Professional Documents
Culture Documents
03 Day's Internal Auditor Training Content On ISO 9001 2015
03 Day's Internal Auditor Training Content On ISO 9001 2015
3,000 1,000+
laboratories
auditors
and offices
100,000 100+
audits countries
2
OUR HERITAGE
1886 2011
3
OUR ORGANISATION
Quality Assurance
RULES FOR LIVE VIRTUAL CLASSROOM
Concept of quality
01 06 Audit Program & Planning
Intertek Academy 6
01
CONCEPT OF QUALITY
WHAT IS QUALITY
Dr. Kaoru Ishikawa – “Most Economical, useful and always satisfactory to the customer
or audience”
Intertek Academy 8
WHAT IS QUALITY
• An organization focused on quality promotes a culture that
results in the behavior, attitudes, activities and processes that
deliver value through fulfilling the needs and expectations of
customers and other relevant interested parties.
Intertek Academy 9
A QMS comprises activities by which the organization
identifies its objectives and determines the processes
and resources required to achieve desired results.
Intertek Academy 11
QMS BENEFITS
Intertek Academy 12
QUALITY
MANAGEMENT
PRINCIPLES
02
QUALITY MANAGEMENT PRINCIPLES
Engagement
of People
Leadership
Process Approach
Relationship
Improvement management
Evidence-based
decision making
Intertek Academy 14
HIGH LEVEL STRUCTURE
03
KEY CHANGES IN STRUCTURE
Intertek Academy 17
P-D-C-A
— Plan: establish the objectives of the system and its processes, and the resources needed to
deliver results in accordance with customers’ requirements and the organization’s policies, and
identify and address risks and opportunities;
— Do: implement what was planned;
— Check: monitor and (where applicable) measure processes and the resulting products and
services against policies, objectives, requirements and planned activities
Intertek Academy 18
OVERVIEW OF
QMS
04
IMPORTANT!
Intertek Academy 21
• Unlike ISO 9001:2008, any clause of ISO
9001:2015 may be considered for exclusion if
EXCLUSIONS there is sufficient and clear justification for the
exclusion.
Intertek Academy 22
PROCESS APPROACH
Process- “Set of interrelated or interacting activities that use inputs to deliver an intended results. “
This International Standard promotes the adoption of a process approach when developing,
implementing and improving the effectiveness of QMS, to enhance customer satisfaction by meeting
customer requirements.
Understanding and managing interrelated processes as a system contributes to the organization’s
effectiveness and efficiency in achieving its intended results. This approach enables the organization to
control the interrelationships and interdependencies among the processes of the system, so that overall
performance of the system can be enhanced.
Management of the processes and the system as whole can be achieved using P-D-C-A cycle with an
overall focused on risk based thinking aimed at taking advantages of opportunities and preventing
undesirable results.
The application of the process approach in the QMS system enables:
a)Understanding and consistency in meeting requirements
b) The consideration of processes in terms of added value
c) The achievement of effective process performance.
d)Improvement of processes based on evaluation of data
Intertek Academy 23
SCOPE
This International Standard specifies requirements for a quality management system when an
organization:
a) needs to demonstrate its ability to consistently provide products and services that meet customer
and applicable statutory and regulatory requirements, and
b) aims to enhance customer satisfaction through the effective application of the system, including
processes for improvement of the system and the assurance of conformity to customer and applicable
statutory and regulatory requirements.
All the requirements of this International Standard are generic and are intended to be applicable to any
organization, regardless of its type or size, or the products and services it provides.
NOTE 1 In this International Standard, the terms “product” or “service” only apply to products and
services intended for, or required by, a customer.
NOTE 2 Statutory and regulatory requirements can be expressed as legal requirements.
Intertek Academy 24
RISK BASED THINKING
The term ‘issue’ covers problems and important matters related to the
QMS which need to be addressed.
Intertek Academy 27
4. CONTEXT OF THE ORGANIZATION (CONT.)
Intertek Academy 28
4. CONTEXT OF THE ORGANIZATION (CONT.)
Intertek Academy 29
EXTERNAL & INTERNAL INTERESTED PARTIES
Intertek Academy 31
ISSUES WITH INTERESTED PARTIES
Auditors to verify if the organization
has followed following approach towards Context
Practice Session:
Work with your team and give example of audit evidence that auditors could gather
and evaluate to determine conformity/nonconformity with this requirement
It’s not mandatory but any of the following methods could be deployed: SWOT
analysis, PEST or PESTLE analysis, SOAR, Porter’s Five Forces Analysis, Value Chain
Analysis, etc.
Intertek Academy 33
SECTION 4.3 DETERMINING THE SCOPE OF THE QUALITY
MANAGEMENT SYSTEM
The scope must be made available and be maintained as documented information.
The scope needs to state the products and services covered by the quality management
system and must also include any justifications or instances where specific elements of
ISO 9001:2015 cannot be applied (for example, where a required process is not
undertaken).
Intertek Academy 34
SECTION 4.4 QUALITY MANAGEMENT SYSTEM
Intertek Academy 35
LEADERSHIP,
PLANNING AND
SUPPORT
(CLAUSE 5, 6 AND 7)
Purpose of this session: To understand the
changes made to the standard ISO 9001
5. LEADERSHIP
Intertek Academy 37
LEADERSHIP AND MANAGEMENT
Intertek Academy 38
5. LEADERSHIP (CONT.)
CHECK if the organization:
• has established a management system policy and objectives
compatible with the strategic direction of the organization;
• has integrated the requirements of the management system
(MS) into the organization’s processes;
• has assigned and communicated responsibilities and
authorities relevant to MS conformance and reporting on MS
performance;
• has communicated the importance of effective management
and conforming to the MS;
• supports persons to contribute to the effectiveness of the MS.
Intertek Academy 39
6. PLANNING
Intertek Academy 42
AUDITING RISKS & OPPORTUNITIES
Intertek Academy 43
AUDITING RISK TREATMENTS IN QMS RISK ASSESSMENTS
Practically in Normal Life, you use the same sequence in treating any risk.
RISK LEVEL
• No control can make risk I
R
to ZERO D E
U S
Low
• Risk is under control as A
I
D
long as CONTROLS ARE
R
1 - 40 L U E
S
A
EFFECTIVE L
I
D
U
A
L
Intertek Academy 45
VERIFY RISK VISION IS PERSISTING
THE COMPANY
ISO 9001:2015
Risk Based Thinking (Risk Management) &
Corrective Actions require BIGGER VISION.
Intertek Academy 46
6.2 QUALITY OBJECTIVES AND PLANNING TO ACHIEVE THEM
“The organization shall establish quality objectives at relevant functions, levels and processes. The quality
objectives shall
•a) be consistent with the quality policy,
•b) be measurable (if practicable),
•c) take into account applicable requirements,
•d) be relevant to conformity of products and services and the enhancement of customer satisfaction,
•e) be monitored,
•f) be communicated, and
•g) be updated as appropriate.
The organization shall Maintain documented information on the quality objectives.
When planning how to achieve its quality objectives, the organization shall determine
•a) what will be done,
•b) what resources will be required (see 7.1),
•c) who will be responsible,
•d) when it will be completed, and
•e) how the results will be evaluated. “
Intertek Academy 47
6.3 PLANNING OF CHANGES
“The organization shall determine the needs and opportunities for change to maintain and improve
the performance of the QMS.
The organization shall undertake change in a planned and systematic manner, identifying risks and
opportunities and reviewing the potential consequences of change.
Intertek Academy 48
7. SUPPORT
Intertek Academy 49
7. SUPPORT
Intertek Academy 50
7. SUPPORT (CONTD..)
Cl. 7.1.3 – Infrastructure
CHECK that the organization determines,
provides and maintains
the infrastructure necessary for the
operation of its processes and to achieve
conformity of products and services – is
justified to the business
Intertek Academy 52
7.1.5 MONITORING AND MEASURING RESOURCES
“Where monitoring or measuring is used for evidence of conformity of products and services to specified
requirements the organization shall determine the resources needed to ensure valid and reliable
monitoring and measuring results.
The organization shall retain appropriate documented information as evidence of fitness for purpose of
monitoring and measurement resources.”
Intertek Academy 53
7.1.5 MONITORING AND MEASURING DEVICES
“Where measurement traceability is: a statutory or regulatory requirement; a customer or relevant interested
party expectation; or considered by the organization to be an essential part of providing confidence in the
validity of measurement results; measuring instruments shall be:
verified or calibrated at specified intervals or prior to use against measurement standards traceable to
international or national measurement standards. Where no such standards exist, the basis used for calibration
or verification shall be retained as documented information;
identified in order to determine their calibration status;
safeguarded from adjustments, damage or deterioration that would invalidate the calibration status and
subsequent measurement results.
The organization shall determine if the validity of previous measurement results has been adversely affected
when an instrument is found to be defective during its planned verification or calibration, or during its use, and
take appropriate corrective action as necessary.”
Intertek Academy 54
7. SUPPORT (CONT.)
7.1.6 Organizational knowledge
Intertek Academy 55
7. SUPPORT (CONT.)
7.1.6 Organizational knowledge (Cont..)
CHECK
NOTE 1 Organizational knowledge is knowledge
specific to the organization; it is generally gained
by experience. It is information that is used and
shared to achieve the organization’s objectives.
NOTE 2 Organizational knowledge can be based
on:
• internal sources (e.g. intellectual property;
knowledge gained from experience; lessons learned
from failures and successful projects; capturing and
sharing undocumented knowledge and experience;
the results of improvements in processes, products
and services);
• external sources ( e.g. standards; academia;
conferences; gathering knowledge from customers
or external providers).
Intertek Academy 56
7.2 COMPETENCE
Intertek Academy 57
7.3 AWARENESS
Intertek Academy 58
7.4 COMMUNICATION
“The organization shall determine the internal and external communications relevant to
the quality management system including
•a) on what it will communicate,
•b) when to communicate, and
•c) with whom to communicate.
•d) how to communicate "
Intertek Academy 59
7. SUPPORT (CONT.)
Intertek Academy 61
AUDITOR’S FOCUS FOR DOCUMENTS MAPPING WITH PROCESSES
Intertek Academy 62
7.5.3 CONTROL OF DOCUMENTED INFORMATION
7.5.3.1 CHECK
Identity
Intertek Academy 63
7.5.3 CONTROL OF DOCUMENTED INFORMATION (CONTD..)
Intertek Academy 64
7.5.3 CONTROL OF DOCUMENTED INFORMATION (CONTD..)
NOTE
Access can imply a decision regarding the permission to view the documented
information only, or the permission and authority to view and change the documented
information
Intertek Academy 65
REMEMBER!
Intertek Academy 66
PROCESS DOCUMENTATION
Intertek Academy 67
DOCUMENTED INFORMATION TO BE MAINTAINED
Intertek Academy 68
DOCUMENTED INFORMATION TO BE RETAINED
Intertek Academy 72
PROCESSES
The definition:
The transformation of a set of inputs into outputs.
Intertek Academy 73
PROCESS MAPPING
When faced with a large or difficult task the simplest way to proceed is to
break it down into manageable stages
Once charted, the process is discussed with the people doing the job and
their confirmation
Intertek Academy 74
EXAMPLE PROCESS MAP
Start
NO
A Watch TV
YES
Refer to TV Guide
Select Program
Turn on TV
Select Channel
NO
Like Prog
YES
Enjoy
Performance
Intertek Academy 75
Drill Down
Raise invoice
Customer Allocate stock
Receive Orders despatch notes
and confirm order
etc
Customer
J Staples M Curtis S Forrest
Show
ownership
Administration Finance IT & Plant Quality
Show
J Staples Peter Ward G Nash Tracey Jorden supporting
functions
Intertek Academy 76
OPERATION
(CLAUSE 8)
“The organization shall plan, implement and control the processes, as outlined in 4.4, needed to meet requirements for
the provision of products and services and to implement the actions determined in 6.1, by
a) determining requirements for the product and services;
•b) establishing criteria for the processes and for the acceptance of products and services
•c) determining the resources needed to achieve conformity to product and service requirements;
•b) implementing control of the processes in accordance with the criteria, c) retaining documented information
to the extent necessary to have confidence that the processes have been carried out as planned and to
demonstrate conformity of products and services to requirements.”
ISO 9001:2015
•
SECTION 8.1 OPERATIONAL PLANNING AND CONTROL
“The output of this planning shall be suitable for the organization's operations.
The organization shall control planned changes and review the consequences of unintended
changes, taking action to mitigate any adverse effects, as necessary.
The organization shall ensure that the outsourced processes are controlled in accordance with
8.4. “
8.2 DETERMINATION OF REQUIREMENTS FOR PRODUCTS AND
SERVICES. 8.2.1. CUSTOMER COMMUNICATION
“The organization shall establish a process for communicating with customers in relation to
b) it has the ability to meet the defined requirements and substantiate the claims for the
products and services it offers.”
8.2.3 REVIEW OF REQUIREMENTS RELATED TO THE PRODUCTS AND
SERVICES
“The organization shall review as applicable
•a) requirements specified by the customer including the requirements for delivery and post-
delivery activities,
•b) requirements not stated by the customer but necessary for the customers‘ specified or
intended use, where known,
•c) Additional statutory and regulatory requirements applicable to the products and services, and
•d) contract or order requirements differing from those previously expressed.
Note: Requirements can also include those arising from relevant interested parties”
8.3 DESIGN AND DEVELOPMENT OF PRODUCTS AND SERVICES;
8.3.1 GENERAL
“Where the detailed requirements of the organization’s products and services are not already
established or not defined by the customer or by other interested parties, such that they are adequate
for subsequent production or service provision, the organization shall establish, implement and
maintain a design and development process.
NOTE 1 The organization can also apply the requirements given in 8.5 to the development of processes
for production and services provision
NOTE 2 For services, design and development planning can address the whole service delivery process.
The organization can therefore choose to consider the requirements of clauses 8.3 and 8.5 together”
8.3.2 DESIGN AND DEVELOPMENT PLANNING
“In determining the stages and controls for design and development, the organization shall consider:
a) the nature, duration and complexity of the design and development activities;
b) requirements that specify particular process stages, including applicable design and development reviews;
c) the required design and development verification and validation;
d) the responsibilities and authorities involved in the design and development process;
e) the need to control interfaces between individuals and parties involved in the design and development
process;
f) the need for involvement of customer and user groups in the design and development process;
g) the necessary documented information to confirm that design and development requirements have been
met.”
ISO 9001:2015
8.3.3 DESIGN AND DEVELOPMENT INPUTS
“The organization shall determine:
a) requirements essential for the specific type of products and services being designed and developed,
including, as applicable, functional and performance requirements;
b) applicable statutory and regulatory requirements;
c) standards or codes of practice that the organization has committed to implement;
d) internal and external resource needs for the design and development of products and services;
e) the potential consequences of failure due to the nature of the products and services;
f) the level of control expected of the design and development process by customers and other relevant
interested parties.
Inputs shall be adequate for design and development purposes, complete, and unambiguous. Conflicts
among inputs shall be resolved.”
ISO 9001:2015
8.3.4 DESIGN AND DEVELOPMENT CONTROLS
“The controls applied to the design and development process shall ensure that:
a) the results to be achieved by the design and development activities are clearly defined;
b) design and development reviews are conducted as planned;
c) verification is conducted to ensure that the design and development outputs have met the design
and development input requirements;
d) validation is conducted to ensure that the resulting products and services are capable of meeting
the requirements for the specified application or intended use (when known).”
ISO 9001:2015
8.3.5 DESIGN AND DEVELOPMENT OUTPUTS
The organization shall retain the documented information resulting from the design and
development process.”
ISO 9001:2015
8.3.6 DESIGN AND DEVELOPMENT CHANGES
“The organization shall review, control and identify changes made to design inputs and design
outputs during the design and development of products and services or subsequently, to the
extent that there is no adverse impact on conformity to requirements.
The organization shall establish and apply criteria for the evaluation, selection, monitoring of
performance and re-evaluation of external providers based on their ability to provide processes or
products and services in accordance with specified requirements.
The organization shall retain appropriate documented information of the results of the evaluations,
monitoring of the performance and re-evaluations of the external providers.”
ISO 9001:2015
8.4 CONTROL OF EXTERNALLY PROVIDED PRODUCTS AND SERVICES - KEY
CHANGES
▪To replace Section 7.4.1 and 7.4.3 from ISO 9001:2008.
▪Extended platform adopted by DIS: 2014. The requirement now now explicitly sets out those instances in
which the organisation must apply controls to external providers
▪The new requirement here is to establish criteria to monitor the performance of external providers and
to have the results of the evaluation, re-evaluation and performance as documented information.
▪ In ISO 9001:2008 sub-clause 7.4.1, it is required to keep records of the “criteria” for selection, evaluation
and re-evaluation of the suppliers. Whereas, in ISO 9001:2015, organisations are required to record not
only the criteria, but also the results of these activities, including performance.
▪Note: an “external provider” is a provider external to the scope of the quality management system. As
such, if a scope of registration covers a single plant in a wider group structure then anything sourced from
other members of the group would be “externally provided” and hence subject to the requirements of
clause 8.4
8.4.2 TYPE AND EXTENT OF CONTROL OF EXTERNAL PROVISION
“In determining the type and extent of control to be applied to the external provision of processes,
products and services, the organization shall take into consideration:
a) the potential impact of the externally provided processes, products and services on the,
organization’s ability to consistently meet customer and applicable statutory and regulatory
“The organization shall establish and implement verification or other activities necessary to
ensure the externally provided processes, products and services do not adversely affect the
organisation's ability to consistently deliver conforming products and services to its customers.
Processes or functions of the organization which have been outsourced to an external provider
remain within the scope of the organization’s quality management system; accordingly, the
organization shall consider a) and b) above and define both the controls it intends to apply to
the external provider and those it intends to apply to the resulting process output.”
ISO 9001:2015
8.4.3 INFORMATION FOR EXTERNAL PROVIDERS
“The organization shall communicate to external provider applicable requirements for the following:
•a) the products and services to be provided or the process to be performed, on behalf of the
organization
•b) approval or release of products and services, methods, processes or equipment,
•c) competence of personnel, including necessary qualification,
•d) their interactions with organization’s quality management system,
•e) the control and monitoring of the external provider’s performance to be applied by the
organization,
•f) verification activities that the organization, or its customer, intends to perform at the external
provider’s premises.
The organization shall ensure the adequacy of specified requirements prior to their communication to the
external provider. ”
ISO 9001:2015
8.5 PRODUCTION AND SERVICE PROVISION 8.5.1 CONTROL OF
PRODUCTION AND SERVICE PROVISION
“The organization shall implement controlled conditions for production and service provision, including delivery
and post-delivery activities.
Controlled conditions shall include, as applicable:
a) the availability of documented information that describes the characteristics of the products and services;
b) the availability of documented information that describes the activities to be performed and the results
achieved, as necessary;
c) monitoring and measurement activities at appropriate stages to verify that criteria for control of processes and
process outputs, and acceptance criteria for products and services, have been met.
d) the use and control of suitable infrastructure and process environment;
e) the availability, and use of monitoring and measuring resources;
f) the competence and, where applicable, required qualification of persons;
g) the validation and periodic revalidation, of the ability to achieve planned results of any process for production
of service provision where the resulting output cannot be verified by subsequent monitoring or measurement;
h) the implementation of products and services release, delivery and post-delivery activities; “
ISO 9001:2015
8.5.2 IDENTIFICATION AND TRACEABILITY
“Where necessary to ensure conformity of products and services, the organization shall use suitable
means to identify process outputs.
The organization shall identify the status of process outputs with respect to monitoring and
measurement requirements throughout the production of products and services.
Where traceability is a requirement, the organization shall control the unique identification of the
process outputs, and retain any documented information necessary to maintain traceability..
Note: Process outputs are the results of any activities which are ready for delivery to the
organization’s customer (e.g. receiver of the inputs to the next process). They can include products,
services, intermediate parts, components, etc. “
ISO 9001:2015
8.5.3 PROPERTY BELONGING TO CUSTOMERS OR EXTERNAL PROVIDERS
“The organization shall exercise care with property belonging to the customer or external providers while it is
under the organization's control or being used by the organization. The organization shall identify, verify,
protect and safeguard the customer or external provider’s property provided for use or incorporation into the
products and services.
When property of the customer or external provider is incorrectly used, lost, damaged or otherwise found to
be unsuitable for use, the organization shall report this to the customer or external provider
NOTE Customer property can include material, components, tools and equipment, customer premises,
intellectual property and personal data..”
ISO 9001:2015
8.5.4 PRESERVATION
“The organization shall ensure preservation of process outputs during production and service provision to
the extent necessary to maintain conformity to requirements.
ISO 9001:2015
8.5.5 POST DELIVERY ACTIVITIES
“As applicable, the organization shall meet requirements for post delivery activities associated with the
products and services.
In determining the extent of post-delivery activities that are required, the organisation shall consider:
a) the risks associated with the products and services,
b) the nature, use and intended lifetime of the products and services;
• b) customer feedback, and
•c) statutory and regulatory requirements.
NOTE Post-delivery activities can include, actions under warranty provisions, contractual obligations such as
maintenance services, and supplementary services such as recycling or final disposal.”
ISO 9001:2015
8.5.6 CONTROL OF CHANGES
“The organization shall review and control unplanned changes essential for production and service
provision to the extent necessary to ensure continuing conformity with specified requirements
The organization shall retain documented information describing the results of the review of changes,
the personnel authorizing the change, and any necessary actions.”
ISO 9001:2015
8.6 RELEASE OF PRODUCTS AND SERVICES
“The organization shall implement the planned arrangements at appropriate stages to verify that products
and services requirements have been met. Evidence of conformity with the acceptance criteria shall be
maintained.
The release of products and services to the customer shall not proceed until the planned arrangements for
verification of conformity have been satisfactorily completed, unless otherwise approved by a relevant
authority and, where applicable, by the customer. Documented information shall provide traceability to
the person(s) authorizing release of products and services for delivery to the customer”
ISO 9001:2015
8.7 CONTROL OF NONCONFORMING PROCESS OUTPUTS,
PRODUCTS AND SERVICES
“The organization shall ensure process outputs, products and services that do not conform to
requirements are identified and controlled to prevent their unintended use or.
The organization shall take appropriate corrective actions, based to the nature of the
nonconformity and its impact on the conformity of products and services. This applies also to
nonconforming products and services detected after delivery of the products or during the
provision of the service.”
ISO 9001:2015
8.7 CONTROL OF NONCONFORMING PROCESS OUTPUTS,
PRODUCTS AND SERVICES
“As applicable, the organization shall deal with nonconforming process outputs, products and services in one or more
of the following ways.
a) correction;
b) segregation, containment, return or suspension of provision of products and services;
c) informing the customer;
d) obtaining authorization for:
- use “as-is’;
- release, continuation or re-provision of the products and services;
- acceptance under concession.
Where nonconforming process outputs, products and services are corrected, conformity to the requirements shall be
verified.
The organization shall retain documented information of actions taken on nonconforming process outputs, products
and services, including on any concessions obtained and on the person or authority that made the decision regarding
dealing with the nonconformity.”
9. PERFORMANCE EVALUATION
9.1 MONITORING, MEASUREMENT, ANALYSIS AND EVALUATION
“The organization shall ensure that monitoring and measurement activities are implemented in
accordance with the determined requirements and shall retain appropriate documented
information as evidence of the results.
The organization shall evaluate the quality performance and the effectiveness of the quality
management system. “
Note Operation of a function or process of the organization by an external provider is often
referred to as outsourcing.”
ISO 9001:2015
9.1.2 CUSTOMER SATISFACTION
“The organization shall monitor customer perceptions of the degree to which requirements have been met.
The organization shall obtain information relating to customer views and opinions of the organization and its
products and services.
The methods for obtaining and using this data shall be determined.
Note: Information related to customer views can include customer satisfaction or opinion surveys, customer
data on delivered products or services quality, market-share analysis, compliments, warranty claims and
dealer reports.”
ISO 9001:2015
9.1.3 ANALYSIS & EVALUATION
“The organization shall analysis and evaluate appropriate data and information arising from monitoring and
measurement.
The results of analysis shall be used to evaluate:
a)Conformity of products and services
b) The degree of customer satisfaction
c) The performance and effectiveness of the QMS
d) If planning has been implemented effectively
e) The effectiveness of the action taken to address risk and opportunities
f) The performance of external providers
g) The needs for improvement to the QMS.
INTERNAL AUDITS & MANAGEMENT REVIEW
Improvements
Nonconformity & corrective actions
Continual improvement
06
AUDIT PROGRAM &
PLANNING
AUDIT PROCESS – BIRD’S EYE VIEW
Compliance >
Audit program
An audit program (or programme)
is a set of arrangements that are
intended to achieve a specific
audit purpose within a specific
time frame. It includes all of the
activities and resources needed
to plan, organize, and conduct
one or more audits.
Audit plan
An audit plan specifies how you
intend to conduct a particular
audit. It describes the activities
you intend to carry out in order to
achieve your audit objectives.
REASONS FOR CONDUCTING INTERNAL AUDITS
Used to ensure that all elements and relevant requirements contained in the
standard are covered and nothing is omitted
Considerations
• Interview
• Review of documented information
• Examine Objective Evidence
• Observe Activities
• Listen to Reactions
• Record Findings
INTERVIEW IS
MOST
CHALLENGING
Based on situations, all these sources be used during audits, to arrive at evidences
Evidences in Audits – Samples (Clause B.2.2 of ISO 19011:2015)
Process as Document as
Samples > Samples >
People as
Samples >
Nonconformity
Finding Detail
GT002, rev. 2 Document # F103-21 Release Date: 04-feb-2013 Page 1 of 1
SECTION 1: BASIC DATA - AUDIT
Client: Client ID#:
Audit Criteria: Date(s) of audit:
to give details of the NC
Finding:
Requirement:
Auditor
Issued by:
Failure to achieve clear factual information will invite challenge of the findings at
the closing meeting.
This will be particularly important in areas where the emphasis is placed on the
following
• Management Commitment
• Competence
• Communication
• Continual improvement
Audit plan
Audit report
Open/closing meeting attendance list
Copies of non-conformity reports and objective evidence
provided
Assignment of the audit teams
Confidentiality statements of the audit team