Aspiris Management Systems Pvt Ltd: Sculpting Your Business Growth

ASPIRIS MANAGEMENT SYSTEMS PVT LTD

Sculpting your Business Growth

INTERNAL AUDITOR COURSE ON QUALITY MANAGEMENT SYSTEM (ISO 9001:2015)

Let’s get started!

Class rules

Safety rules & evacuation routes (By HSE) Courtesy (mobile phones) No smoking inside the class

Introduction This course is designed to equip the trainee auditor with the basic knowledge, skills and awareness to participate effectively In internal audits.

This course has a focus on Internal Auditing of Quality Management System (ISO 9001:2015).

Course Content Day 1

Salient features of a Management System - Process Approach - 7 Management Principles - PDCA Cycle Quality Management System ISO 9001:2015 Requirements

Day 2

Concepts & Principles of Auditing Audit Planning & Preparation

Audit Execution Audit Reporting Audit Closing Examination

Session 1 Salient Features of Management System

Salient features of Management Systems



Process Approach



7 Management Principles



PDCA Model

The Process Approach

Process Approach A process is a set of interrelated or interacting activities that uses resources to transform inputs into outputs

The process approach systematically identifies and manages the linkage, combination, and interaction of a system of processes within an organization, to produce desired output

ISO 9001/14001/ISO 45001 is based on a process approach to management

A Process

MANAGEMENT

INPUTS

ACTIVITIES

RESOURCES

OUTPUTS

Process Approach The process approach emphasizes the importance of: •

Understanding and meeting requirements

•

Looking at processes in terms of added value

•

Obtaining results of process performance

•

Continual improvement of processes

Process Approach

Process Approach Chain of Interrelated Processes: PROCESS A Outputs of Process A = Inputs to Process B

PROCESS B Outputs of Process B = Inputs to Process C

PROCESS C

A typical Process ‘Bringing new products to market’

Research market

MARKETING

Create specification

DEVELOPMENT AND MARKETING

Develop solution

Test with market

Manufacture

DEVELOPME NT

MARKETIN G

OPERATIONS

Market and sell

SALES

Process : Exercise 1 

Identify key processes of your area



Pick any process in your group



Brainstorm for the inputs, activities and outputs of that activity  consider

the following:



raw materials



consumables



utilities



machinery



man-power

7 Management Principles & PDCA Cycle

Quality Management Principles @ ISO 9001:2015

2. Leadership

5. Improvement

Quality Management Principles Principle

Statement

Customer Focus

The primary focus of quality management is to meet customer requirements and to strive to exceed customer expectations.

Leadership

Leaders at all levels establish unity of purpose and direction and create conditions in which people are engaged in achieving the quality objectives of the organization.

Key Benefits There is an increase in customer value; There is an increase in customer satisfaction; There is an improvement in customer loyalty; It enhances in repeat business; It enhances in reputation of the organization; There is an expansion of customer base; There is increase in revenue and market share.

It increases the effectiveness and efficiency in meeting the organization’s quality objectives; There is a better coordination of the organization’s processes; There is improvement in communication between levels and functions of the organization; It develops and improves the capability of the organization and its people to deliver desired results.

Quality Management Principles Principle

Statement

Engagement of People

It is essential for the organization that all people are competent, empowered and engaged in delivering value. Competent, empowered and engaged people throughout the organization enhance its capability to create value.

Process Approach

Consistent and predictable results are achieved more effectively and efficiently when activities are understood and managed as interrelated processes that function as a coherent system.

Key Benefits It improves understanding of the organization’s quality objectives by people in the organization and increased motivation to achieve them; It enhances involvement of people in improvement activities; It enhances personal development, initiatives and creativity; It enhances people satisfaction; It enhances trust and collaboration throughout the organization; It increases attention to shared values and culture throughout the organization

It enhances ability to focus effort on key processes and opportunities for improvement; There is a consistent and predictable outcomes through a system of aligned processes; It can optimize performance through effective process management, efficient use of resources and reduced crossfunctional barriers; It enables the organization to provide confidence to interested parties related to its consistency, effectiveness and efficiency.

Quality Management Principles Principle

Statement

Improvement

Successful organizations have an ongoing focus on improvement.

Evidence-based Decision Making

Decisions based on the analysis and evaluation of data and information are more likely to produce desired results.

Key Benefits There is improved process performance, organizational capability and customer satisfaction; There is enhanced focus on root cause investigation and determination, followed by prevention and corrective actions; There is enhanced ability to anticipate and react to internal and external risks and opportunities; There is enhanced consideration of both incremental and breakthrough improvement; There is improved use of learning for improvement; there is enhanced drive for innovation. 1. There is an improvement in decision making processes;

2. There is an improvement in assessment of process performance and ability to achieve objectives; 3. There is an improvement in operational effectiveness and efficiency; 4. There is an increased ability to review, challenge and change opinions and decisions; 5. There is an increased ability to demonstrate the effectiveness of past decisions.

Quality Management Principles Principle

Statement

Relationship Management

For sustained success, organizations manage their relationships with interested parties, such as suppliers.

Key Benefits There is an enhanced performance of the organization and its relevant interested parties through responding to the opportunities and constraints related to each interested party; There is a common understanding of objectives and values among interested parties; There is an increased capability to create value for interested parties by sharing resources and competence and managing quality related risks; There is a a well-managed supply chain that provides a stable flow of products and services.

PDCA Cycle

Session 2 Quality & Quality Management System

Key Terms

Process “Set of interrelated or interacting activities which transforms inputs into outputs” System “Set of interrelated or interacting elements” Management system “System to establish policy and objectives and to achieve those objectives”

Quality

Quality is “Degree to which a set of inherent characteristics fulfils requirements”

Quality

Quality Management System is “Management system to direct and control an organization with regard to quality ”

Exercise 3 : Quality Issues In your teams

Identify critical to quality issues in the process identified in your team Prioritize these issues

What contingency plan would you have to ensure you meet quality requirements

Exercise 4 : Business Systems 1. Re-arrange these activities to form a logical system of interrelated processes 2. When completed use ISO 9001:2015 to allocate clauses to the model

Internal Communication

Report Performance

Quality Policy Quality Objectives Customer Focus QMS Planning Responsibilities

Monitor/Measure Product Needs Met Product Realisation Analyse Results

Improvement Product Needs Known Resource Mgt Management Review

ISO 9000 Series of Standards ISO 9000:2015 – Fundamentals and vocabulary ISO 9001:2015 – Requirements* ISO 9004:2018 – Quality Management – Quality of an Organization –Guidance to achieve sustained success *

Session 3 ISO 9001:2015 Requirements

Continual Improvement of the Quality Management System

Exercise 5 : ISO 9001:2015 Requirements



You have post-its with a requirement written on it.



Identify if it is a requirement of ISO 9001:2015.



If yes, identify what is the ISO 9001:2015 clause number. Post it on the ISO 9001:2015 model on the chart.



To the others in the team, explain the requirement.

Standard Requirements & Interpretations



Shall requirements 



Documented Information 



Established, documented, (hardcopy / electronic)

implemented

and

maintained

procedure

Mandatory records 



Mandates the requirements

Mandates the requirement of maintaining record electronically or hardcopy

Definitions 

Quality, Incident, Hazard, Risk, Resilience

ISO 9001: 2015 Requirements 4.0 Context of Organization 

4.1 Understanding the Organization and Its Context



4.2 Understanding the needs and expectations of interested parties



4.3 Determining the scope of the quality management system



4.4 Quality management system and its processes

ISO 9001: 2015 Requirements 5.0 Leadership 5.1 Leadership and commitment

5.1.1 General 5.1.2 Customer Focus 5.2 Policy 5.2.1 Establishing the quality policy. 5.2.2 Communicating the quality policy. 5.3 Organizational roles, responsibilities and authorities

ISO 9001: 2015 Requirements 6.0 Planning 6.1 Actions to address risks and opportunities 6.2 Quality objectives and planning to achieve them

6.3 Planning of changes

ISO 9001: 2015 Requirements 7.0 Support 7.1 Resources 7.1.1 General 7.1.2 People 7.1.3 Infrastructure 7.1.4 Environment for the operation of processes 7.1.5 Monitoring and measuring resources 7.1.5.1 General 7.1.5.2 Measurement traceability

ISO 9001: 2015 Requirements 7.1.6 Organizational knowledge 7.2 Competence 7.3 Awareness 7.4 Communication 7.5 Documented information 7.5.1 General 7.5.2 Creating and updating 7.5.3 Control of documented information 7.5.3.1 Documented information required by the quality management system and by this International Standard shall be controlled to ensure

ISO 9001: 2015 Requirements 8 Operation 8.1 Operational planning and control

8.2 Requirements for products and services 8.2.1 Customer communication 8.2.2 Determining the requirements for products and services 8.2.3 Review of the requirements for products and services

8.2.3.1 The organization shall ensure that it has the ability to meet the requirements for products and services to be offered to customers. The organization shall conduct a review before committing to supply products and services to a customer 8.2.3.2 The organization shall retain documented information

ISO 9001: 2015 Requirements 

8.2.4 Changes to requirements for products and services



8.3 Design and development of products and services



8.3.1 General



8.3.2 Design and development planning



8.3.3 Design and development inputs



8.3.4 Design and development controls



8.3.5 Design and development outputs



8.3.6 Design and development changes



8.4 Control of externally provided processes, products and services



8.4.1 General

ISO 9001: 2015 Requirements 

8.4.2 Type and extent of control



8.4.3 Information for external providers



8.5 Production and service provision



8.5.1 Control of production and service provision



8.5.2 Identification and traceability



8.5.3 Property belonging to customers or external providers



8.5.4 Preservation



8.5.5 Post-delivery activities



8.5.6 Control of changes



8.6 Release of products and services

ISO 9001: 2015 Requirements 

8.7 Control of nonconforming outputs



8.7.1 The organization shall ensure that outputs that do not conform to their requirements are identified and controlled to prevent their unintended use or delivery



8.7.2 The organization shall retain documented information

ISO 9001: 2015 Requirements 9 Performance evaluation      

   

9.1 Monitoring, measurement, analysis and evaluation 9.1.1 General 9.1.2 Customer satisfaction 9.1.3 Analysis and evaluation 9.2 Internal audit 9.2.1 The organization shall conduct internal audits at planned intervals to provide information on whether the quality management system 9.3 Management review 9.3.1 General 9.3.2 Management review inputs 9.3.3 Management review outputs

ISO 9001: 2015 Requirements 10 Improvement 

10.1 General



10.2 Nonconformity and corrective action



10.2.1 When a nonconformity occurs, including any arising from complaints



10.2.2 The organization shall retain documented information as evidence



10.3 Continual improvement

Session 4 Concepts & Principles of Internal Auditing

ISO 9001: 2015 Requirements 10 Improvement 

10.1 General



10.2 Nonconformity and corrective action



10.2.1 When a nonconformity occurs, including any arising from complaints



10.2.2 The organization shall retain documented information as evidence



10.3 Continual improvement

ISO 9001: 2015 Requirements 10 Improvement 

10.1 General



10.2 Nonconformity and corrective action



10.2.1 When a nonconformity occurs, including any arising from complaints



10.2.2 The organization shall retain documented information as evidence



10.3 Continual improvement

ISO 9001: 2015 Requirements 10 Improvement 

10.1 General



10.2 Nonconformity and corrective action



10.2.1 When a nonconformity occurs, including any arising from complaints



10.2.2 The organization shall retain documented information as evidence



10.3 Continual improvement

Session 4 Concepts & Principles of Internal Auditing

50

Exercise 7 – Inspection vs Audits Discuss and answer the following questions, giving examples where appropriate.



What is an inspection? Give an example



What is the difference between an audit and an inspection?

51

Audit

Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which agreed criteria are fulfilled. ISO 9000:2005

52

Objective Evidence 

Data supporting the existence or verity of something – ISO 9000:2005



May be obtained through observation, measurement, test or other means



May be stated or (preferably) documented



Can be verified

53

Specified Requirements



Customer requirements



Organization system requirements 

manuals



procedures/work instructions



ISO 9001:2008 standard



Legal requirements-statutory, regulatory or industry body

54

Audit Purpose

To collect objective evidence to permit an informed judgement about the status and effectiveness of the quality management system.

55

Principles of Auditing Ethical Conduct

•

Trust, integrity, confidentiality, discretion

Fair Presentation

•

Audit findings and conclusions are accurate and truthful

Due Professional Care

•

Exercise care according to the confidence placed in them by their clients Competence is essential

• Independence

Evidence-Based Approach

•

Auditors are independent of the activities being audited and are free from bias or conflict of interest

•

Conclusions will be objective and based only on audit evidence

•

Audit evidence is based on samples of information

•

Conclusions are verifiable

56

Audit Definitions Audit

Audit Definitions

Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled (ISO 19011:2002, 3.1)

Audit Criteria Set of policies, procedures, or requirements (ISO 19011:2002, 3.2) Audit Evidence

Records, statement of fact or other information, which are relevant to the audit criteria and verifiable (ISO 19011:2002, 3.3)

Audit Findings

Results of the evaluation of the collected audit evidence against audit criteria (ISO 19011:2002, 3.4)

COMS

57

A

CORPOR DV MANAGEMENT SERVICES

Audit Definitions

Audit Definitions

Audit Conclusion

Outcome of an audit, provided by the audit team after consideration of the audit objectives and all audit findings (ISO 19011:2002, 3.5)

Audit Client

Organization or person requesting an audit (ISO 19011:2002, 3.6)

Auditee

Organization being audited (ISO 19011:2002, 3.7)

Auditor

Person with the competence to conduct an audit (ISO 19011:2002, 3.8)

Audit Team

One or more auditors conducting an audit, supported if needed by technical experts (ISO 19011:2002, 3.9)

COMS

58

A

CORPOR DV MANAGEMENT SERVICES

Audit Definitions Technical Expert

Person who provides specific knowledge or expertise to the audit team (ISO 19011:2002, 3.10)

Audit Program Set of one or more audits planned for a specific time frame and directed towards a specific purpose (ISO 19011:2002, 3.11) Audit Plan

Description of the activities and arrangements for an audit (ISO 19011:2002, 3.12)

Audit Scope

Extent and boundaries of an audit (ISO 19011:2002, 3.13)

Competence

Demonstrated personal attributes and demonstrated ability to apply knowledge and skills (ISO 19011:2002, 3.14) 59

Conformity vs. Compliance Conformity: • Fulfillment of a requirement • Nonconformity can lead to suspension or revocation of registration

• Voluntary

COMS

Compliance: • Fulfillment of legal/statutory requirements • Noncompliance can lead to fines/incarceration

• Mandatory

60

A

CORPOR DV MANAGEMENT SERVICES

Types of Audits

1st Party (Internal)

Organization auditing its own system

2nd Party (External)

Organization auditing its supplier

3rd Party (Extrinsic)

Organization audited by a CB

COMS

61

A

CORPOR DV MANAGEMENT SERVICES

Reasons for Internal Audits



Requirement of the standards (ISO 9001)



Source of information for use by management



Powerful tool for continual improvement through: 

Employee involvement



Communication



Employee awareness, etc.

62

Benefits of Auditing



Verifies conformity to requirements



Increases awareness and understanding



Provides a measurement of effectiveness of the system to management



Reduces risk of system failure



Identifies improvement opportunities



Precipitates the corrective action cycle



Precipitates the preventive action cycle

63

Audit Process - Overview

Auditing Process - Stages Planning Execution Reporting Closing

64

Session 5 Audit Planning & Preparation

65

Audit Preparation - Objectives

The objective of this module is to identify and

understand: 

The role of the auditor



The range of planning activities



The outcomes of the planning activities

66

Managing an Audit Program

An audit program includes: •

•

One or more audits depending on: –

Size of the auditee

–

Nature of the auditee

–

Complexity of the auditee

All activities necessary for: –

Planning and organizing audits

–

Providing resources to conduct audits

67

Audit Initiation There are five key areas to be considered to ensure an effective and successful audit programme. Objectives

What is to be accomplished by the audit

Scope

Extent & boundaries of audit

Frequency

Number of times every process audited

Resources

Financial & auditors

Approach 68

Process, Departmenta l, Risk

Selecting the Audit Team For team size and composition, consider: •

Audit objectives, scope, criteria, and duration

•

Qualified auditors

•

Knowledge of standard/s

•

Technical expertise

•

Competence of team

•

Statutory and other requirements

•

Independence of the team

•

Interaction of team members and auditee

69

Audit Schedule Processes

J

Marketing

P

Purchasing

F

A

M

J

J

A

S

P

Production

A

D

P

P

Product Design

P P

Q.A.

A P

A

Despatch

N

P P

Stores

O

P

Product Dev

P = Planned

M

P P

A = Additional

70

Audit Schedule Day 1 Time

Group 1

1000 – 1200

Marketing

1330 - 1530

Customer

Group 2

Group 3

Purchase

Product Dev

R.M.Stores

Production 1

Service 1530 – 1730

Contract Engg

Purchasing

Production 2

Vendor Control

Control of outsourced

Day 2 1000 – 1200

Training

activities 1330 - 1530 1530 – 1730

Management M.R.

Despatch Transport

Q.A. E.T.P

71

Scheduling Considerations QMS

EMS

OHSMS

FSMS

Product design

Aspect/impact

Hazard and risk

Hazard and risk

Legal requirements Objectives & targets

Objectives & targets

Operational control/ Planning product realisation

Nonconformance

Records

Audits

Management review

Corrective action

Documentation

72

Audit Preparation - Auditee . 

It is important to communicate with the auditee whilst scheduling the audit



Communicate purpose, objectives and scope of audit



Ensure timing of audit is acceptable



Confirm availability of key personnel



Identify any particular areas of concern

73

Checklists

A checklist is a systematic set of questions/prompts about the auditee’s QMS, which enable the auditor to maintain a consistent approach, and to ensure that no important points are missed.

A checklist should not be a list of questions to ask the auditee. It is simply a “prompt” for aspects of the system which require review

74

Aide Memoirs - Benefits A well constructed aide memoir will help to: 

Keep audit objectives clear



Provide evidence of audit planning



Maintain audit pace and continuity



Reduce auditor bias



Reduce workload during audit

75

CHECKLIST DRAWBACKS

Checklists tend to lose value if they are: 

Tick lists



Questionnaires



Too focused



Inflexible

Prepare them as aides-memoir

76

Checklist Preparation 1.

Convert clauses of the standard into questions

2.

Define the process

3.

Interaction of process

4.

5.

Using these questions and the IMS manual • plan what to look at • plan what look for • consider sample sizes

Prepare checklist

77

Preparation 

Decide whether to base the aide memoir on the Standard or other criteria



Read the reference base and determine key issues



Identify representative samples taking into account 

who would you want to see?



what documents to look at?



what observations to make?



major functions of the department/process



other duties undertaken



what happens when things go wrong?

78

Preparation Activities Information Available 

QMS documentation



Process & product information



Customer requirements



Applicable legal requirements



Codes of practice



Management priorities



Previous non-conformances



Previous audits



Customer complaints & feedback

79

Representative Samples

When planning samples, consider: 

The major process of the department



The other duties it undertakes



What it does when things go wrong

80

Checklist - Starting Point Ask for an overview of the process for…... 

How do these processes inter-relate with other processes within the organization?



How are processes controlled?



How are processes monitored/measured?



What evidence of continual improvement is there?

81

Applying the Process Approach to Auditing

Auditors can apply the process approach to auditing by ensuring the auditee: •

Can define the objectives, inputs, outputs, activities, and resources for its processes

•

Analyzes, monitors, measures, and improves its processes

•

Understands the sequence and interaction of its processes

82

Process Approach - Auditing Applying Process Approach to Auditing 



To examine individual processes, concentrate on: 

Input/Output/Value-added activities



Plan-Do-Check-Act



Resources

To examine relationships between processes, concentrate on: 

Flow/sequence/linkage/combination



Interaction/communication



Audit trails



Customer contracts 83

Process Auditing “Turtle Diagram” With Who? Personnel

With what? Resources

Inputs From whom/ where

Process

Outputs To whom/ where

(specific value added activities)

How done? Methods/ Documentation

What results? Performance indicators 84

With what?

Process Auditing “Turtle Diagram” With Who?

M/C Maintenance Calibration

Inputs Objectives Customer Requirements Raw Material Consumables Legal Reqmnts

Employees Awareness of QMS Policy, Objectives, Job Resp.

Process

(specific value added activities)

Outputs Quality of product as customer requirement

How done? What results?

Procedures, WI, Checklists, Control of Docs & Records

M & M Results, NC of products, Internal Audit NC CAPA 85

Exercise 8 : Checklist



Prepare checklist for a QMS audit.



Check list may be prepared for the process selected.

86

Session 6 Audit Execution

87

Audit Execution Objectives The objectives of this module are to: 

Identify and review audit execution activities



Discuss key audit execution skills After this module you will be able to:



Conduct internal IMS audit execution activities

88

SOME ATTRIBUTES OF A GOOD AUDITOR



Open minded



Diplomatic



Observant



Perceptive



Tenacious



Decisive



Self reliant



Ethical

89

Auditor Qualification

Auditors must be competent in – 

Reasoning of nonconformities



Evaluating effectiveness of corrective action

90

Managing Communications

Effective

Communications

•

Questioning

•

Listening

•

Body Language

91

Resolving Differences 

Types of Conflict



Dealing with conflict

92

AUDIT EXECUTION



The audit process 

Gathering information



Validating the findings



Evaluating the findings

93

Conduct of the Audit



Enter the area



Explain what you want to see



Investigate to the depth necessary



No problems found, move on



Don’t keep on auditing until problems are found

94

Control of the Audit



Checklist is a servant not a master



If potential audit trails appear, decide: 

disregard



note for later



follow up immediately



Might affect the sample size



Might affect the audit programme

95

Audit Methodology



Trace Forward : Audit one sample from first to last activity



Trace Back : Audit one sample from last to first activity



Horizontal : Audit one activity for more than one sample



Vertical : Audit sequentially, may not be of the same sample

96

Audit Execution Evidence There are three principal means of collecting audit evidence:

RECORDS

SENSES

NOTES

QUESTIONS

THE AUDIT TRIANGLE 97

Conducting Interviews

Interviews are an important means of collecting information and should be carried out in a manner adapted to the situation and the person interviewed

98

Questions 

Open questions - Encourage auditee to speak



Probing questions



Closed questions Questions should be asked like a funnel – starting with open questions and ending with closed questions

99

Open Questions Tell me:  Who (does it)  What (is done)  Where (is it done)  Why (is it done)  When (does it get done)  How (is it done; often is it done)  Show me

100

Questions

Don’t waste time by asking questions which are unrelated, irrelevant.

Don’t ask too many closed question Do ask open questions

101

NOTE TAKING

Recording the objective evidence: 

Admissible statements



Document numbers and issue/revision levels



Identifiers



Departments



Name of auditee

102

NOTE TAKING Notes could be used as reference for:  Immediate investigation  Investigation later  Use by a colleague  Subsequent audits Notes must therefore be:  Legible  Retrievable

103

Verification 

Random basis



Chosen by the auditor



Permission sought



Establish and agree the facts



Remain impartial



Always be polite

104

Establish the Facts 

Get help from the auditee



Discuss concerns



Verify the information



Record all the evidence: 

Exact observation



Where, what, etc...



Establish why a nonconformity or otherwise



State who (if relevant) – preferably by job title

105

Session 7 Audit Reporting

106

Nonconformity 

Non fulfilment of a requirement



Specified requirements: 

Customer requirements, of significant aspects & hazards



ISO 9001:2008,14001:2004 & OHSAS 18001:2007 standards



Company IMS manual & procedures



legislative requirements

107

Exercise 9 : Identifying Non-conformances

The following 10 statement were presented by an audit team.

Identify if there is a non-conformance. If yes, identify the standard and clause number it is violating. If no, then what further action should be taken by the auditor

108

Writing Statements of Nonconformity 

Use auditee’s terminology



Make it retrievable



Must be factual



Make it complete



Make it concise

109

Consider the Seriousness Three questions to be answered 1.

What could go wrong if the nonconformity remains uncorrected?

2.

What is the likelihood of such a thing going wrong?

3.

How likely is it to be detected if it did go wrong?

110

The Nonconformance Report

Objective Evidence

Deficiency Statement

Reference

Explanation

111

Nonconformity Statement (1)

A project file was not available during the Audit.

112

Nonconformity Statement (2)

Operational procedure OP-01 Rev 3 requires that all project files are available in the general office.

Project file WP-08 was unavailable during the Internal Audit carried out on 1/12/2008. Nonconformity to OP-01 Rev3 and ISO 9001:2008 clause 4.2.4.

113

Incident

During an Audit of the Personnel Department the Auditor asks how the effectiveness of training is monitored. The Personnel Manager replies that only world class training organizations are used by the company so monitoring of effectiveness is not required.

114

Nonconformity Statement

ISO 9001:2008 clause 6.2.2c requires that training is evaluated for effectiveness. The personnel manager stated that monitoring of training effectiveness is not necessary.

115

Nonconformity Statement

A poor nonconformity statement: “Maintenance people do not know how to clean up spills.”

116

Nonconformity Statement Better: “It was observed that a maintenance crew incorrectly followed Oil Spill Procedure (EMS-#1834) when cleaning an oil spill in the delivery vehicle maintenance bay.”

117

Nonconformity Statement

Pretty good:

“When cleaning an oil spill in the delivery vehicle maintenance bay, it was observed that the maintenance crew disposed of oil in the general trash bin when cleaning up an oil spill. When questioned, the maintenance crew were not aware that Oil Spill Procedure (EMS-#1834) requires special disposal instructions for oil.”

118

Incident During an Audit of the Production Department the Auditor asks the Deptt. Head that in case of process change, how does he ensure that the operators are aware of significant aspect arising from it The Deptt. Head replies that since the department is small, they all get to know and no training as such is required.

119

Nonconformity Statement

ISO 14001:2004 clause 4.4.6 requires that all persons should be trained on the significant aspect of their activities. The Production Deptt. Head stated that since the department is small, the operators get to know and no training is required. There is no evidence of a process for training the operators on significant aspects from amended process.

120

Nonconformity Statement Key rules need to be followed in developing findings 

Do not draw unsubstantiated conclusions



State the exact nature of the problem clearly



Avoid generalities



Communicate the extent of the problem fully



Do not draw legal opinion



Avoid extreme language



Use familiar terminology



Give legislative, site or good management practice reference



Avoid contradictory messages 121

Nonconformity Statement NONCONFORMITY REPORT

AREA UNDER REVIEW: MACHINE SHOP No 2 CATEGORY MAJOR MINOR

DEFICIENCY

NCR No. 001 AUDIT No.

7978

ISO 9001 Clause : 7.6

Calibration process flow chart cal 2 box3 shows only company instruments to be used. Machine operator on line 15, machine No.106 was using own micrometer to measure part No. 954878/1 and to complete appropriate SPC chart. This micrometer was not in the calibration system. Personally owned equipment was being used due to failure of company equipment.

Auditor’s signature Date

Examples

Manager’s signature 122

Reporting Categories Categories such as Non-conformance or Non-compliance represent a “non-fulfilment of a specified requirement”, and for many organisations are given the highest priority when determining corrective actions.

A lower priority is often given to Observations or Areas Requiring Attention. These findings are recognised as being of lower risk to the organisation.

123

Major Non-conformity



Complete absence of any clause of the standard(s)



Complete non-compliance of company procedure



Non-compliance of legislative requirement

124

Minor Non-conformance



Any minor lapse in the system

125

Auditing

 Positive

 Aim

to help improve system

 Don’t

 Aid

approach

look for blame

identification of solutions

126

Judgement in the Audit Process

The auditee must be given the benefit of any doubt.

127

Internal Auditing 

The objective of internal audit is to assess the status of the System from the point of view of adequacy of documents (Intent), compliance and effectiveness.

 Non conformities could arise out of two reasons:

- System deficiencies - Human slip ups Internal audits should be aimed at identifying system deficiencies.

128

Internal Auditing The objective of internal audit is to identify and record nonconformities so that they can be  Systematically analysed.  Root cause for non conformities identified.  Appropriate corrective actions evolved.  Evolved corrective actions implemented.  The corrective actions monitored to confirm that they are

appropriate and effective.

129

Reporting Date  Process/Area of Audit  Auditor(s)  Auditee  NCR  Root cause  Proposed Corrective Action  Corrective Action taken  Review 

130

Exercise 10 : Nonconformance Report



Write the nonconformance Statement for any non-conformance in Exercise 9.

131

Auditing To Root Cause

A well written finding always tries to describe the “root cause” behind the mere “symptoms”

132

Root Cause A well-written finding always tries to describe the “root cause” behind the mere “symptoms”. Why?

Symptom stained soil

Why?

Cause 1 spillage of chemical

Why?

Why?

Cause 2

Cause 3

storage in areas without containment (nondesignated areas)

lack of training

Root cause training programme does not include storage of chemicals Corrective Action

133

Audit Execution - Audit Findings Key rules need to be followed in developing findings 

Do not draw unsubstantiated conclusions



State the exact nature of the problem clearly



Avoid generalities



Communicate the extent of the problem fully



Do not draw legal opinion



Avoid extreme language



Use familiar terminology



Give legislative, site or good management practice reference



Avoid contradictory messages 134

Session 8 Audit Closing

135

Conducting Audit Follow-Up

The auditor is responsible for: 

Identifying the nonconformance; and



Closing of the nonconformance.

136

Follow Up Action 

Auditee receives non-conformity report



Identify the root cause



Corrective action plan prepared



Auditor evaluates response



Auditee implements plan



Auditee evaluates effectiveness



Auditee revises plan if necessary



Auditee documents the changes



Auditor verifies implementation and effectiveness



Records made of all actions taken

137

Exercise 11 – Reviewing Corrective Action

For the identified nonconformities in Exercise 9, determine the corrective actions. Discuss if they address the root cause of the problem.

138

Conducting Audit Follow-Up

At the conclusion of the follow up audit, the auditor must make a conclusion as to the completion and effectiveness of the

previously proposed corrective actions :



Has the action been taken and has it been effective?



Has the action not been taken or is it incomplete?



Has the action been taken but is ineffective?

139

Thank you!

140

THANK YOU

Contact Us

Aspiris Management Systems Pvt Ltd Reg Office: Dumna Arcade, Dumnabai Niwas, Church Road, Chulna Village, Vasai Road West ,Dist: Palghar, Pin code: 401202 ,Mumbai, Maharashtra, India Tel: +91 9075864668

Whatsapp : +974 70297056 Email : [email protected] Email: [email protected] Skype: Stannel. Dsouza