Professional Documents
Culture Documents
Effective Internal Audit Planning - 2008 10 PDF
Effective Internal Audit Planning - 2008 10 PDF
Outline
Definitions of Key Audit Terms
Types of Audits
Nonconformance Types
ISO 9001:2008 Internal Audit Requirement
CommonNCR si s
suedbyRe gis
tra
rsrelat
e dtoAudi ts
Miss-Conceptions About Auditing
What does the Industry and Product/Process have to do with Planning an Audit?
How much do I invest in Auditing?
Why do we Audit?
First Party Audit Process Steps
Planning Audits
Typical Audit Schedules and Forms
Audit Types
First Party
When a Company uses an internal person to perform an Audit on itself.
Second Party
When a Company uses an internal person to perform an Audit
on its Supplier or an other organization.
Third Party
When a Company is Audited by a third party independent of the
Compa ny
sCustome r
.
Nonconformance Types
Major
When the Quality System exhibits a void where an element of the
system has not been documented, implemented or is not effective.
In addition, the nonconformance does risk the shipment or delivery
of nonconforming material to the Customer
Minor
When the Quality System is documented, implemented and effective, but
has exhibited a random nonconformance. The nonconformance does not
risk the shipment or delivery of nonconforming material to the Customer
Comment
When an Auditor identifies an improvement opportunity that is not
a major or minor
5.0
Management
Responsibility
Customers
6.0 8.0
Customers Measurement,
Resource Analysis and
Improvement Satisfaction
Management
7.0
Input Product Output
Requirements Realization Product
CommonNCR
sis
sue
dbyRe
gis
trar
sre
lat
edt
oAudi
ts
Audit Plan/Schedule does not address all elements (major paragraphs)
of the ISO 9001:2008 standard
Audit Plan/Schedule does not address multiple facility locations, work
shifts (shift 1, 2 & 3) or scope of business/registration
Audit plan/schedule is not approved
Audits are not completed as scheduled
Audits are performed by personnel who audited their own work
Audit results do not have written signature or electronic signature by
Auditor with date
Audits were not conducted in an effective manner
Auditor(s) received no internal auditor training
I can not conduct 1 audit of the ISO 9001:2008 QMS each year
We must use an outside contractor to perform our audits
All the ISO 9001:2008 elements need to be audited every year
Ifyoudon tspend2-5 hours on each audit, then you are not doing your job
The Auditor must prepare a checklist list using his or her own questions in
order to perform an effective audit
I can use typed audit checklists with typed in results with typed in names and
dates (no written or electronic signature)
If the Audit Report does not weight 3 pounds, then it must not have been
performed correctly
Wec antuset herec eptionistorf i
nanc epersont oc onduc ta udi
ts ,because
she/he does not know what we do
Jan. 20, 2010 By David Collingham, CQE/CQA IQR-TRG-012010 Rev. A
www.IQRCORP.com International Quality Registrars Corp. All Copy Rights Reserved by IQR.
Effective Internal Auditor Planning
What does the Industry and Product/Process have to do with
planning an Audit?
Critical, High Risk and High Exposure Industries/Products/Processes:
Point 2
High Maintenance
High Failure/Reject Rate
Appraisal/
Prevention
Investment;
Audits
Low Risk
Low Complexity
Not Critical to End Mission
Point 1
Low Maintenance (*) Graph
Low Failure/Reject Rate not to scale
1 2 3 4 5 6 7 8 9 10
Risk Level High
Why do we Audit?
Planning Audits
Example 1 (continued)
s
Procedure