW and WHERE and WHO” (The Elephant Child - Kipling) SHOW ME Notes, Check List & Cheat List : Notes, Check List & Cheat List Taking Notes in an Audit Check List Cheat List 15 Auditor Training rev 0 022009 Taking Notes in an Audit : Taking Notes in an Audit One use of a checklist is as a repository for your notes Take brief notes on what you have read, heard, and seen Capture specific references record what people are telling you about their practices Some of your notes will be used immediately for your next line of questioning Auditor Training rev 0 022009 16 Check List : Check List Requirements for check list Standard requirement Customer requirement Organizational requirement Legal requirement Auditor Training rev 0 022009 17 Advantages on Using Check List : Advantages on Using Check List Checklists, if developed and used properly: Promote planning for the assigned audit Ensure a consistent audit approach Act as a sampling plan and time manager Serve as a memory aid and confidence builder Provide a repository for notes on evidence Auditor Training rev 0 022009 18 Drawback on Using Check List : Drawback on Using Check List Drawback May result in poor coverage. Restrict interview questions May cause the auditor to use an outdated tool if not updated according to the new standard Auditor Training rev 0 022009 19 Summary on Check List : Summary on Check List A checklist should guide auditors through the system flow from quality policy, to objectives, to processes, to measurements, to results, to actions, and eventually to continual improvement. Auditors should use the checklist as a planning tool for their assignment and be willing to pursue other areas of investigation. Auditor Training rev 0 022009 20 Cheat Sheet : Cheat Sheet A "cheat sheet" is a concise set of notes used for quick reference Job notes may not accurately describe the tasks, in conflict with written instructions, or unapproved by management. ISO 9001:2000, clause 4.2.3 states that "Documents required by the quality management system shall be controlled." So, if cheat sheets are needed by employees to carry out their activities, these would be viewed as documents that must be controlled. Auditor Training rev 0 022009 21 Report Writing : Report Writing Use CPLANES as a reminder C – Clause P -- Procedure or Instruction L -- Location A – Activity N – Nature of Deficiency E – Evidence S – Scale of Deficiency Auditor Training rev 0 022009 22 Writing Nonconformity Reports : Writing Nonconformity Reports Conformity, Conformance, or Compliance? 23 Auditor Training rev 0 022009 Exercise No. 1 : Exercise No. 1 How well do you know the new ISO 9001:2000 standard? Can you identify the clauses for these requirements? 1. Reviewing the system at planned intervals 2. Identifying the status of product measurements 3. Maintaining process equipment 4. Handling, packaging, and storing products 5. Preventing the "recurrence" of nonconformities 6. Maintaining evidence of conformity of acceptance criteria 7. Ensuring requirements are complete and unambiguous 8. Identifying the control of outsourced processes 9. Planning for design review, verification, and validation 10. Including a quality manual in the documentation 24 Auditor Training rev 0 022009 Toughest Requirements : Toughest Requirements 4.1 General Requirements 5.1 Management Commitment 5.4.1 Quality Objectives 5.4.2 Quality Management System Planning (vs. 7.1 Planning of Product Realization) 7.3.1 Design and Development Planning 25 Auditor Training rev 0 022009 Toughest Requirements : Toughest Requirements 7.5.2 Validation of Processes for Production and Service Provision 8.2.1 Customer Satisfaction 8.5.1 Continual Improvement 8.5.3 Preventive Action 26 Auditor Training rev 0 022009 Most Common Audit Findings : Most Common Audit Findings * Internal Audit Findings 1. Customer satisfaction data and assessment (8.2.1 . . . 2. Documentation gaps (4.2.3 . . . 3. Continual improvement process (8.5.1 . . . 4. Objectives not measurable (5.4.1 . . . 5. Collection and analysis of data (8.4 . . . 6-7. Top management commitment and responsibility (5.4 . . . 6-7. Record keeping gaps (4.2.4 . . . 8-9. Competency requirements (6.2.2 . . . 8-9. Effective control of processes (4.1 . . . * Ref. : <http://standardsgroup.asq.org/news/psi/IMS06-2002E-Implementing_ISO_9001-BD.pdf> 27 Auditor Training rev 0 022009 Most Common Audit Findings : Most Common Audit Findings * Registrar Audit Findings 1. Documentation gaps 2-3. Objectives not measurable 2-3. Top management commitment and responsibility 4. Continual improvement process 5-6. Customer satisfaction data and assessment 5-6. Effective control of processes 7-8. Collection and analysis of data 7-8. Record keeping gaps 9. Competency requirements * Ref. : <http://standardsgroup.asq.org/news/psi/IMS06-2002E-Implementing_ISO_9001-BD.pdf> 28 Auditor Training rev 0 022009 Comparison of Rankings : Comparison of Rankings Auditor Training rev 0 022009 29 Internal Audit Findings 1. Customer satisfaction data and assessment 2. Documentation gaps 3. Continual improvement process 4. Objectives not measurable 5. Collection and analysis of data 6-7. Top management commitment and responsibility 6-7. Record keeping gaps 8-9. Competency requirements 8-9. Effective control of processes Registrar Audit Findings 1. Documentation gaps 2-3. Objectives not measurable 2-3. Top management commitment and responsibility 4. Continual improvement process 5-6. Customer satisfaction data and assessment 5-6. Effective control of processes 7-8. Collection and analysis of data 7-8. Record keeping gaps 9. Competency requirements How to Audit Difficult Clauses : How to Audit Difficult Clauses 4.1 General Requirements Clause 4.1 covers the requirement for your organization to set up a quality management system and broadly defines the associated activities. These activities are described in greater detail in the remainder of the standard. And, when you audit these other clauses, you are in essence auditing clause 4.1. 30 Auditor Training rev 0 022009 How to Audit ISO 9001:2000, Clause 4.1 : How to Audit ISO 9001:2000, Clause 4.1 By recognizing its linkages to the clauses in the remainder of the standard. Audit those other areas well and you are in effect auditing clause 4.1. Auditor Training rev 0 022009 31 How to Audit Difficult Clauses : How to Audit Difficult Clauses 5.0 Management Responsibility 5.1 Management Commitment 5.4.1 Quality Objectives 5.4.2 Quality Management System Planning (vs. 7.1 Planning of Product Realization) 32 Auditor Training rev 0 022009 How to Audit Difficult Clauses : How to Audit Difficult Clauses 5.1 Management Commitment Look for evidence on how top managers ensure their commitment is well known throughout the organization and records that show how they are keeping their promise 33 Auditor Training rev 0 022009 How to Audit Difficult Clauses : How to Audit Difficult Clauses 5.4.1 Quality Objective Are You Setting SMART Quality Objectives? Is it specific? Is it measurable Is it achievable Is it relevant Is it timed? 34 Auditor Training rev 0 022009 How to Audit Difficult Clauses : How to Audit Difficult Clauses 5.4.2 Quality Management System Planning (vs. 7.1 Planning of Product Realization) Organizations must decide how to monitor, measure, and analyze their processes, as well as, be ready to implement the actions necessary to achieve planned results and continually improve the processes. Even outsourced processes are included in the planning. Determine how this is done using process approach. 35 Auditor Training rev 0 022009 How to Audit Difficult Clauses : How to Audit Difficult Clauses 7.0 Product Realization 7.1 Planning of Product Realization 7.3.1 Design and Development Planning 7.5.2 Validation of Processes for Production and Service Provision Determine how the quality plan is developed. 36 Auditor Training rev 0 022009 How to Audit Difficult Clauses : How to Audit Difficult Clauses 8.0 Measurement, analysis and Improvement 8.2.1 Customer Satisfaction 8.5.1 Continual Improvement 8.5.3 Preventive Action 37 Auditor Training rev 0 022009 Auditing Undocumented Process : Auditing Undocumented Process Auditing a Process that is Undocumented Refer to the guide provided to you separately Auditor Training rev 0 022009 38 Summary on Audit Practice : Summary on Audit Practice Audits examine compliance from three perspectives: Documents (or definitions) that indicate the process is adequate Records that show the process is implemented (being practiced) Results that prove the process is effective (objectives are met) By using the process approach in auditing, you will be able to gather all the evidence that you need in auditing for any clause that you may encounter in the field. Auditor Training rev 0 022009 39 EXERCISE No. 2 : EXERCISE No. 2 Auditor Training rev 0 022009 40 Internal Auditor Quiz The purpose of the exercise is to provide practice in assessing evidence in an objective manner.. Slide 41: Auditor Training rev 0 022009 41 Workshop Mock-up audit of Engineering Department 5.4.1 Quality Objectives 7.3.1 Design and Development Planning Tips on Auditing : Tips on Auditing Adjust your audit approach Evaluate the effectiveness of the system Remind auditors how to verify conformity Know how to audit an undocumented process Improve your current internal audit practices 42 Auditor Training rev 0 022009 Auditor Conduct : Auditor Conduct Be critical Be side-tracked Argue Swear Be late Be sarcastic Compare Pass opinions Apportion blame AN AUDITOR SHOULD NOT Code of Conduct for Auditors : Code of Conduct for Auditors Purpose To communicate the integrity, objectivity, confidentiality, and competence expected of internal auditors, as well as, to provide a means for them to pledge their commitment to these principles. Auditor Training rev 0 022009 44 Code of Conduct for Auditors : Code of Conduct for Auditors Integrity The integrity of internal auditors establishes trust and provides the basis for relying on their judgment. As an internal auditor, I pledge to: Perform my work with honesty, accuracy, fairness, and responsibility. Not engage in activities that might discredit the audit profession or my organization. Auditor Training rev 0 022009 45 Code of Conduct for Auditors : Code of Conduct for Auditors Objectivity Internal auditors must be objective in gathering, evaluating, and communicating information about the activities being examined. They must make a balanced and impartial assessment of all the relevant facts and not be unduly influenced by their interests, or those of others, in making judgments. As an internal auditor, I pledge to: 3. Not join in any activity or relationship that may affect my unbiased assessment. 4. Not accept anything that may impair, or appear to impair, my judgment. 5. Disclose all the material facts to avoid any distortion of my audit report. Auditor Training rev 0 022009 46 Code of Conduct for Auditors : Code of Conduct for Auditors Confidentiality Internal auditors must respect the value and ownership of the information they receive and not disclose it without the appropriate authority (unless obligated for legal or professional reasons). As an internal auditor, I pledge to: 6. Be prudent in the use and protection of the information acquired during my audit duties. 7. Not use the information for personal gain or in any way detrimental to the organization. Auditor Training rev 0 022009 47 Code of Conduct for Auditors : Code of Conduct for Auditors Competence Internal auditors must apply their knowledge, skills, and experience in the performance of their assessment duties. As an internal auditor, I pledge to: 8. Engage only in audits where I possess the needed knowledge, skills, and experience. 9. Perform audits in accordance with the procedures and practices of my organizations. 10. Continually improve my proficiency and the quality and value of my audit services. 11. Assist other auditors under my supervision to develop their audit management skills. 12. Report any complaints regarding my performance and address them to avoid recurrence. Auditor Training rev 0 022009 48 Addendum : Addendum Exercise No. 3 – take home exercise ISO 9000 : 2005 – ISO 9001: 2008 – Sample Question for Top Management Auditor Training rev 0 022009 49 Exercise No. 3 : Exercise No. 3 This is an exercise to see how nonconformities are reported This is a take-home exercise. The answer shall be submitted later. 50 Auditor Training rev 0 022009 Internal Auditor Quiz : Internal Auditor Quiz Answers for the ISO 9001:2000 Clause Quiz The correct clauses for the ten requirements are: 1. Reviewing the system at planned intervals = 5.6.1 [also 8.2.2 regarding audits] 2. Identifying the status of product measurements = 7.5.3 3. Maintaining process equipment = 6.3 (b) 4. Handling, packaging, and storing products = 7.5.5 5. Preventing the "recurrence" of nonconformities = 8.5.2 (not 8.5.3) 6. Maintaining evidence of conformity of acceptance criteria = 8.2.4 7. Ensuring requirements are complete and unambiguous = 7.3.2 [implied by 7.2.2 (a)] 8. Identifying the control of outsourced processes = 4.1 9. Planning for design review, verification, and validation = 7.3.1 (b) [implied by 7.1] 10. Including a quality manual in the documentation = 4.2.1 (b) How did you do on the quiz? Do you agree with these answers? 51 Auditor Training rev 0 022009 Back ISO 9000:2005 : ISO 9000:2005 It makes no changes to the basic principles of quality management stated in ISO 9000:2000 It is essentially a tidying-up exercise to ensure consistency within ISO Standards It will probably have little, or no real impact on our quality system Auditor Training rev 0 022009 52 ISO 9001:2008 : ISO 9001:2008 ISO 9001:2000 is due for an update in 2008. It is currently at Draft International Standard (DIS) stage Changes to the standard are very small It will replace ISO 9001:2000 Auditor Training rev 0 022009 53 How to Audit Difficult Clauses : How to Audit Difficult Clauses 6.0 Resource Management 6.1 Provision of Resources 6.2 Human Resources 6.3 Infrastructure 6.4 Work Environment 54 Auditor Training rev 0 022009 Process Approach Interview Question PDCA Note Check List Cheat Sheet Sample Question for Top Management : Sample Question for Top Management How do you influence/oversee the quality policy? What quality targets have been set for each department for this fiscal year? What about plant-wide targets? How did you influence these targets? What is your basis? How do you ensure that the integrity of the quality management system is maintained when changes are implemented? (i.e., costdowns, new products, hirings/layoffs...) How do you use our "Key Measurables" information to ensure continual improvement in quality? Auditor Training rev 0 022009 55 Sample Question for Top Management : Sample Question for Top Management How are your Objectives developed? How do you use the Policy? What does the System gain from Management Review? Please provide an example of Improvement within the company. "If you could do it, what one thing in the Management System would you improve?“ Auditor Training rev 0 022009 56 Sample Question for Top Management : Sample Question for Top Management How do you contribute to achieving your organization's objectives? How are objectives determined? How are employees trained on objectives? How is progress against objectives communicated to the organization? What processes and/or tools are in place to help achieve objectives? Is there evidence of progress? Auditor Training rev 0 022009 57 Back