Professional Documents
Culture Documents
Handout Audit Section+2
Handout Audit Section+2
com
SECTION 2 SUMMARY
What is an Audit?
An audit is comparing the existing situation to the required one.
For example, to the standard requirements against the company processes.
Or the product functionality, against the designed functionality.
Audit Purpose
An internal audit has 2 purposes:
1. Evaluation and improvement
2. Prepare the organization to the certification
audit.
An internal audit is like a house inspection. We do not want a perfect report from the house inspection
company. We want to know what is wrong, and then decide what to fix. Obviously, if something may
risk our safety, we would fix it immediately.
Audit Psychology
Most of the auditees do not feel comfortable during the audit.
They afraid that nonconforming findings during the audit, are indication of the auditee low performance.
Managers often expecting a “perfect” report, from lack of understanding the audit purpose.
Our goal is to remove the fear wall between us, the auditor, and the company.
Because, otherwise, we are not going to receive cooperation and fail to come up with real findings, that
will benefit the organization.
Types of Audit
The fours classical types of audits are:
• Internal audit
• Certification audit
• Supplier audit (our company audits its supplier)
• Customer (our customer audits our company)
Supplier audit is when our company quality manager arrives at our company supplier, to audit the supplier processes
and facilities. This usually takes place, when our company is choosing a critical supplier, that have a great impact on
our products or services.
Customer audit is when our company is audited by the customer quality manager, who arrives at our company, to
audit the processes and our facilities.
Audit Frequency
Usually, an audit takes place once a year, either if it's an internal
audit, a certification one.
Why?
If the company have several standards, once again, we may audit more than one standard per audit.
Especially if the same requirements appear in the standards, such as management review, you’ll find in
many ISO standards, and you can audit it once for all of them.
Audit Duration
A single audit of one process or one department, usually takes between 1 to 3 hours, depends on the auditor
familiarity with the department and its processes.
Now, the duration of an audit event, in which we are conducting on several audits, usually takes several days. But
each single audit duration may vary, again, depending on the department size, and number of the processes or their
complexity.
As a rule of thumb recommended to limit a single audit to 1.5 hours or
maximum of 2 hours.
If we have 10 departments to audit, then one way to divide it, is to carry
out 3 audits in the first 2 days, and the rest in the third day.
Audit Requirements
Knowing the requirements prior the audit is fundamental to be able to carry out an effective audit.
In most organizations, the internal audit conducted due to one or more standards the company has certification too.
Therefore, the auditor first priority is to make sure that the organization compliant with the standard, for which the
auditor must understand the requirements.
So, here is a simple method to both understand the requirements and check compliance.
The auditor should ask - what process or process are covering each requirement.
Because, once the auditor comparing the standard sections to the actual processes, then he will realize if the process
covers all the requirements, or just partially, what requirements have no processes.
Remember that the standard says WHAT to do, and the organization decide HOW to do it.
So, this comparison of the standard sections to the actual process, is usually carried out within the audit, but the
company quality manager, may do it before the audit, if he is familiar with the departments processes.