Quality Management System Internal Auditor

Training Course

Chapter A.2–Course Introduction

 A.3 Course introduction

Bureau Veritas
 Established in 1828  Offices in 140 countries
 Turnover over 4 billion Euros  1330 offices incl laboratories
 Over 400 000 customers worldwide  Over 60 000 employees

Our Vision
Become the leader in our industry and a major player in each of our
market segments and key geographical markets.

Our Mission
Deliver economic value to customers through QHSESA management of
their assets, projects, products and systems, resulting in licence to
operate, risk reduction and performance improvement.

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 2

 A.3 Course introduction

One of the most widely recognised certification bodies in the World

• Global Leadership in Management Systems Certification services

 6500+ auditors worldwide in 140 countries

 100,000+ companies certified
 World leader for Environmental Management System (ISO 14001) certification
 World leader for ethical and social certification (SA 8000)
 Most widely accredited Certification Body (over 44 International Accreditations)
 Global market leader in accredited training
 Global reach with local expertise
 Common sense and pragmatic audits

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 3

 8 GLOBAL BUSINESSES
MARINE INDUSTRY IN-SERVICE INSPECTION CONSTRUCTION
& VERIFICATION

Classification and certification Risk management, quality Periodic inspection of Conformity assessment of
of ships and offshore assurance, quality control and asset equipment & facilities in buildings and infrastructures
integrity management of facilities
floating units operation
and equipment

CERTIFICATION COMMODITIES CONSUMER GOODS GOVERNMENT SERVICES

& INTERNATIONAL TRADE

Certification of QHSE Commodities inspection and Testing, inspection and Trade facilitation services
management systems and testing: oil & petrochemicals, certification of consumer
second party auditing services metals & minerals, agriculture goods

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 4

 WIDE SCOPE OF ACTIVITIES

 Management System  Sustainability and Corporate

Certification Social Responsibility
Quality (ISO 9001) / Environmental (ISO 14001) Assurance of CSR Reports
Health & Safety (OHSAS 18001) Organic food & sustainable agriculture
Social Responsibility (SA 8000, ISO 26000) Carbon footprint and Carbon credit verification (CDM / JI / VCS)
Energy management systems (ISO 50001)
Biomass and biofuel sustainability

 International Certification
Programs  Sector specific standards
Multi-sites / Multi-schemes Food Safety (HACCP, ISO 22000, BRC, IFS, etc.)
Security in IT and Logistics (ISO 27001, ISO 28000)
Auditing programs Forestry management (FSC, PEFC, etc.)
based on customer-specific standards for Aerospace (AS/EN 9100, etc.)
Suppliers Network, Internal Transportation (TS 16949, IRIS, etc.)

ACCREDITED BY MORE THAN

50 NATIONAL AND INTERNATIONAL ACCREDITATION BODIES

OVER 6,500 SKILLED AUDITORS

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 5

 Bureau Veritas is your historical trustful partner

MORE THAN 150 000 ACTIVE

VALID ISO 9001 & ISO 14001
CERTIFICATES WORLDWIDE

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 6

 Total Bureau Veritas Certification Offer

Food Safety Health & Safety

► BRC Global Food Standard ► BS OHSAS 18001/ISO 45001
► IFS International Food Standard ► Compliance Audits
► EurepGAP
Social Accountability
► Dutch HACCP and Danish HACCP DS 3027
► SA8000
► GMP+ and QS and GMO
► Global Reporting Initiative (GRI)
► Fami-QS
► Bio-terrorism
► Supply Chain Management / Confidence Sustainability Services
► ISO 14064
Quality
► ISO 14046
► ISO 9001
► ISO 14067
► AS/EN-9100
► ISO 50001
► TL 9000
► ISO 55001
► IATF 16949
► ISO 20000 Others:
► Second Party Audits
Environment
► Integrated Management Systems\
► ISO 14001/EMAS
► School Safety Management Systems
► Forestry -PEFC, FSC
► Green Operation Theatres
Security ► ISO 39001
► ISO 27001 ► ISO 29990
► ISO 28000
• And Training services on all the above schemes……!!!
Oct 2018 QMS Internal Auditor Training Course (QMS/007) 7
 A.3 Course introduction

Course Timing

Day 1 09:-18:00 hrs

Day 2 09:-18:00 hrs

Lunch breaks: TBD each country

Coffee breaks: mid morning & mid afternoon

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 8

 A.3 Course introduction

House rules

► Facilities

► Safety rules & evacuation routes

► Courtesy
(mobile phones, pagers, recording devices)
► Local arrangements

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 9

 Course introduction

The course methodology:

► Tutorial

► Discussions

► Workshop

► Presentations

► Short Quiz

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 10

 Course introduction

►Learning Methods ►Evaluation Methods

 Tutorials Continuous Assessment
 Discussions

 Exercises and Workshops Formal Examination

 Case study 90 minutes
 Direct Tutor- Delegate
Reference material permitted

An unmarked copy of ISO9001 standard

a bilingual dictionary

Course examination questions can relate to any requirement

of ISO 9001 and the recommended prior knowledge.

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 11

 Course introduction

 Learning Objectives (Knowledge):

► Understand the purpose of ISO 9001:2015 Standard

including new requirements.
► Understand the role of an auditor to plan, perform, report
& follow up an audit in accordance with ISO 19011
► Understand how to audit the new and changed
requirements of the revised standard,
► Understand new concepts such as Risk,Change
Management and enhanced role of Top Management

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 12

 Course introduction

Learning Objective (Skills)

Undertake the role of an auditor / audit team leader to

 Plan an audit (including choice and management of the audit team)

 Manage and conduct an audit
 Develop ability to assess the scope and criteria for the audit.
 Demonstrate effective interpersonal and interview skills
appropriately in an audit situation
 Report audit findings
 Follow up the audit

in accordance with ISO 19011 and establish conformity or

non conformity with of ISO 9001 standard

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 13

 Course introduction

Enabling Objectives (Knowledge & Skills)

 Complementary to learning objectives

 Know the purpose and benefits of implementing a QMS
 Understand the process of establishing, implementing,
maintaining and continually improving a QMS
 Understand the requirements for documents and
difference between various forms of documents and their
differences and characteristics
 Understand the purpose and benefits of an internal audit

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 14

 Quality Management System
Internal Auditor Training Course

Chapter A.2–Course Introduction-Audits

 What is an Audit Process ?

•What is an Audit ?
audit
systematic, independent and documented process
(3.4.1) for obtaining objective evidence (3.8.3) and
evaluating it objectively to determine the extent to
which the audit criteria (3.13.7) are fulfilled

ISO 9000:2015

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 16

 3 Types of Audits

•First Party Audit

Self-audit (Client, auditor and auditees are Internal)

•Second Party Audit

Audit by an interested body (like a customer)

•Third Party Audit

Audit by independent body (certification/registration
body)

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 17

 Objectives of the Audit

1.To verify conformance to requirements for certification

2.To verify conformance to contractual requirements

3.To obtain and maintain confidence in the capability of a supplier

4.To contribute to the improvement of the management system

5.Approval / evaluation of a supplier

6.Major Quality Issues

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 18

 Factors influencing the audits

Factors influencing the decision on scope and extent of

audit:

1.Scope of the QMS, objective, duration and frequency of the audit

2.The number, importance, complexity, similarity and locations of

the activities to be audited

3.Results of the previous audits, status and importance of the activity

4.Language, cultural & social issues

5.Significant changes to an organization or its operations

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 19

Responsibilities of auditors

Responsibilities of Audit Team Member

To plan & organize the work effectively

To conduct Audits within scheduled timeframe

To prioritize and focus on matters of significance

To gather objective evidence through effective interviewing, listening,

observing and reviewing documents, records and data

To verify the data against the audit criteria to support audit conclusions

To prepare appropriate, factual and accurate audit reports

To communicate effectively with the auditee

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 20

 Audit procedures & records

Audit Programme Procedures:

 Planning and scheduling audits

 Selection of audit team, team leader and technical / process experts

 Conducting Audits and audit follow up

 Monitoring the performance and effectiveness of the audit programme

 Completion of the audit programme

 Maintaining Audit records

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 21

 Personal attributes •Competence & evaluation of Auditors

Desired:
Ethical Perceptive Self Reliant

Open Minded Decisive Diplomatic

Undesired :
Critical Over-conclusive Indecisive
Aggressive Argumentative Susceptible

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 22

 Principles of auditing
Integrity
The foundation of professionalism

Fair Presentation
The obligation to report truthfully and

Due Professional Care

The application of diligence and judgment in auditing

Independence
The basis for impartiality of the audit and objectivity of the audit conclusions

Confidentiality
Security of information

Evidence based approach

The rational method for reaching reliable and reproducible audit conclusions
in a systematic audit process

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 23

Performing & Managing Internal Audits
 Performing and managing Audits

Audits MUST be well managed

to deliver good VALUE.
►The audit team leader has the overall responsibility for
the audit. Audit team members to assist the team
leader
► Good audit management requires good:

 Planning and Preparation

 Communications (Client, Auditees and Auditors)

 Accurate and Objective Fact Finding

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 25

 Performing and managing Audits

Initiating the Audit

► Define audit objectives, scope and criteria
 Check the brief from the client and validate with auditee.
► Determine feasibility of the audit
 Is information and estimates of time and resources adequate?
► Select the audit team
 Need competence to fulfill audit objectives.
► Establish initial contact with the auditee
 What do they do?
 How big are they?
 Complexity of operations
 Degree of readiness
Ref: ISO 19011-6.2

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 26

 Performing and managing Audits

Initiating the Audit

Audit Criteria Audit Scope
Reference against which
Extent and boundaries of the
conformity is determined audit including:
► Standard Locations

► Contractual Specification Organisational units

► QMS Documentation Activities and processes

covered
► QMS Planning

► Legislation or other Team Composition ?

requirements

Ref: ISO 19011-6.2

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 27

 Performing and managing Audits

Audit Plan Working Documents

► Scope Checklists
► Criteria Forms
► Dates & duration Standard
► Audit team
Guidelines
► Detailed timetable

► Matrix plan

► Audit team requirements

► Remember to cover shifts

What documents must be shared with the audit

team and auditee before the audit ?
Oct 2018 QMS Internal Auditor Training Course (QMS/007) 28
 Performing and managing Audits

Conducting on-site Audit Activities

►Conducting the opening meeting

►Communication during the audit

►Collecting and verifying information

►Preparing audit conclusions

►Conducting the closing meeting

►Team exercise :

 What good meeting practices must be followed by

the audit team during an audit ?

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 29

 Performing and managing Audits

Opening meeting agenda:

►Introduce the team ►Grading of NCR’s

►Reason, scope & criteria ►Confirm staff aware &

available
►Review audit plan and
methods ►Confirm logistics

►Explain about sampling ►Confirm guides

►Confidentiality ►Safety requirements

►Method of reporting ►Questions

Ref:ISO 19011-6.4.2

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 30

 Performing and managing Audits

Conducting On-site Audit Activities

Meetings, Communications and Field Visits

Opening and Closing meetings are formal

communications.

Wash-up meetings report ongoing status,

findings and progress.

Team liaison meetings help coordinate and

focus the audit team.

Regular feedback to auditees provides

ongoing communication

Ref:ISO 19011-6.4

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 31

 Performing and managing Audits

How do auditors find evidence ?

• Reviewing documents

• Looking at records

• Interviewing people at all levels

• Observing practices and physical

environment

NOTE: Can/should the auditor cover all people,

documents and records during the audit?

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 32

 Performing and managing Audits

Follow Audit Trails

As you audit you will find
interesting opportunities for
follow-up (audit trails).
Pick promising audit trails:
►Follow it through

►Interact with team

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 33

 Performing and managing Audits

Observations
► Keep observing the physical evidence:
 records
 equipment, instruments
 conditions, controls

Observation – What to Look for

 Posted Procedures  Structure & Organization

 Actual Operations  Communications Postings

 Control Points  Awareness Reminders

 Operating Logs  Security Breaches

 Process Records  Infrastructure

 Security Logs

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 34

 Non-conformity reports

Communicating Findings of Nonconformance

►Do not view non-conformance in a negative way. This
is NOT like a speeding fine. It is NOT a punishment.

►Uncovering a non-conformance is a previously

undiscovered opportunity for improvement.

►Be positive, be professional, be precise.

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 35

 Non-conformity reports

Nonconformity Report
►No set rules; however the three important elements

 The nonconformity description

 The evidence

 The requirement of the standard

►Different organizations have different formats

 Use the format chosen by your client or firm

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 36

 Non-conformity reports and Corrective actions

Incident Number …....................

1
•Area NONCONFORMITY REPORT
Company under Audit: XYZ plc ABC1
Note Number .............................
Area under review:
•Grading ……………………………………….
Design department
Category MAJOR* MINOR* * delete one

Nonconformity description
The process for ensuring awareness impact of not adhering to
QMS requirements is not implemented

Evidence :
3 of the 5 persons interviewed in the design department were not
aware about the organisation’s QMS requirements such as
Quality Policy, Quality Objectives & their role

ISO 9001:2015 clause and requirement

7.3 Organization shall ensure that persons doing work under the
organization’s control are aware of:
d) The implications of not conforming with QMS requirements

Auditor A. U. Ditor
•Sign
Oct 2018 QMS Internal Auditor Training Course (QMS/007) 37
 Audit management

Team Liaison Meetings:

►To ensure smooth and effective progress of the audit

►To ensure audit scope is covered

►To review non-conformances

►To collate the findings

Final Team Liaison Meeting

► Prepare for the closing meeting

► Review & collate the findings

► Discuss recommendation

► Prepare final reports

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 38

 Audit management

Closing Meeting Agenda

►Thank the auditee and ►Disclaimer
reintroduce the team
►Overall summary
►Recap reason, scope & criteria
►Questions & answers
►Review audit plan and methods
►Corrective actions & time-
►Report the observations, positive scale
& negative
►Recommendation

►Follow-up

Ref:ISO 19011-6.4.9

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 39

 Audit management

Follow-up action Documentary Evidence

 At agreed time • Records
 Review of documentary • Training certificates
evidence
• Amended procedures
 Re-audit on the site • Photographs
 Only review of corrective • Videos
actions

 Don’t start it all over again

•What if they are late?

Ref: ISO 19011-6.7

Oct 2018 QMS Internal Auditor Training Course (QMS/007) 40