COURSE LEARNING OBJECTIVES

 Describe the purpose of a QMS, of QMS standards, of QMS audit

and of third-party certification
 Explain the role of an auditor to plan, conduct, report and follow-up
a QMS audit in accordance with ISO 1901
 ISO 1901 and ISO/IEC 17021 where appropriate

 Plan, conduct, report and follow-up an audit of a QMS to establish

conformity (or otherwise) with ISO 9001 and in accordance with ISO
19011 and ISO/IEC 17021 where appropriate
AUDITOR PERSONAL ATTRIBUTES
 Ethical
 Confident
 Open-minded
 Diplomatic
 Observant
 Perspective
 Versatile
 Tenacious
 Decisive
 Self-Reliant
 Acting with fortitude
 Open to improvement
 Culturally Sensitive
 Collaborative
 SESSION 3

• Certification and registration of organizations

• Certification of auditor
• Competence of auditor
• Personal characteristics of auditor
• Registration , certification and auditor competence
• AUDITS: DEFINITION, PRINCIPLES AND TYPES
Audit definition
• Principles of audit
• Type of audit

• Explain the use of session you will be able to:

• Understand the use, benefits and potential limitations of using checklists

SESSION 3
• Explain the purpose, structure, content and attendees explain the process of and different method for,
gathering evidence during and audit
• Describe the purpose structure, content and attendees typically at opening meetings
• Explain the roles and responsibilities of guides
• Describe the benefits and limitation of sampling
• Understand how to conduct and control audits
• Identify the channels of communication between auditors and auditees
SESSION 4
• Audit review meeting
• Audit finding
• Finding statements
• Corrective actions requests (CARs)
• Classification of CARs
• Opportunities for improvement
SESSION 4

AUDIT REPORTING AND FOLLOW-UP

• Presenting the findings
• Reporting on the audit
• Audit completion
• Corrective action
• CAR status log
• Management review
• Follow-up and close out
 QMS 9001:2015
Approved Lead Auditor Course
Training Programme

SESSION 3
I heartly welcomes you all
by
Sivakumar Rajaram
INSATON
Recognized by IAFSTD UK LTD.
www.isocertification.uk.in
SESSION 3

 Certification and registration of organizations

 Certification of auditor
 Competence of auditor
 Personal characteristics of auditor
 Registration , certification and auditor competence
SESSION 3

REGISTRATION, CERTIFICATION AND AUDITOR COMPETENCE

 Certification and registration of organizations

 Certification of auditor
 Competence of auditor
 Personal characteristics of auditor
 Registration , certification and auditor competence
SESSION 3 OBLECTIVES

 Explain the terms used in certification and accreditation

 Describe the certification and accreditation process
 Understand the importance and purpose of ISO / IEC 17021
 Distinguish between stage 1 and stage 2 audit
 Explain the purpose of surveillance visits
 Explain the benefits of third-party certification for an QMS for organization and stakeholders
 Be aware of the various auditor certification schemes
 Understanding the competence needs of auditor
 Outline the content and intent if the CQI / IRCA code of conduct
AUDITOR COMPETENCE

National Accreditation body

Certification body Auditor certification scheme

Auditor Auditor
Organizations certification Training
 AUDITOR COMPETENCE (CONTINUED)

ISO /IEC 17021-1:2015

 Conformity assessment – requirements for bodies providing audit

and certification of management systems
 Includes:
• Principles for certification bodies
• Resource requirements
• Information requirements
• Stage 1 audit
• Stage 2 audit
 COMPETENCE (CONTINUED)

CERTIFICATION PROCESS

 Will include:

o Stage 1 audit
• Application
• On-site visit (recommended)
• Documentation review
o Stage 2 audit
• On-site audit
o Regular “surveillance” visits
 COMPETENCE (CONTINUED)

AUDIT EVIDENCE / AUDIT TRAILS

 The audit process

Gathering and selecting Source of information

information - - - - - - - - - - - - - - - - - - ->

Information
verification - - - - - - - - - - - - - - - - - - - - - - >

Audit evidence
comparison with audit - - - - - - - - - - - - - - - - - - - - - >
criteria
Audit findings
review - - - - - - - - - - - - - - - - - - - - - - - >
Audit conclusions
 COMPETENCE (CONTINUED)
AUDIT EVIDENCE / AUDIT TRAILS, TRAILS, CONTINUED

 Audit evidence (Iss 7)

Records, statements of fact or other information which are relevant to the audit criteria
and verifiable

(ISO 19011:2018)
 COMPETENCE (CONTINUED)
AUDIT EVIDENCE / AUDIT TRAILS, CONTINUESD

 Information relevant to the audit is obtained from:

• People
• Processes
• Equipment / tool / materials
• documentation
 ACTIVITY 5: AUDIT EVIDENCE / AUDIT TRAIL

TASK
To enable you to understand the evidence needed to show that certain clauses of ISO
9001 are being implemented effectively, use wetland case study.
OUTPUT
Present your finding to the whole class

Time ALLOWED
Activity: 15 minutes
Use wetland
case study
page-1
Task

 Read the case study background information and develop an audit trail that would take you through
the following:
• an organization’s internal audit process:
• The implement of the quality policy, objectives and management commitment;
• An organization’s purchasing processes;
• Competency of sales staff; and
• The management review process
 Provide details of the possible audit evidence that could be available in order to show that these processes
meet the requirement of ISO 9001,

Output

 Be prepared to feedback your findings to the whole class, ideally on a flip-chart

 In your presentation, show or state the appropriate references in ISO 9001
WORKSHOP 5: AUDIT EVIDENCE / AUDIT TRAIL

Purpose
• To provide an understanding and example of the evidence needed to show that certain clauses of ISO
9001 are being implemented effectively
Task
• Read the case study background information and develop an audit trail that would take you through
the following:
• An organization’s internal audit process:
• The implementation of the quality policy, objectives and management commitment;
• An organization’s purchasing processes:
• Competency of sales staff; and
• The management review process
• Provide detail of the possible audit evidence that could be available in order to show that these
processes meet the requirement if ISO 9001.
SESSION 3

AUDITS: DEFINITION, PRINCIPLES AND TYPES

 Audit definition
 Principles of audit
 Type of audit
SESSION 3 OBJECTIVES

By the end of this session, you will be able to:

 Understand the definition of auditing
 Explain the principle of auditing
 Explain the purpose and differences between first, second
and third-party certification audit of management system
AND TYPES

AUDIT

Systematic, independent and documented process for obtaining objective

evidence and evaluating it objectively to determine the extent to which the
audit criteria are Fulfilled
AUDIT: DEFENITON, PRINCIPLES AND
TYPES (CONTINUED)

AUDITING MANAGEMENT SYSTEM

 ISO 19011:2018
 Provides guidance on:
• Principles of auditing
• Managing and audit programme
• Conducting an audit
• Competence and evaluation of audit
AUDIT: DEFENITON, PRINCIPLES AND
TYPES (CONTINUED)

PRINCIPLES OF AUDITING
 Integrity
 Fair presentation
 Due professional care
 Confidentially
 Independence
Breakout
 Evidence-based approach group 1-2,
 Risk-based approach Importance and
impact of these
principles
AUDIT: DEFENITON, PRINCIPLES AND
TYPES (CONTINUED)

TYPE OF AUDIT
 First party (internal)
 Second party (external)
Breakout
 Third party (external) group -3:
Definitions
and Objective
Of each type

See appendices 12,13,14 and 15

have been used in this session
SESSION 3 OBJECTIVES

 Explain the use of session you will be able to:

 Understand the use, benefits and potential limitations of using checklists
DEVELOPING A CHECKLIST

AUDIT CHECKLIST
 Purpose is to:
• Ensure audit objectives and scope are met
• Ensure every part of the audit is completed
• Provide guidelines for auditors
DEVELOPING A CHECKLIST
(CONTINUED)

PREPARING A CHECKLIST
 Consider
• The processes taking place
• Relevant procedure
• Documents in use
• Records
• Requirements of this standard
• Requirements of this management system
DEVELOPING A CHECKLIST
(CONTINUED)

SYSTEM BREAK-DOWN

system

Sub-system

Process

Task

Activity
DEVELOPING A CHECKLIST
(CONTINUED)

MAPPING A PROCESS
Level 1

Level 2

Level 3

Appendix 18
DEVELOPING A CHECKLIST
(CONTINUED)

ANALYSING THE PROCESS-KEY ISSUES TO CONSIDER

Resources
With What?

Inputs? Process Outputs?

Controls Analysis
How? What result?
DEVELOPING A CHECKLIST
(CONTINUED)
 Resource –with who?
PREPARING FOR THE AUDIT-CONSTRUCTING A “TURTLE DIAGRAM”
 Resource –with what? Competence skills training
• process manager
• Materials • Team leader operators
• Equipment • Roles & responsibilities
• Maintenance • Job description
• Measuring requirement • Competence & skills
• Work • On the job
• Infrastructure • HACCP training & record
• Cleaning • Performance
Process • Communications
 Inputs?  Outputs:
Objective(s) of the
• Business requirements • Product of sub product
process activity steps
• Customer requirements • Spoke product of service, knowledge
Process flow diagram
• Legal regulatory requirements • Programmes
• Process interface (input to other processes)
 Controls –how?
 Support process and procedures
• Procedures work  Analysis-What result?
• Control plan  Performance indicators
• Text method • Target achieved?
PREPARING FOR THE AUDIT

TASK
To prepare for an audit against the requirements of ISO 9001:2015

OUTPUT
Present your finding to the whole class

TIME ALLOWED
Activity: 75 minutes
Feedback: As appropriate
SESSION 3 OBJECTIVES

By the end this session, you will be able to:

 Explain the purpose, structure, content and attendees explain the process of and different
method for, gathering evidence during and audit
 Describe the purpose structure, content and attendees typically at opening meetings
 Explain the roles and responsibilities of guides
 Describe the benefits and limitation of sampling
 Understand how to conduct and control audits
 Gather audit evidence
 Appreciate the various techniques of questioning auditees
 Identify the channels of communication between auditors and auditees
CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)

STAGE 2 AUDIT
 Purpose
• To evaluate the implementation, and effectiveness, of the client’s management
system
• The stage 2 audit will take place at the site(s) of the auditee
CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUE)

STAGE 2 AUDIT, CONTINUED

 Areas covered include:
• Information and evidence about conformity to the requirements
• Performance monitoring, measuring, reporting and reviewing against key
performance objectives and targets
• Risk and opportunities
• Legal compliance (if relevant)
• Internal auditing and management review
• Management responsibility
 CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUED)

COLLECTING AND VERIFYING INFORMATION

Sources of information

Gathering and selecting (document

review, interviews, observations) by
appropriate sampling
information

Verifying

Audit evidence

Evaluating against audit criteria

Audit findings

Reviewing
Appendix 22 Audit conclusions
CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUED)

AUDIT EVIDENCE
Records, statements of fact or other information which are relevant to the audit
criteria and verifiable

ISO 19011:2018
CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUED)
AUDIT INFORMATION

 Information relevant to the audit is obtained from:

• People
• Processes
• Equipment / tools / materials
In groups: identify this information for wetland
• Documentation people: name, competence, awareness , etc.?
Processes: correctly identified, precise, logical,
well documented, etc..
Tools: equipment, materials: condition,
protected, stored, etc.
Documentation: approved, complete, available
at point of use, etc.
CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUED)

OPENING MEETING

• To Enable participants to introduce themselves

• Confirm audit purpose, scope and method
• Establish communication
• Encourage co-operation, honesty, openness
• Confirm reporting arrangements

Appendix 23
CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUED)

THE AUDITOR’S APPROACH

 Meet the area / department representative first
 Always talk to those performing the task
 Explain the purpose of the visit
 Be calm, polite, reassuring
 Never “task down” to people (to consider auditee as less intelligent as compare to you)
 Speak clearly and carefully
CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUED)

CONDUCTING THE AUDIT

 Examine audit evidence
 Ask open-ended questions
 Refer to checklists
 Take notes

ASK-LOOK-LISTEN
CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUED)

QUESTIONING TECHNIQUEES
 Six important words:
• How
• What
• Where
• When
• Who
• Why

Often followed by “SHOW ME”

CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUED)

CONTROL THE AUDIT

 Do not:

• Be side-tracked
• Be led or misled
• Get “bogged down” (get stuck in an issue)
• Let auditee dictate the pace of the audit
• Make assumptions or presumptions
CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUED)

CONTROL THE AUDIT, CONTINUED

 Do:
• Be prepared
• Be punctual
• Insist on person questioned answers for themselves
• As little talking as necessary
LISTEN
• Avoid misunderstandings
• Keep questions clear and concise
• Be polite and calm
• Thank the auditee
CONDUCTING THE ON-SITE AUDIT (AUDIT STAGE 2)
(CONTINUED)

CONTROL THE AUDIT, CONTINUED

 Be aware to
• Aggressive auditees
• Timid auditees
• Missing people
• Missing documents
• Pre-prepared sample(choose your own)
• Special cases Improve your audit
• Local issues and cultural customers plan and submit
again
• Emotional blackmail
 QMS 9001:2015
Approved Lead Auditor Course
Training Programme

SESSION 4
I heartly welcomes you all
by
Sivakumar Rajaram
INSATON
Recognized by IAFSTD UK LTD.
www.isocertification.uk.in
SESSION 4

 Audit review meeting

 Audit finding
 Finding statements
 Corrective actions requests (CARs)
 Classification of CARs
 Opportunities for improvement
Visit Number: 01 certification Audit Actual visit
date:

Visit Due by Date: For auditor information only

Lead Auditor: Annus Uddin khan (AUK)

Team members(s): Amjad Rehman (AR)

Additional Muhammad Anwar- Trainee

Attendees & Roles

Standard(s): ISO 9001:2015

Audit Language: English

Audit Scope: Manufacturing and Export of Writing instruments, Colouring and Drawing product for children.
(Exclusion-clause 7.3 & 7.5.2)

Audit objectives. To confirm that the management system has been established
and implemented in accordance with the requirements of the audit standard.
Date Time Auditor Area/Department/process/Function Key contact

0845 All Arrival of Auditors at Factory -

0990 All Opening meeting with management /review of organization Top Management
Head of department

0930 AUK+ Review of last audit finding/quality policy & quality objectives/Quality plan/Quality manual/control of QMS Manager
AR documents & records/continual improvements

1000 AUK Production & planning operations: Production manager

(Process control/identification & traceability/ preservation of product/in-process & Final inspection /
control of Non-conforming Product / calibration)

1000 AR Order receipt / customer related process / customer feedback & complains / customer communication Sales manager

1100 AR Stores / inventory / issuance records/identification & traceability Store supervisor

1230 AUK Machine maintenance (Breakdown & Preventive) and calibration Maintenance Manager

1200 AR Purchase process / supplier evaluation, re-evaluation & Monitoring / Analysis of data Purchase manager

1330 All Lunch and prayer break

1430 AUK QC Lab/control on non-conformation/preservation of product QA Manager

1430 AR Human resource / training plan & records / competency records / communication etc., HR Manager

1600 AUK Internal Quality Audit / Management review QMS Manager

1600 AR Corrective & preservation action including handing of customer complains / Analysis of data QMS Manager
CONDUCTING THE ON-SITE (AUDIT STAGE 2)
(CONTINUED)

SAMPLING
 A skill in audit to examine evidence
 Sufficient examples to establish a degree of conformity or nonconformity
 Judgment-based auditing does not require formal:
• Sampling plans
• Statistical method
AUDIT REVIEW (CONTINUED)

NONCONFORMITY
The non-fulfilment of a requirement

ISO 19011:2018
AUDIT REVIEW (CONTINUED)

NONCONFORMITY, CONTINUED
 May be a failure to:
• Company with the standard
• Implement a process or other documented requirements
• Implement a legal or contractual requirements
• Meet specification

NO REQUIREMENT= NO NONCONFORMITY
AUDIT REVIEW (CONTINUED)

A FINDING STATEMENT
 Includes:
• Clear statement of the nonconformity
• Evidence on which nonconformity is based
• Summary of requirement not met
AUDIT REVIEW (CONTINUED)

EXAMPLE OF A FINDING STATEMENT

Purchase documentation is not being implemented in full

in that not all purchase order are being fully completed.
For example: Pos 1234 and 1235 do not show prices or
delivery dates
All documentation must be completed in accordance with
instruction Q16
AUDIT REVIEW (CONTINUED)

CORRECTIVE ACTION REQUEST (CAR)

 A form used to:
• Report nonconformities
• Classify nonconformities
• Record acceptance of nonconformities
• Record actions to correct nonconformities
• Record auditor acceptance of corrective action taken

Appendix 25
AUDIT REVIEW (CONTINUED)

CORRECTIVE ACTION REQUEST (CAR), CONTINUED

 CARs contain:
• The applicable function, process or procedure
• Standard and clause number
• Auditor’s name
• Finding statement
• Acceptance by auditee
AUDIT REVIEW (CONTINUED)

CLASSIFICATION OF CARs
 Major:
• A failure to fulfill one or more requirement of ISO 9001, or
• A situation that raises significant doubt the ability of the QMS to
achieve its intended outputs
 Minor:
• A less servere lapse in a process, procedure or operation of the
QMS
AUDIT REVIEW (CONTINUED

MAJOR CAR
 Raised when there is:
• Absence of or substantial failure to meet requirement of the standard
• The absence or total breakdown of a procedure critical to occupational health
and/or safety, or in the effective operation of the QMS
• Persistent supply of non-conforming goods / services
• A MINOR nonconformities against a particular element of the QMS or process
• Misuse of a certification mark or an accreditation mark
AUDIT REVIEW (CONTINUED)

CLASSIFICATION: THIRD-PARTY AUDIT

 Major
• Must be corrected and verified before registration can be recommended
• May lead to registration being suspended if raised during surveillance

 Minor:
• More time allowed for correction
• Usually verified at next surveillance visit
• May lead to major if not closed
AUDIT REVIEW (CONTINUED)

CLASSIFICATION: SECOND-PARTY AUDIT

 Major
• Contracts mayt be withdrawn, not awarded or renewed

 Minor
• Corrected and verified as agreed
AUDIT REVIEW (CONTINUED)

CLASSIFICATION: FIRST-PARTY AUDIT

 CAR grading not essential
 Purpose is system improvement
 Audit should be positive and constructive
 Effective corrective action more important
AUDIT REVIEW (CONTINUED)

OPPORTUNITIES FOR IMPROVEMENT

 Good points which may benefit other areas of organization
 Areas of concern
 Deficiencies given the “benefit of doubt”
 Consideration for improvement
STANDARD

 apply ISO 9001 in typical audit situations;

 Make sense of the information gathered in the context of ISO 9001 and the
organization being audit
 Interpret corrective action in response to nonconformities identified during an
audit:
SESSION 4 OBJECTIVES

By the end of this session you will be able to:

 Describe the purpose, structure, content and attendees typically at closing meetings
 Describe the preparation, approval and distribution of audit reports
 Be aware of the information needed to recommend the certification decision in a third-party
audit
 Understand the role of auditor and explain the roles and responsibilities for taking and verifying
corrective action
 Explain the steps necessary to address corrective actions
 Identify the types of evidence that may be required to demonstrate effective implementation of
corrective and preventive action
 Understand the role of management review
 Appreciate the steps necessary to followed-up and close out corrective actions
SESSION 4

AUDIT REPORTING AND FOLLOW-UP

 Presenting the findings
 Reporting on the audit
 Audit completion
 Corrective action
 CAR status log
 Management review
 Follow-up and close out
AUDIT REPORTING AND FOLLOW-UP

CLOSING MEETINGS
 Present all findings and evidence carefully and precisely
 Be prepared to support and justify finding
 Do not be drawn into arguments
 If an error transpires, apologies, alter or withdraw if necessary
 Do not accept a “ Quick fix” to CARs
AUDIT REPORTING AND FOLLOW-UP
(CONTINUED)

AUDIT REPORT
 Accurate record
 Contains conclusion concerning:
• Extent of conformance
• Effective implementation of QMS
• Ability of management review process to ensure continuing
suitability and effectiveness of QMS or recommend certification if
this is this first third party audit
AUDIT REPORTING AND FOLLOW-UP
(CONTINUED)

CORRECTIVE ACTION

Action to eliminate the cause of a nonconformity and to prevent recurrence

ISO 9001:2015
AUDIT REPORTING AND FOLLOW-UP
(CONTINUED)

TYPICAL CORRECTIVE ACTION “CYCLE”

Auditor identifies Management Auditor verifies

nonconformity implements CA effectiveness

Auditor writes finding Auditor closes out

Auditor agree CA
statement

Management
Auditor classifies &
determines CA to
issues CAR
prevent recurrence

Management Management
eliminate detected investigates root
nonconformity cause
AUDIT REPORTING AND FOLLOW-UP
(CONTINUED)

CONTINUAL IMPROVEMENT
 The organization must continually improve the suitability, adequacy and
effectiveness of the QMS by considering:
• Outputs of analysis and evaluation
• Outputs from management review
• Opportunities for management review

 The audit process provides information and evidence that:

• Can be used in the evaluation
• Shows continual improvement is taking place