QualityGurus.com

Overview of Auditing Process

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Planning and Preparation

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Opening Meeting

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Audit Interviews / Collect Information

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Closing Meeting

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Reporting

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Follow-up and Closure

QualityGurus.com

Audit Fundamentals - Agenda

Terms

Audit Purpose

Audit Types

Audit Criteria

Roles & Responsibilities

Liability

QualityGurus.com

AuditSystematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.

QualityGurus.com

AuditSystematic,

independent and

documented process

for

obtaining audit evidence2 and

evaluating it objectively to determine the extent to which the audit criteria1 are fulfilled.

QualityGurus.com

Audit CriteriaSet of policies, procedures or requirements used as a reference against which the audit evidence is compared.

QualityGurus.com

Audit CriteriaSet of policies,

procedures or

requirements

used as a reference

against which the audit evidence2 is compared.

QualityGurus.com

Audit EvidenceRecords, statement of facts or other information which are relevant to the audit criteria and verifiable.

QualityGurus.com

Audit EvidenceRecords,

statement of facts or

other information

which are relevant to the audit criteria1

and

verifiable.

QualityGurus.com

System, Product and Process Audits

System

Process

Product

QualityGurus.com

Product Audits

Assessment of fitness for use

Products meets the design requirements

QualityGurus.com

Process Audits

One specific process, activity or function

To compare the actual process with the documented requirements of the process.

QualityGurus.com

System Audits

Comprehensive audit of multiple processes

Includes the interaction between processes

QualityGurus.com

System, Product and Process Audits

System

Process

Product

QualityGurus.com

First, Second and Third Party Audits

InternalFirst Party

By ClientSecond Party

By a third party appointed by client

Third Party

QualityGurus.com

First Party Audits

Internal audits

Performed within an organization

Auditors have no vested interest in the area being audited

QualityGurus.com

Second Party Audits

Performed by Customers on suppliers

Before or after awarding a contract

QualityGurus.com

Third Party Audits

Performed by an audit organization independent of the customer-supplier relationship

Free from any conflict of interest

QualityGurus.com

First, Second and Third Party Audits

InternalFirst Party

ExternalSecond Party

ExternalThird Party

QualityGurus.com

Benefits of Internal Audits

Identify risks

Identify opportunities for improvement

Verify products fit for use

Procedures exist and are effective

Remedial actions are taken that are effective

Find the problems before the customer does

QualityGurus.com

Benefits of Internal Audits

Reduce rework, rejections

Avoid lawsuits by meeting legal / regulatory needs

Reduced cost

Build customer confidence

Maintain market standing and/or reputation

Increase sales

QualityGurus.com

Audit Objective, Scope, CriteriaAudit Objectives what is to be accomplished by the auditdefined by the audit client.

Audit Scope extent and boundaries of the audit,Satisfies the purpose of the audit

Audit Criteriareference against which conformity is determined

QualityGurus.com

Audit ObjectivesAudit objective should be consistent with the company objectives.

Audit objectives should be realistic and achievable

Objective to provide a clear focus for the audit.

QualityGurus.com

Audit ObjectivesExamples of audit programme objectives include the following:

to meet requirements for certification to a management system standard;

to verify conformance with contractual requirements;

to obtain and maintain confidence in the capability of a supplier;

to contribute to the improvement of the management system.

QualityGurus.com

Audit ScopeExtent and boundaries of an audit

Clearly defining the audit scope is important in determining the budget, human resources, and time required for the audit

Clear scope of the audit helps increase the efficiency and effectiveness of the audit.

QualityGurus.com

Audit Criteria

Set of policies, procedures or requirements used as a reference against which audit evidences are compared.

QualityGurus.com

Audit CriteriaSuppliers Quality System

Contracts

Purchase orders

Customer specifications

National or international standards

Industry codes and standards

Laws and regulations

QualityGurus.com

Key Audit Participants

Client

Auditor

Auditee

QualityGurus.com

Audit Participants

Client organization or person requesting an audit.

Auditor - person who conducts an audit

Auditee organization or individual being audited

QualityGurus.com

Client Responsibilities

Initiates audit

Determines audit purpose and scope

Provide resources

Receives the audit report

Determine the report distribution

Determines actions

QualityGurus.com

Auditor Responsibilities

Understand the purpose, scope and audit criteria.

Plans the audit

Perform the audit

Collect audit evidences

Analyze audit evidences

Reports the audit

Follows up the action on audit findings

QualityGurus.com

Auditee Responsibilities

Inform the staff

Provide resources (interview room, communications and clerical support)

Provide escorts

Show objective evidence

Co-operate

Determine and initiate corrective actions

QualityGurus.com

Other Audit Participants

Technical Expert

Observer

Guide

QualityGurus.com

Other Audit Participants

Technical expert - person who provides specific knowledge or expertise to the audit team.

Observer person who accompanies the audit team but does not audit.

Guide - person appointed by auditee to assist the audit team.

QualityGurus.com

IndependenceAuditors are independent when they render impartial and unbiased judgment in the conduct of audit.

Conflict of interest is a situation in which an internal auditor has a competing professional or personal interest.

Audit independence is essentially a state of mind. Internal auditors can not be physically independent from the organization they are working for, but they can always stay objective.

QualityGurus.com

ObjectivityObjectivity is a mental attitude which auditors should maintain while performing engagements.

The auditor should have an impartial, un-biased attitude and avoid conflict of interest situations.

It is sometimes described as independence of mind.

auditors are not to accept fees, gifts, or entertainment that may create the appearance that the auditor's objectivity has been impaired.

QualityGurus.com

Overview of Auditing Process

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Planning and Preparation

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Opening Meeting

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Audit Interviews / Collect Information

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Closing Meeting

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Reporting

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Follow-up and Closure

QualityGurus.com

Audit ProgrammeAudits are planned and documented

Formal and systematic

Are never informal

QualityGurus.com

Audit ProgrammeAn audit programme shall be planned, taking into consideration

the status of the processes

importance of the processes

areas to be audited,

the results of previous audits

Frequency also depends on Criticality of product or service

QualityGurus.com

Audit ResourcesThe number and composition of the auditor team depend upon:

Objective, Scope, Depth of auditCompetence of team membersTeam work, and ability to interact effectively with auditeestatutory, regulatory, contractual and accreditation / certification requirements,

QualityGurus.com

Audit ResourcesThe number and composition of the auditor team depend upon:

Language / cultural issuesType of audit (System, Process, Product)Specific technical expertiseLocation of auditCost considerationTime available

QualityGurus.com

Notify Auditee

Advance/formal notice to auditee

Gives auditee an opportunity to get their house in order

Incentive to improve their control systems

Letter to auditee Quality manager and top management

Should cover the requirements of the audit team

QualityGurus.com

Notify AuditeeContents of audit notification

General audit objectiveNames of audit team and team leaderOfficial contacts of lead auditorTime and location of entrance.Method of distribution of final audit report.

QualityGurus.com

Notify AuditeeContents of audit notification

Identification of areas of special concern Tentative audit schedule (to be reconfirmed in the opening meeting)Documents to be submitted prior to the audit for review.

QualityGurus.com

Document ReviewReview documents (criteria) related to the auditee organization

Contract, Specifications,

Quality Manual,

Procedures, Guidelines

Organization Charts

Codes and Regulations etc.

Previous audit reports/programs

QualityGurus.com

Document ReviewAdvantages of in-office review

Gain good understanding of the clientEnable the team to prepare relevant questions to the client during entrance meeting.Help the team to understand well the criteria (what is to be done; by whom and when).Saves the audit investigation time

QualityGurus.com

Identify Potential RisksIdentifying areas for audit emphasis (risk

area). These include:-Areas identified/documented in Risk Register.Area of high possibility of mis-management Where there is large volumes of transactions.Where management has expressed concerns.Where prior audit disclosed major weakness/deficiencies.

QualityGurus.com

Determining Auditor CompetenceFactors to consider:

Size, nature and complexity of organization to be audited.

Complexity of the management system to be audited

QualityGurus.com

Determining Auditor CompetencePersonal Behaviour

Auditing KnowledgeAudit principles, procedures and methods

Management system

Technical KnowledgeContractual requirements

Codes and standards

Discipline / Sector specific

QualityGurus.com

Personal Behaviour

Ethical

Open-minded

Diplomatic

Perceptive

Versatile

Tenacious

Decisive

Self-reliant

Acting with fortitude

Open to improvement

Culturally sensitive

Collaborative

QualityGurus.com

Negative Characteristics

Argumentative

Opinionated

Over-conclusive

Aggressive

Inconsiderate

Inconsistency

Inflexibility

Lazy

Impractical

Know-it-all

Indecisive

QualityGurus.com

Auditing Knowledge

Plan and organize

Time management

Prioritize and focus on significant issues

Interview, listen, observe and review documents

Communicate effectively

Understand the risks associated

QualityGurus.com

Management System Knowledge

Knowledge of Management Systems (e.g. ISO 9001)

QualityGurus.com

Technical KnowledgeDiscipline/ Sector specific knowledge

Legal requirements related to sector

Codes and standards

Contract / Purchase Order

QualityGurus.com

Role of Lead AuditorBalance the strength and weaknesses of team members

Manage the audit process

Represent the audit team

Lead the audit team

Prepare and complete the audit report

QualityGurus.com

Auditors Evaluation Criteria

Personal Behaviour

Auditing Knowledge

Technical Knowledge

Education

Work experience

Training

Audit Experience

QualityGurus.com

Audit LogisticsTime / location of

Arrival Opening meetingInterviewsClosing meeting

Facilities for the audit teamConference roomInternet connectionPersonal Protective Equipment (PPE)

QualityGurus.com

Audit LogisticsRestrictions

Out of bound areasUse of Camera

TravelTravel bookingsHotelTransport

QualityGurus.com

Checklists

Checklists

are useful

aides-mmoire.

QualityGurus.com

Purpose of the Audit ChecklistHelp in time management

Helps in note taking

Memory tool

To ensure that all areas have been covered

Evidence of audit effectiveness

The checklists should be a good servant, never the master, of the auditor.

QualityGurus.com

Generic vs Specific Checklists

Generic checklists

Supplement with specific items

Specific Checklists

Prepared for a specific use.

QualityGurus.com

ChecklistsDeveloped by Lead auditor or auditor

Based on audit purpose and scope

Questions should be open-ended

Should have space to record response

Sent to auditee prior to audit, usually at the time of notification

QualityGurus.com

Scoring vs Non-scoring ChecklistsScoring checklists:

Used for comparison purpose

Score may become goal, bias in marking

Non-scoring checklists:

Good for continuous improvement and are flexible

QualityGurus.com

Advantages of ChecklistsPromotes planning for the audit

Thorough coverage of the scope

Time management during audit

Consistent audit approach

Serves as a memory aid

Objective evidence that audit was performed

Information base for future audits

QualityGurus.com

Disadvantages of Checklists

Questionnaires narrow the vision

Questionnaires may obstruct communication

Too strict following of the checklist may result in omission of important audit trails

Generic checklists may not add any value

QualityGurus.com

Auditing Strategy

Trace forward

Trace backward

Random selection

QualityGurus.com

Auditing Strategy

Trace ForwardExamination from beginning to the end

Beneficial to get the whole picture from the start to finish

Trace BackwardBeginning at the end and working back through the process

Understanding of end objective is attained right away

All product records exist

QualityGurus.com

Auditing Strategy

Random SelectionAlternate method instead of tracing

Advantage:Where time and personnel are limitedMost frequently usedUse of flowchart to identify important steps in flowFlexible and saves time

Disadvantage:Additional note takingDifficulty in understanding the process flowExperienced auditor required

QualityGurus.com

Auditing Strategy

Department Audit (or Vertical audit)Several system elements are audited in a single department

Saves times (+)

Judges company on management of one department (-)

Auditor should be very familiar with the requirements

QualityGurus.com

Auditing Strategy

Element Audit method (Horizontal)To satisfy elements on checklist several departments audited

Adequacy of the system is easier for auditor to judgeMore time to trace each element

QualityGurus.com

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

Opening Meeting

QualityGurus.com

Planning

Select the team

Prepare plan

Prepare working documents

Logistics

QualityGurus.com

Notify the Auditee

Audit Plan

TimetableChecklists

QualityGurus.com

Notify the Audit Team

Dates & durationDetailed planIndividual tasksResults of document reviewAny special requirements

QualityGurus.com

Opening Meetings Participants

Auditee senior management (minimum

Management Rep.)

Quality Manager

Audit guides

All audit team participates

Lead Auditor chairs the meeting

QualityGurus.com

Opening Meeting Agenda

Safety topic (evacuation, PPE)

Introduce the team

Objective, scope & criteria

Review audit plan and meeting times

Explain about sampling

Confidentiality

Method of reporting (grading)

QualityGurus.com

Opening Meeting Agenda

Confirm staff aware & available

Confirm resources and facilities

Confirm availability of guides

Reporting on findings

Closing meeting time and location

Questions

QualityGurus.com

Audit Interview / Data Collection

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

QualityGurus.com

Audit Interview / Data Collection

Questioning / Interviewing

Observation / Verification

Document review / verification

Taking Notes

Corroboration

Generate Audit Findings

Prepare Audit Conclusion

QualityGurus.com

Questioning Technique

Questions should:

Yield the relevant information

Should not suggest answers

Should not contain emotive words

QualityGurus.com

Questioning Technique

Ask questions in conversational manner

Weave questions into general conversation

QualityGurus.com

Questioning Technique

Open questions

Closed questions

Clarifying questions

QualityGurus.com

Open Questions

What? Why? Where? Who? When? How?

Advantage: Yield informative answer

Limitation: May lead to conversation get side-tracked!

One way to avoid diluting:

Show me!

QualityGurus.com

Closed Questions

Closed questions - answer: Yes/No

Open questions - answer: few words

Intended to yield very specific information

Disadvantages:Do not bring much informationIf used too often may create Impression of cross -examination

QualityGurus.com

Clarifying Questions

Intended to clarify, retrieve full information and prevent misunderstanding

Disadvantages:If used too often may create impression that you were not listeningAre time-consumingIf you are not prepared to listen in full dont ask them

QualityGurus.com

Tips for a Successful Audit

Establish suitable climate

Put auditee at ease

Use proper questioning technique

Use open questions and sparingly closed questions

QualityGurus.com

Observations

Keep observing the physical evidence:ProductsEquipmentInstrumentsConditionsOperations

QualityGurus.com

Observations

What is it used for?

Need it be calibrated?

Was it calibrated?

Is there a record?

What is the reading?

Is the reading within the acceptable range?

QualityGurus.com

Observations

Identification?

Status with respect to measurement and monitoring?

Storage location & conditions?

QualityGurus.com

Document Review

Quality Manual

Procedures

Work Instructions

Records

QualityGurus.com

Document Review

Document review to determine the conformity to the system.

QualityGurus.com

Document Review

Sample of Records:

No time to check everything

Select representative sample

No set percentage

Representation of actions

Cover relevant period

QualityGurus.com

Notes Taking

Explain the need to take notes to auditee

Make your notes:ComprehensiveAccuratePreciseLegible

QualityGurus.com

Notes Taking

Documents:Title and document number

Revision number

Issue date

Location where seen the document

Part:Part description

Identification number

QualityGurus.com

Notes Taking

Person:Name

Title

Department

QualityGurus.com

CorroborationTo strengthen with other evidence, to make more certain.

More important for data/information which could be questionable/doubtful.

Confirming or verifying using multiple sources.

QualityGurus.com

Generate Audit FindingsEvaluate audit evidence against audit criteria

Audit finding can be conformity or nonconformity

Nonconformity may be graded

Review with auditee for accuracy of audit evidence

Review audit findings with audit team at appropriate stages

QualityGurus.com

Audit ConclusionAudit team meets prior to the closing meeting to:

Review audit findings

Agree on audit conclusions

Prepare recommendations, if specified by audit plan

Discuss audit follow-up

Achievement of audit objective, coverage of audit scope, and fulfilment of audit criteria.

QualityGurus.com

Closing Meeting

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

QualityGurus.com

Closing Meeting Participants

Auditee senior management (minimum

Management Rep.)

Quality Manager

Audit guides

All audit team participates

Lead Auditor chairs the meeting

QualityGurus.com

Closing Meeting AgendaSafety topic

Explain about sampling

Method of reporting (grading)

Process of handling of audit findings

Presentation of audit findings

Draft report

Recommendations?

Any disagreement

QualityGurus.com

Audit Report

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

QualityGurus.com

Audit Report ResponsibilityProduct of the Audit

The Lead Auditor is responsible for content, accuracy and submittal in a timely fashion

QualityGurus.com

Audit Report EthicsFormal Audit report should begin immediately after the close-out meeting, while audit details are fresh.

Findings not from the exit meeting or not included in the draft audit report.

Pressure from management to alter the report

QualityGurus.com

Audit Report TimingComplete as soon as possible

Problems with Formal Report procrastination

-The longer it is put off, the lesser interest in pursuing the corrective actions

-Comes to a backseat because of more other priorities

-A signal to the auditee management not important as was initially believed

QualityGurus.com

What not to be includedConfidential or proprietary information

Subjective opinions

Recommendation

Minor deficiencies discovered and corrected during the audit (maintain only in the working papers future audits)

QualityGurus.com

What not to be includedName of individual employees

Nit-pick (trivial many)

Emotional or argument statements

Items not presented in the draft report or exit interview

More than six or seven major findings

QualityGurus.com

ContentsContent of a Standard formal report format

-Cover sheet

-Main body of the report

-Findings and Observations

QualityGurus.com

ContentsThe Cover Sheet

- Audit reference number

- Date of issue

- Company name

- Location

- Area/function audited

QualityGurus.com

ContentsThe Cover Sheet

- Name of Auditor / Lead Auditor

- Auditees interviewed

- Audit purpose, scope, criteria

- Distribution list

- An executive summary of findings

QualityGurus.com

ContentsMain Body of the Report

- Strengths or Positive Findings

- Audit findings and evidences

- A statement on the degree to which the audit criteria have been fulfilled.

- Nonconformities to be addressed.

QualityGurus.com

Contents per ISO 19011:2011The audit report should provide a complete, accurate, concise and clear record of the audit and should include or refer to the following:Audit objective

Audit scope

Audit client

Audit team leader & team members

Date and location of the audit activities

Audit criteria

Audit findings

Audit conclusions

QualityGurus.com

Report RetentionImportance of Retaining

Follow up on continuing Corrective Action successDeveloping future checklistsStarting point for the future auditsPotential litigation purpose

QualityGurus.com

Report RetentionHow long to retain?

As required by the Audit Program, or Client

Companys record retention policy

QualityGurus.com

Follow-up and Closure

Planning and Preparation

Opening Meeting

Audit Interviews

Closing Meeting

Reporting

Follow-up and Closure

QualityGurus.com

Audit Follow-upDepending upon the audit objective auditee undertakes

Correction

Corrective ActionPreventive Action

Within agreed timeframe

QualityGurus.com

Audit Follow-upAuditee keep audit team informed of these actions

Completion and effectiveness is verified

Verification may be part of a subsequent audit.

QualityGurus.com

Audit ClosureAudit is complete when all planned activities have been carried out, or agreed with the audit client.

Audit records to be retained or destroyed. (as per procedure or applicable requirements)