QMS Internal Auditor Training

Program Objective

Understanding …

 The audit protocol and audit process.

 Understanding roles and responsibilities as internal auditor.

 How to conduct internal audit effectively

2
3
Quality Management System Model

4
 Quality Management System Requirements

4.0 QMS Requirements 5.0 Management Responsibility

5.1 Management Commitment
4.1 General requirements
5.2 Customer Focus
4.2 Documentation requirements
5.3 Quality Policy
6.0 Resource Managements 5.4 Planning
5.5 Responsibility, Authority and
6.1 Provision of resources Communication
6.2 Human Resources 5.6 Management Review
6.3 Infrastructure
7.0 Product Realization
6.4 Work Environment
7.1 Planning of Product realization
8.0 Measurement Analysis 7.2 Customer related Processes
and Improvement 7.3 Design and Development
8.1 General 7.4 Purchasing
8.2 Monitoring and Measurement 7.5 Product and Service Provision
8.3 Control of Non-Conforming 7.6 Control of Monitoring and
Product measuring devices
8.4 Analysis of Data
8.5 Improvement
5
 Audit Requirements as per ISO 9001 : 2008

Reference
Clause 8.2.2 ,
Requirements

 Organization shall conduct Internal audit at planned interval

 Consideration:
Status and importance of process
Previous audit results
 Audit criteria, scope, method, frequency shall be defined in a procedure
 Auditor shall not audit their own work
 Records of audit shall be maintained
 Corrective and preventive actions shall be taken by person responsible for the
area
 Effectiveness shall be verified by the auditor

6
 Internal Audit Steps

Planning of Audit

• Prepare Annual ‘Internal Audit Programme”.

xx • Revise audit programme as and when necessary to
suit the business requirements.

xx • Approve the Internal Audit Programme.

• Communicate the Internal Audit Programme to

xx
Managers / Functional Head and auditor(s).

• Review the necessary document such as Quality

Auditor /
Manual, related procedures, process documents,
Lead
previous internal audit reports before preparing the
Auditor
audit checklist.

7
 COPRI Audit
Procedure

Conducting Audit

Auditor / Ensure the following documents are available with audit

Lead Auditor team: Audit checklist ,Audit plan ,Blank NCR form, Audit notes

•Conduct opening meeting with auditee (Functional Head /

Auditor /
Manager and key staffs).
Lead Auditor
•Conduct audit

Reporting Audit

•Prepare detailed audit report.

Lead •Discuss and submit audit report to the Manager/
Auditor / Functional Head.
Auditor •Forward a copy of internal audit report, completed
checklist, audit notes, C.A.R. etc. to MR.

8
 COPRI Audit Procedure

Post Audit Activities

• Record NCR
•Review audit report and prepare executive summary for
MR
discussion in the MRM.

•Perform root cause analysis and take appropriate CA /

PA for closing out the nonconformities recorded in the
CAR form.
Auditee
•Submit closed nonconformities to the MR within the
agreed time frame.

•Review CA / PA and forward the same to the auditor /

lead auditor for verification and closure.
MR
•Send reminders to the auditee for the CA / PA if not
completed within the agreed time.

9
10
 Inspection and Audits

Inspection Audit
 Can be programmed or  Must be Programmed
impromptu  Aims to ensure requirements
 Aimed at finding non- met
conformance in situ  Needs detailed planning
 Focuses on observation  Seeks objective supporting
 Can be used as tool to engage evidence
management  Should have scope & purpose
Financial Audit
 All the points above are included
 Focus on meeting regulatory
requirement
 Focus on detecting financial
irregularities.
 Do not focus on efficiency and
effectiveness verification
 Focus on finance activities only

11
 Terms and Definitions

Management System Audit

“ The systematic and independent examination to determine whether quality

activities and related results comply with planned arrangements and whether
these arrangements are implemented effectively and are suitable to achieve
objectives.”

ISO 19011:2002

“A systematic, independent and documented process for

obtaining audit evidence and evaluating it objectively
to determine the extent to which the audit criteria are fulfilled"

12
 Terms and Definitions

Audit Criteria
Set of policies, procedures or requirements

Audit Evidence
Records, statement of facts and other information which are relevant to the audit
criteria and verifiable

Audit finding
Results of evaluation of the collected evidences against audit criteria

Audit Conclusion
Outcome of an audit provided by an audit team after consideration of the audit
objectives and all audit findings.

Audit Client
Organization or person requesting an audit.

13
 Terms and Definitions

Auditee
Organization being audited.

Auditor
Person with competence to conduct an audit.

Audit Team
One or more auditor conducting an audit supported if needed by technical experts.

Technical Expert
Person who provides specific knowledge or expertise to the audit team

Audit Programme
Set of one or more audits planned for a specific time frame and directed towards a
specific purpose.

14
 Terms and Definitions

Audit Plan
Description of activities and arrangements for an audit

Audit Scope
Extent and boundaries of an audit

Competence
Demonstrated personal attributes and demonstrated ability to apply knowledge
and skill

15
 Terms and Definitions

Types of Management System Audit

A. FIRST PARTY AUDITING

Audits carried out by a company on its own systems.

B. SECOND PARTY AUDITING

Audits carried out by one organization on another prior to or after
contract placement.

C. THIRD PARTY AUDITING

Audits carried out by independent accredited
organizations.

16
 Audit Process

INITIATING THE AUDIT

Appoint team leader
Define objective, scope and criteria
Selecting audit team
Initial contact with the client
DOCUMENT REVIEW
PREPARATION FOR ONSITE AUDIT ACTIVITIES
Preparing audit plan ALL
ALL
Assigning work to audit team ORGANISATIONS
Preparing work documents ORGANISATIONS
ADOPT
ADOPTAASIMILAR
SIMILAR
CONDUCTING ONSITE AUDIT ACTIVITIES
Opening meeting APPROACH
APPROACHBASED
BASED
Communication during the audit ON
ON
Roles and responsibility of guide
Collecting and verifying information ISO
ISO19011
19011
Generating audit findings
Preparing audit conclusion
Closing Meeting
PREPARING AND DISTRIBUTING AUDIT REPORT

FOLLOW-UP AND SURVEILLANCE

17

Selection of audit team
 Audit objectives & duration
 Type of Audit
 Competence
 Regulatory requirements
 Maintenance of independence
 Technical and cultural skills
 Ability to work as a team
 Language
Audit Process
Document Review
 Understand the business process
 To ensure that all the requirements
of the standard are addressed
 To save time during the stage 2
audit
 Regulatory requirements are met
18

Lead Auditor Responsibility
 Act as primary interface between the
client and assessment team
 Chair Opening and closing meeting
 Carry out the pre-audit
 Carryout document review
 Responsible for audit team selection
and composition
 Preparing audit schedule and
communicating to client
 Debriefing MR/ Top Management/
auditee
 Raising and closing non-conformity
 Compiling and preparing audit report
Audit Process
Auditor Responsibility
 Conformance with audit objective and
scope
 Planning for individual audit
assignment
 Carrying out individual assignment
effectively and efficiently
 Documenting and communicating
findings
 Respecting confidentiality and time
management
 Co-operating and supporting team
leader
 Participate in opening and closing
meeting
19
 Audit Process

Audit Plan

 Audit Objective
 Audit Criteria
 Audit Scope
 Time and Duration of on-site activities
Based on criticality
Size of operation
 Identification of Auditors and Auditee
 Identification of elements of standards
 Opening and closing meeting time
 Details of Technical expert

20
 Audit Process

Audit Plan
Date/time Team 1 Team 2

Day 1 09:00 – 10:00 Opening Meeting

Day 1 10:00 – 12:00 Director Business planning

Day 1 12:00 – 13:00 EMS Rep. Operations

Day 1 13:00 – 15:00 Property Tour
Day 1 15:00 – 17:00 HR/Training Purchase
Day 1 17:00 – 18:00 Internal Auditors Meeting
Day 2 09:00 – 11:00 Process -1 Process - 2
Day 2 11:00 – 13:00 Process – 3 Process - 4
Day 2 13:00 – 14:00 Internal Auditors Meeting
Day 2 14:00 – 15:00 Closing Meeting

21
 Audit Process

Process Approach of Audit and Audit plan

22
 Audit Process

Exercise -2

TASK Prepare a audit plan for AKS based on the organization

chart
Deliverables Audit Plan
Team To be done in group
Time 45 Minutes
Output Presentation by group and discussion

23
24

Checklist - Advantage
It is an “ aides – memoire“
Purpose:
 To assist memory;
 To ensure covering all aspects;
 To ensure continuity of the audit;
 To manage time;
 To organize note taking; and
 Part of audit report.
High Level checklist
 To ensure that system exist
 Normally start with Do, Does
 Answer Yes, No
Audit Process
Checklist -Disadvantage
 Can restrict auditors view
 Prevent looking beyond the
questions
 Could become cumbersome
Low level checklist
 Detailed checklist
 Who, what, where, why, when,
how, show me
25
 Audit Process

High Level Checklist

Does the organisation determine the requirements specified by the customer, including the
requirements for delivery and post-delivery activities ?

Does the organisation determine requirements not stated by the customer but necessary
for specified or intended use, where known ?

Does the organisation determine statutory and regulatory requirements applicable to the
product ?

Does the organisation determine any additional requirements considered necessary by the
organisation) ?

Does the company identify the exact requirements of the customer and provide the
closest match of available product offering ?

Does the company wherever possible try to meet customer requests for special
facilities and services (e.g special diet, disabled or elderly persons, hotel room
locations etc.) ?

Where the company has negotiated discounts with specific hotels, airlines, other
agencies etc. are these always the first choice when processing a customer
26
booking ?
 Audit Process

Low Level Checklist

Could you explain how customer enquiries are handled ?
May I see the forms that are used to record customer requirements ?
How do you ensure that customers specific requirements are met ?
May I see the appropriate procedures?

Derived from below High Level question

Does the company identify the exact requirements of the customer and
provide the closest match of available product offering ?

27
 Audit Process

Exercise -3

TASK Prepare low level checklist for one procedure of AKS

Deliverables Audit Checklist
Team To be done in group
Time 45 Minutes
Output Presentation by group and discussion

28

Opening Meeting
 Introduction
 Confirm type and purpose of audit
 Confirm , scope, standard
 Confirm confidentiality
 Confirm that audit is based on
sample
 Confirm audit programme
 Explain deployment of auditors
 Explain about as NC/ Observation
 Confirm date ,time, venue, attendee
for closing meeting
 Information about conditions under
which the audit may be terminated
 Any question for clarification
Audit Process
Closing Meeting
 Thank for cooperation
 Record of attendees
 Purpose of meeting
 Restate Objectives & Scope
 Limitations of the audit report
 Summary Statement
 Nonconformance reports
 Corrective action & follow up
mechanism
 Questions
29
 Audit Process

Collecting Evidence

INTERVIEWS

OBSERVATION OF ACTIVITY
EXAMINATION
VERIFY

OBSERVATION OF CONDITIONS

30
 Assessment Process

Audit flow

Start with Managers

Work up
through the organisation

Work down
through the organisation

Start at working level

Questioning Techniques
 Close questions
 Open questions
 Probing questions Video on Audit and Questioning
 Challenging questions
 Reflecting questions
 Summarizing questions
31
 Assessment Process

Forward and backward trace

Information Forward Trace

Process
ProcessInformation
Information

Action
Action

Result
Result
Backwards Trace

Records
32
 Assessment Process

Team Meeting

Chaired by Team Leader

Non- Conformity Forms Completed

All Non-Conformities Reviewed

Collective Review of Non-Conformities

To Identify Major Concerns

Summary Statement Prepared

Agenda for Closing Meeting Prepared

33
 Audit Process

Nonconformity Factual
FactualEvidence
Evidenceof
ofaacondition
conditionnot
not
Non fulfillment of a requirement In
In accordance
accordancewith
withspecified
specified
requirements
requirements
Observation
Facts observed during audit which may be Positive or Negative or a
Improvement Potential
Nonconformity statement Improvement Potential
What was found Auditor s suggestion for
Where was if found improvement
Why is it a Non-Conformity Organization has the option to follow
or not
Major Nonconformity Minor Nonconformity
A Significant Non-Conformity with a
An Isolated Incident of a Failure to
Quality Management Requirement
A Failure of, or complete omission of a comply with a procedure or
(Quality) Management Requirement (Quality) Management System
Requirement
A Significant number of Minor Non
Conformities concerning the same (Quality)
34
Management System Requirement
 Audit Process

Exercise -4

TASK Identification of the non-conformity from given

situation
Deliverables Non conformity Report
Team To be done in group
Time 60 Minutes
Output Presentation by group

35
 Audit Process

Audit Report
 Objective and scope of Audit

 Identification of Audit Client ,Team Leader and Auditor , Auditee

Audit Criteria

 Summary of Audit process ( Area not covered, Uncertainty and

obstacles encountered during audit which may effect the
reliability of audit result)

 Statement of confidential nature of the content

 Audit Finding
Strength, Weakness, Non-conformity, Improvement
Potential

 Audit Conclusion

36
37
 Interpersonal skill

Personal Attributes

 Ethical : Fair, Truthful, Sincere, Honest, Discreet

 Open mind : Willing to consider alternative ideas
 Diplomatic : Tactful in dealing with people
 Observant : Actively aware of physical surroundings and activities
 Perceptive : Instinctively aware and able to understand situation
 Versatile : Adjust readily to different situation
 Tenacious : Persistent focussed on achieving objective
 Decisive : Reaches timely conclusion based on logical reasoning and
analysis
 Self reliant : Acts and functions independently while interacting effectively
with others

38
 Interpersonal skill

Barriers to Communication

 Physical;
 Intellectual; and
 Psychological.

Creating a environment for communication

 Space;
 Time;
 Eye contact;
 Body language;
 Paralanguage; and
 Cultural sensitiveness

39
 Interpersonal skill

Bad habits to avoid Art of listening

 Faking attention;  Eliminate distraction;

 Over reaction;  Listen to content;
 Interrupting the speaker;
 Listening without looking;  Postpone judgment; and
 Listening only what you want to hear;  Seek clarification;
and
 Using listening time to collect thought.

40
 Interpersonal skill

Negative Characteristics

 Argumentative;
 Opinionated;
 Over – conclusive;
 Inconsistency;
 Lazy;
 Impractical;
 “ know – it – all “; and
 Inflexible.

41
42
43