Internal Audit Training
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Internal Audit Training as PDF for free.
More details
- Words: 2,016
- Pages: 46
Loading documents preview...
Internal Audit
COURSE OBJECTIVES On the completion of this training, participants will be able to : Understand how to establish and maintain an internal audit program meeting the requirements of ISO. Plan and organize internal audits Identify, record and follow-up on corrective actions arising such audits
COURSE OUTLINE MODULE 1 MODULE 2 MODULE 3 MODULE 4 MODULE 5
Basic concepts of internal audits Planning, Preparing and Managing Audits Audit Processes and Techniques Writing audit reports and followup audits Selection of Auditors and Special Aspects of Internal Audits
MODULE 1 : BASIC CONCEPTS OF INTERNAL AUDITS
TERMINOLGY AUDIT Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled.
AUDIT CRITERIA Set of policies, procedures or requirements.
TERMINOLGY AUDIT EVIDENCE Records, statement of fact or other information which are relevant to the audit criteria and are verifiable.
AUDIT FINDINGS Results of evaluation of collected audit evidence against audit criteria.
TERMINOLGY MANAGEMENT SYSTEMS The quality, administrative and technical systems that govern the operations of organization.
AUDITEE An organization or area being audited.
AUDITOR Person with the competence to conduct an audit.
TYPES OF AUDITS TYPES OF AUDITS 1] First Party Audits 2] Second Party Audits 3] Third Party Audits
FIRST PARTY AUDITS • An employee of the organization acts as the auditor or an outside commissioned by the organization. • A self check of one’s own system, product quality, etc. • Also known as “Internal Audit”
TYPES OF AUDITS SECOND PARTY AUDITS • A representative of the customer conducts the audit. • The quality of the product and the consistency of its production are audited.
THIRD PARTY AUDITS • Assessors or auditors are acting on behalf of an accreditation or certification body. • To confirm the management system meets the requirements of the accreditation or certification body they represent.
PRINCIPLES OF AUDITING
Ethical conduct : the foundation of professionalism (trust, integrity, confidentiality and discretion are essential for auditing) Fair presentation : the obligation to report truthfully and accurately Due professional care : the application of diligence and judgment in auditing Independence : the basis for the impartiality of the audit and objectivity of the audit conclusions. (free of conflict of interest) Evidence-based approach : the rationale method of reaching reliable and reproducible audit conclusions in a systematic audit process.
MODULE 2 : PLANNING, PREPARING AND MANAGING AUDITS
TERMINOLGY AUDIT PROGRAM Set of one or more audits planned for a specific time frame and directed towards specific purpose.
AUDIT SCOPE Extent and boundaries of an audit.
AUDIT PLAN Description of the activities and arrangements for an audit.
AUDIT PROGRAM ISO does not specify how frequently internal audit are required.
“pre-determined schedule”
The standard leaves it to the judgment of the organization how frequent the audits should be conducted and how they should be scheduled. Shows the areas, processes, functions to be audited. Time of Audit (month or date). All activities necessary for planning, organizing and conducting the audits
AUDIT FREQUENCY Duration: • Depends on the scope of audit • Complexity of the process • Number of auditors
BRIEFING THE AUDITORS Define the scope of the audit
What is to be audited Which part of the organization Against what criteria
Establish the date, time and duration Provide audit briefing documents
Current copies of all quality system documents
Provide audit working documents
Checklists Non-conformity reports
Ensure correct understanding
MODULE 3 : AUDIT PROCESS AND TECHNIQUES
TYPICAL AUDIT SEQUENCE
Entry or Opening Meeting Gathering the information and evidence Review and Summary Documenting and Compiling Report Exit or Closing Meeting
TYPICAL AUDIT SEQUENCE ENTRY OR OPENING MEETING Introduce the audit team members Confirm audit scope and objectives Confirm audit schedule and reporting procedure Explain audit methods Explain team member’s responsibilities Where applicable, ask for an escort Questions / Clarification
TYPICAL AUDIT SEQUENCE EXIT OR CLOSING MEETING Informal discussion with the Department / Auditee Maybe waived, in lieu of reports If held: - Present findings and conclusion - Explain and discuss findings
Present the audit findings Explanation of audit findings Conclusion on the status of the system Agree / confirm on the dates for completion of corrective action Confirm reporting and follow-up actions
TYPICAL AUDIT SEQUENCE AUDIT REVIEW Team meeting before closing meeting
Review / complete checklists
Discuss and compare evidence
Decide and classify Non-Conformities (NCs)
Document NCs
TYPICAL AUDIT SEQUENCE FORM OF OBJECTIVE EVIDENCE Paper / Documents, records, reports, data, etc. necessary in managing an activity/process. Practice – physical activities necessary in managing an activity/process, e.g. sample preparation, housekeeping People – levels of knowledge and understanding necessary in managing an activity/process.
EFFECTIVE AUDITING An audit is a fact finding mission. Gather information about the process or management systems, operating procedures, staff, equipment, process or test methods, environment, handling of software, quality control and verification activities, and recording and reporting practices. Evaluate this information against the documented quality system and operating procedures. Identify, through objective evidence, any breakdowns in the quality system or departures from these operating procedures.
AUDIT TECHNIQUES Five Basic Techniques
Ask questions Listen to answers Observing activities Examination of facilities Reviewing documents and records
Even our senses of touch, taste and smell may be useful to us in gathering information.
AUDIT TECHNIQUES
Establish audit trails and use checklist (if necessary) Select the sample you wish to see Select the auditee you want to interview Check systems / process top-down or bottom-up or vertical-horizontal Manage time
INTERVIEW TECHNIQUES Be courteous at all times (never act superior) Ask the auditee to explain what he does with respect to selected situations. Listen carefully to what is said. Allow time for auditee to think.
“Show & Tell” Technique Many auditors rely heavily on asking questions as the basis of their information gathering.
INTERVIEW TECHNIQUES Remember alternative situations (what happen if) Be systematic (summarize to show understanding) Ensure that both you and auditee understand each other fully. Thank auditee for his cooperation and feedback results.
INTERVIEW TECHNIQUES Combination of observing and listening technique.
Less threatening Gathers more information Demands thorough preparation Requires attentive observation and listening.
INTERVIEW TECHNIQUES QUESTIONS TO ASK … OPEN QUESTIONS Who…..? What….? When….? How….? Where……? Why…..? They produce answers of substance They gather information efficiently They keep the dialogue flowing
INTERVIEW TECHNIQUES OTHER QUESTIONS TO ASK Direct question
Requires a definite answer Established something factual Useful for clarifying details Can bring discussion back on track!
Hypothetical question
Poses the unusual What does the response indicate
Clarifying question
Prevents misunderstanding Gets more detail from the interviewee
INTERVIEW TECHNIQUES QUESTIONS TO AVOID Self-answering questions
Leads to the expected answer Unnecessary pressure
Trick questions
Destroy credibility Create resentment Close off communication
Ambiguous question
Create confusion Phrase questions clearly
INTERVIEW TECHNIQUES QUESTIONS TO AVOID Compound questions
Are usually directive Are not helpful Generate more confusion
Irrelevant questions
Waste Time Create diversions
Questions to the wrong person
Waste time Generate confusion, tension
INTERVIEW TECHNIQUES SUCCESSFUL QUESTIONING STRATEGIES Other techniques
Talking through the evidence Silence can be useful Confirming answers Periodically summarize
Vary your pattern
Start with observation Fill in gaps with open questions Confirm with direct questions Explore with hypothetical/clarifying questions Provide periodic summaries
INTERVIEW TECHNIQUES SUCCESSFUL QUESTIONING STRATEGIES Develop unit concept
Plan your approach Divide topic into units Explore each unit thoroughly Summarize, move to next unit
Listening skills
Focus on speaker Avoid physical, mental distractions Reassure verbally, visually Maintain appropriate eye contact Project appropriate body language
CONTROLLING THE AUDIT
Remain assertive Avoid lengthy discussion or observation Not to be led or misled Keep track of schedule Be thorough and efficient Avoid becoming “bogged down” Not antagonize or dictate Time wasting
The waffle The Would-be politician Repeated interruptions
CONTROLLING THE AUDIT Leading the Auditor
Pre-prepared evidence Chosen auditee Auditee own plan/program
The unusual situation Testing the auditors strength and character Establish the relevant documents are of correct issue Do not let only one person do all the talking Observe work progression when necessary Evaluate physical evidence Examine input, output and controls Make comprehensive notes Seek verification Do not assume people will lie but seek to verify statements, if necessary
POINTERS TO AUDITORS
Be a good listener – empathize Get interested but do not get involved Know what and when to say Be sensitive to auditees’ nervousness or defensiveness Look at the person speaking to you. Do not turn around or talk down Be flexible Be assertive Do not appear impatient Do not be lazy
MODULE 4 : WRITING AUDIT REPORTS AND FOLLOW-UP AUDITS
WHEN SOMETHING SEEMS WRONG Find out the facts….. Is it wrong? If so, do they know it is wrong? Can they give (or can you find) an explanation for it happening? Is this an isolated event or is it occurring elsewhere as well? Is it an aberration or is it a symptom of a deeper problem? Why didn’t the management system detect this? Why is the management system allowing this to happen?
BASIC RULE OF AUDITING
“IF YOU CANNOT EXPRESS A NON-CONFORMITY IN THE WORDS OF THE MANAGEMENT SYSTEM STANDARD OR A MANAGEMENT SYSTEM PROCEDURE, THEN YOU DO NOT HAVE A NONCONFORMITY.”
IDENTIFYING NON-CONFORMITIES
Non-Conformities can be:
Related to the management system Related to technical activities Failure to do something required Difference between work practices and documented instructions
EXPRESSING NON-CONFORMITIES
Statement of Non-Conformities must be :
Non-blaming statements of facts Based on recorded objective evidence Directly related to specific documented requirement
MODULE 5 : SELECTION OF AUDITORS & SPECIAL ASPECTS OF INTERNAL AUDITS
CHARACTERISTICS OF AUDITORS
An understanding of management system concepts. Knowledge of the management system itself. Sufficient knowledge of the technology. Ability to probe and analyze situations. Good judgment and communication skills. Positive attitude towards the management system.
PERSONAL ATTRIBUTES Ethical, i.e. fair, truthful, sincere, honest and discreet; Open-minded, i.e. willing to consider alternative ideas or points of view; Diplomatic; i.e. tactful in dealing with people; Observant; i.e. actively aware of physical surroundings and activities; Perceptive; i.e. instinctively aware of and able to understand situations; Versatile; i.e. adjusts readily to different situations; Tenacious; i.e. persistent, focused on achieving objectives; Decisive; i.e. reaches timely conclusions based on logical reasoning and analysis; and Self-reliant; i.e. acts and functions independently while interacting effectively with others.
SPECIAL ASPECTS OF INTERNAL AUDITS Corporate Culture Internal Politics Dangers of Familiarity
Risk of missing the obvious things that an outsider auditor would challenge
Securing Commitment
Regarded audits as of lower importance than external audits and will not be given the attention and priority they deserve Seen as an interruption to the normal flow of work
Third Party Interest
Important activity in any audit Effectiveness of the organization’s internal audit
“How come we found that and they didn’t?”
Q &A
COURSE OBJECTIVES On the completion of this training, participants will be able to : Understand how to establish and maintain an internal audit program meeting the requirements of ISO. Plan and organize internal audits Identify, record and follow-up on corrective actions arising such audits
COURSE OUTLINE MODULE 1 MODULE 2 MODULE 3 MODULE 4 MODULE 5
Basic concepts of internal audits Planning, Preparing and Managing Audits Audit Processes and Techniques Writing audit reports and followup audits Selection of Auditors and Special Aspects of Internal Audits
MODULE 1 : BASIC CONCEPTS OF INTERNAL AUDITS
TERMINOLGY AUDIT Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled.
AUDIT CRITERIA Set of policies, procedures or requirements.
TERMINOLGY AUDIT EVIDENCE Records, statement of fact or other information which are relevant to the audit criteria and are verifiable.
AUDIT FINDINGS Results of evaluation of collected audit evidence against audit criteria.
TERMINOLGY MANAGEMENT SYSTEMS The quality, administrative and technical systems that govern the operations of organization.
AUDITEE An organization or area being audited.
AUDITOR Person with the competence to conduct an audit.
TYPES OF AUDITS TYPES OF AUDITS 1] First Party Audits 2] Second Party Audits 3] Third Party Audits
FIRST PARTY AUDITS • An employee of the organization acts as the auditor or an outside commissioned by the organization. • A self check of one’s own system, product quality, etc. • Also known as “Internal Audit”
TYPES OF AUDITS SECOND PARTY AUDITS • A representative of the customer conducts the audit. • The quality of the product and the consistency of its production are audited.
THIRD PARTY AUDITS • Assessors or auditors are acting on behalf of an accreditation or certification body. • To confirm the management system meets the requirements of the accreditation or certification body they represent.
PRINCIPLES OF AUDITING
Ethical conduct : the foundation of professionalism (trust, integrity, confidentiality and discretion are essential for auditing) Fair presentation : the obligation to report truthfully and accurately Due professional care : the application of diligence and judgment in auditing Independence : the basis for the impartiality of the audit and objectivity of the audit conclusions. (free of conflict of interest) Evidence-based approach : the rationale method of reaching reliable and reproducible audit conclusions in a systematic audit process.
MODULE 2 : PLANNING, PREPARING AND MANAGING AUDITS
TERMINOLGY AUDIT PROGRAM Set of one or more audits planned for a specific time frame and directed towards specific purpose.
AUDIT SCOPE Extent and boundaries of an audit.
AUDIT PLAN Description of the activities and arrangements for an audit.
AUDIT PROGRAM ISO does not specify how frequently internal audit are required.
“pre-determined schedule”
The standard leaves it to the judgment of the organization how frequent the audits should be conducted and how they should be scheduled. Shows the areas, processes, functions to be audited. Time of Audit (month or date). All activities necessary for planning, organizing and conducting the audits
AUDIT FREQUENCY Duration: • Depends on the scope of audit • Complexity of the process • Number of auditors
BRIEFING THE AUDITORS Define the scope of the audit
What is to be audited Which part of the organization Against what criteria
Establish the date, time and duration Provide audit briefing documents
Current copies of all quality system documents
Provide audit working documents
Checklists Non-conformity reports
Ensure correct understanding
MODULE 3 : AUDIT PROCESS AND TECHNIQUES
TYPICAL AUDIT SEQUENCE
Entry or Opening Meeting Gathering the information and evidence Review and Summary Documenting and Compiling Report Exit or Closing Meeting
TYPICAL AUDIT SEQUENCE ENTRY OR OPENING MEETING Introduce the audit team members Confirm audit scope and objectives Confirm audit schedule and reporting procedure Explain audit methods Explain team member’s responsibilities Where applicable, ask for an escort Questions / Clarification
TYPICAL AUDIT SEQUENCE EXIT OR CLOSING MEETING Informal discussion with the Department / Auditee Maybe waived, in lieu of reports If held: - Present findings and conclusion - Explain and discuss findings
Present the audit findings Explanation of audit findings Conclusion on the status of the system Agree / confirm on the dates for completion of corrective action Confirm reporting and follow-up actions
TYPICAL AUDIT SEQUENCE AUDIT REVIEW Team meeting before closing meeting
Review / complete checklists
Discuss and compare evidence
Decide and classify Non-Conformities (NCs)
Document NCs
TYPICAL AUDIT SEQUENCE FORM OF OBJECTIVE EVIDENCE Paper / Documents, records, reports, data, etc. necessary in managing an activity/process. Practice – physical activities necessary in managing an activity/process, e.g. sample preparation, housekeeping People – levels of knowledge and understanding necessary in managing an activity/process.
EFFECTIVE AUDITING An audit is a fact finding mission. Gather information about the process or management systems, operating procedures, staff, equipment, process or test methods, environment, handling of software, quality control and verification activities, and recording and reporting practices. Evaluate this information against the documented quality system and operating procedures. Identify, through objective evidence, any breakdowns in the quality system or departures from these operating procedures.
AUDIT TECHNIQUES Five Basic Techniques
Ask questions Listen to answers Observing activities Examination of facilities Reviewing documents and records
Even our senses of touch, taste and smell may be useful to us in gathering information.
AUDIT TECHNIQUES
Establish audit trails and use checklist (if necessary) Select the sample you wish to see Select the auditee you want to interview Check systems / process top-down or bottom-up or vertical-horizontal Manage time
INTERVIEW TECHNIQUES Be courteous at all times (never act superior) Ask the auditee to explain what he does with respect to selected situations. Listen carefully to what is said. Allow time for auditee to think.
“Show & Tell” Technique Many auditors rely heavily on asking questions as the basis of their information gathering.
INTERVIEW TECHNIQUES Remember alternative situations (what happen if) Be systematic (summarize to show understanding) Ensure that both you and auditee understand each other fully. Thank auditee for his cooperation and feedback results.
INTERVIEW TECHNIQUES Combination of observing and listening technique.
Less threatening Gathers more information Demands thorough preparation Requires attentive observation and listening.
INTERVIEW TECHNIQUES QUESTIONS TO ASK … OPEN QUESTIONS Who…..? What….? When….? How….? Where……? Why…..? They produce answers of substance They gather information efficiently They keep the dialogue flowing
INTERVIEW TECHNIQUES OTHER QUESTIONS TO ASK Direct question
Requires a definite answer Established something factual Useful for clarifying details Can bring discussion back on track!
Hypothetical question
Poses the unusual What does the response indicate
Clarifying question
Prevents misunderstanding Gets more detail from the interviewee
INTERVIEW TECHNIQUES QUESTIONS TO AVOID Self-answering questions
Leads to the expected answer Unnecessary pressure
Trick questions
Destroy credibility Create resentment Close off communication
Ambiguous question
Create confusion Phrase questions clearly
INTERVIEW TECHNIQUES QUESTIONS TO AVOID Compound questions
Are usually directive Are not helpful Generate more confusion
Irrelevant questions
Waste Time Create diversions
Questions to the wrong person
Waste time Generate confusion, tension
INTERVIEW TECHNIQUES SUCCESSFUL QUESTIONING STRATEGIES Other techniques
Talking through the evidence Silence can be useful Confirming answers Periodically summarize
Vary your pattern
Start with observation Fill in gaps with open questions Confirm with direct questions Explore with hypothetical/clarifying questions Provide periodic summaries
INTERVIEW TECHNIQUES SUCCESSFUL QUESTIONING STRATEGIES Develop unit concept
Plan your approach Divide topic into units Explore each unit thoroughly Summarize, move to next unit
Listening skills
Focus on speaker Avoid physical, mental distractions Reassure verbally, visually Maintain appropriate eye contact Project appropriate body language
CONTROLLING THE AUDIT
Remain assertive Avoid lengthy discussion or observation Not to be led or misled Keep track of schedule Be thorough and efficient Avoid becoming “bogged down” Not antagonize or dictate Time wasting
The waffle The Would-be politician Repeated interruptions
CONTROLLING THE AUDIT Leading the Auditor
Pre-prepared evidence Chosen auditee Auditee own plan/program
The unusual situation Testing the auditors strength and character Establish the relevant documents are of correct issue Do not let only one person do all the talking Observe work progression when necessary Evaluate physical evidence Examine input, output and controls Make comprehensive notes Seek verification Do not assume people will lie but seek to verify statements, if necessary
POINTERS TO AUDITORS
Be a good listener – empathize Get interested but do not get involved Know what and when to say Be sensitive to auditees’ nervousness or defensiveness Look at the person speaking to you. Do not turn around or talk down Be flexible Be assertive Do not appear impatient Do not be lazy
MODULE 4 : WRITING AUDIT REPORTS AND FOLLOW-UP AUDITS
WHEN SOMETHING SEEMS WRONG Find out the facts….. Is it wrong? If so, do they know it is wrong? Can they give (or can you find) an explanation for it happening? Is this an isolated event or is it occurring elsewhere as well? Is it an aberration or is it a symptom of a deeper problem? Why didn’t the management system detect this? Why is the management system allowing this to happen?
BASIC RULE OF AUDITING
“IF YOU CANNOT EXPRESS A NON-CONFORMITY IN THE WORDS OF THE MANAGEMENT SYSTEM STANDARD OR A MANAGEMENT SYSTEM PROCEDURE, THEN YOU DO NOT HAVE A NONCONFORMITY.”
IDENTIFYING NON-CONFORMITIES
Non-Conformities can be:
Related to the management system Related to technical activities Failure to do something required Difference between work practices and documented instructions
EXPRESSING NON-CONFORMITIES
Statement of Non-Conformities must be :
Non-blaming statements of facts Based on recorded objective evidence Directly related to specific documented requirement
MODULE 5 : SELECTION OF AUDITORS & SPECIAL ASPECTS OF INTERNAL AUDITS
CHARACTERISTICS OF AUDITORS
An understanding of management system concepts. Knowledge of the management system itself. Sufficient knowledge of the technology. Ability to probe and analyze situations. Good judgment and communication skills. Positive attitude towards the management system.
PERSONAL ATTRIBUTES Ethical, i.e. fair, truthful, sincere, honest and discreet; Open-minded, i.e. willing to consider alternative ideas or points of view; Diplomatic; i.e. tactful in dealing with people; Observant; i.e. actively aware of physical surroundings and activities; Perceptive; i.e. instinctively aware of and able to understand situations; Versatile; i.e. adjusts readily to different situations; Tenacious; i.e. persistent, focused on achieving objectives; Decisive; i.e. reaches timely conclusions based on logical reasoning and analysis; and Self-reliant; i.e. acts and functions independently while interacting effectively with others.
SPECIAL ASPECTS OF INTERNAL AUDITS Corporate Culture Internal Politics Dangers of Familiarity
Risk of missing the obvious things that an outsider auditor would challenge
Securing Commitment
Regarded audits as of lower importance than external audits and will not be given the attention and priority they deserve Seen as an interruption to the normal flow of work
Third Party Interest
Important activity in any audit Effectiveness of the organization’s internal audit
“How come we found that and they didn’t?”
Q &A
Related Documents
Internal Audit Training
February 2021 1
Internal Audit Checklist (updated)
January 2021 1
Measuring Internal Audit Effectiveness
February 2021 1
Training Internal Fssc
February 2021 0
Laporan Audit Internal Puskesmas Ukm.docx
March 2021 0
Iso-9001-internal-audit-checklist
January 2021 1More Documents from "jmwaweru"
Internal Audit Training
February 2021 1
Hamail1
January 2021 2
How Black Magic Is Controlling Humanity
January 2021 1
249-258
January 2021 1
Automotive Interiors & Exteriors
February 2021 0