OHSMS Lead Auditor

ISO 45001:2018
 Course Schedule

ISO 45001:2018 Standard Auditor Training

3 days 1.5 days

Only Friday Classes

From 1:00 PM to 5:00

Exam
2 hours
 Objectives of ISO 45001

• The aims of ISO 45001:2018, International Standard for

Occupational Health & Safety Management System is:
a) Achievement of OH&S Objectives (ensuring the
prevention of ill-health & Injury)

b) Continual improvement of OH&S performance

Compliance with legal and other requirements is an

outcome of ISO 45001:2018 implementation but not the
main focus
 Objectives of ISO 45001

• ISO 45001:2018 does not state specific criteria for OH&S performance,
nor it is prescriptive about the design of an OH&S management system.
• ISO 45001:2018 enables an organization, through its OH&S management
system, to integrate other aspects of health and safety, such are worker
wellness/wellbeing.
• ISO 45001:2018 DOES NOT address issues such as product safety,
property damage or environmental impacts, beyond the risks to workers
and other relevant interested parties.
• The claims of conformity to this document are not acceptable unless
all its requirements are incorporated into an organization’s OH&S
management system are fulfilled without exclusion
 Annexure SL

• The High-Level Structure (HLS) is a set of 10 clauses

and provides the generic clause titles, text, common
terms and core definitions for ISO management system
standards – as ISO/IEC Directive 1 of 2012 (Annex. SL
to this directive provides High Level Structure)

• Although the technical content of each standard may be

different according to the relevant management discipline
 ISO 45001:2018 Structure

1 2 3
Normative Terms &
Scope
Reference Definitions

Plan Do Check Act

4 5 6 7 8 9 10
Context of Leadership & Performance
Planning Support Operation Improvement
Organization Participation Evaluation

Needs & Leadership & Operational performance Incident,

Risk & Resources nonconformity
expectations
Commitment control Evaluation
Opportunity & Corrective
of Interested Eliminating Evaluation of action
OHS Policy Competence Continual
Parties the hazards compliance
Risk Improvement
Scope of Roles, Management Management Internal
OHSMS Responsibilities
Awareness of Change Audit
Legal & other
Consultation & Management
OHSMS Participation
requirements Communication Procurement
Review

OHS Documented Emergency

Objectives Information management
 What is a Management System

The process approach is the elemental core of ISO's view of a Management

System. Therefore, an OH&S management system is the combination of
various processes that avail many inputs to generate many outputs.

A set of interrelated or interacting elements of an organization

System
to establish policies and processes to achieve its objectives

Processes Set of interrelated or interacting activities which

transforms inputs into outputs

Activities The condition in which things are happening

or being done.
 Policy, Process & Procedure

Policy
A policy is a guideline, covering the intentions of an organisation that derives
the processes and procedures.

Process
A process is a set of interrelated or interacting activities which transforms
inputs into outputs. it is a high-level view of the tasks/activities within the
overall system. A process is what we do

Procedure

A procedure is a specified way to carry out a group of activities. It provides

detailed steps required to perform an activity within a process. A procedure is
how we do
 Process Approach

• The process approach includes establishing the organization’s processes to

operate as an integrated and complete system.
✓ The management system integrates processes and measures to meet
objectives
✓ Processes define interrelated activities and checks, to deliver intended outputs
✓ Detailed planning and controls can be defined and documented as needed,
depending on the organization’s context.

• Processes provide a likely solution. In the broadest sense, they can be defined
as collections of tasks and activities that together — and only together —
transform inputs into outputs. Within organizations, these inputs and outputs
can be as varied as materials, information, and people.
Systems Accident Causation Model

Work Methods
Plant, equipment,
tools and substances

Location and
structural factors

Responsibilities and
competencies
 Four Fold Strategy

The SYSTEMS Model provides organizations with a strategic

approach to managing risk in the short and longer term. The
methodology, referred to as the Four-Fold Strategy, addresses
entropic and residual risks using a multidisciplinary approach.
It involves:

1. Taking immediate corrective action to eliminate entropic

risk;
2. Establishing maintenance strategies to prevent future
entropic risk;
3. Managing residual risk in the short term; and
4. Minimizing residual risk in the longer term.
 Process Approach

It is a set of interrelated or interacting activities which transforms inputs into

outputs
Inter-related Activities

Activities take place in a sequential manner, thus are dependent on each other,
completion of a successive activity is dependent on timely and flawless completion
of a predecessor activity.

Interacting Activities

Some activities, within a process, take place outside a function or department, this
scenario is known as the interaction of activities/processes. This interaction may
result in a conflict between the two interacting activities/processes if the methods
and objectives are not aligned.
 Process Approach

Inputs
• Man, Machine, Material, Method & Measures, Working Conditions

Outputs
• Product and Service – Result of a process. Outputs of one process may be
inputs into another process

Outcomes

• Achieving the OH&S Objectives

 Typical Processes

Management System Core Business Support

Procurement &
Documented information
Outsourcing
Order Processing
Maintenance and
Risk Management
Calibration
Hiring, competency
Legal Requirements Planning of Order
evaluation and Training

Emergency Response Execution Information Technology

Internal Audit Delivery Permits and Licensing

Storage, Logistics and

Incident Management
Delivery
Post Delivery
Corrective Actions Finance

14
 PDCA Cycle

The OH&S management system approach applied in ISO 45001 is

founded on the concept of Plan-Do-Check-Act (PDCA)
The constant evaluation of management practices, as well as the
willingness of management to adopt and disregard unsupported
ideas, is key to the evolution of a successful management system
The PDCA concept is an iterative process used by organizations
to achieve continual improvement
 PDCA Cycle

The PDCA approach is adopted at the structural level as following

Plan: Clause 4 the context, Clause 5 Leadership, Clause 6 Planning

Do: Clause 7 Support, Clause 8 Operation
Check: Clause 9 Performance Monitoring
Act: Clause 10 Continual Improvement

The PDCA approach is also woven through the individual clauses as :

“The organization shall plan, implement, Control and maintain the process”
 Context of Organization

Workers
Product/Service & External Interested
operations Internal Interested Parties Parties

Issues & Relationship & Customers

Needs &
Consideration Interdependencies with
Expectations Internal Departments
Internal Issues
of workers Suppliers
IT
and other
Operations
Interested Regulatory Bodies
External Issues Maintenance
Parties
Procurement Other Interested
Logistics Parties
Human Resource

Scope of Management System

17
 Context of Organization

Process Interested Party Internal/ Needs & Expectations Plans & Procedures
External

18
 Scope

Locations, branches,
Physical boundaries

ware houses , project

sites etc.
Consider
• The internal and external issues
• Take into account needs and expectations of
workers and other interested parties
• Take into account the planned or performed work-
related activities
Core business of the
organization e.g.
Training, construction,
manufacturing etc.

Subject matter

19
 Process Planning

Communication, participation and consultation

Risk Assessment and Emergency preparedness and Response
Policy, Objectives, Hazards, legal requirements etc.

Suppliers Inputs Process Outputs Customers Requirements

Man,
List Suppliers machine, Competency, Standards,
Supplier material, Certification List Customers Specification
List outputs Internal/ Legal
evaluation and method & SDS/COSHH
control measure, SOP External Product
environment organizational

Identification of responsibilities will also identify if the process is cross functional

and alignment between the processes is required

Method & Criteria

Procedure
Responsibilities, authorities and accountabilities

Step 1 Step 2 Step 3 Step 4 Step 5

Intended Results/ Objectives/ KPIs/ Monitoring including Audits and compliance review and corrective actions
 Risks & Opportunities

S W
OHS • Committed Management
Objectives •Experienced team
•Supplier management
•Competent HSE Staff
•Management of
•Trained personnel
contractors
•Processes and procedures
in place

• introduction of new •New legislation

technologies •Availability of competent
•Automation of systems persons
•Suppliers commitment

O T

21
ISO 3100: 2009 Risk Process
Risks & Opportunities

23
 What should you do?

• Identifying the risks and opportunities within the organization

depends on context
• Analyze and prioritize the risks and opportunities
– what is acceptable?
– what is unacceptable?
• Plan actions to address the risks
– how can I avoid or eliminate the risk?
– how can I mitigate the risk?
• Implement the plan – take action
• Check the effectiveness of the actions – does it work?
• Learn from experience – continual improvement
OH&S Risk Assessment
 OH&S Risk Assessment

As far as reasonably foreseeable As far as reasonably practicable

Process - Common knowledge - Time
- Industry knowledge - Cost
inputs - Expert knowledge - Effort/ inconvenience

Material Hazard identification Control measures

Equipment Elimination
Method Reduction
Risk estimation & Rating Isolation
Measurement
Administrative controls
Working conditions
Risk Analysis PPE
Workers/operators

Risk Evaluation Implement

Acceptable Monitor and review

Yes No Manage the change

No further action required

 OH&S Objectives

Specific • Are the objectives precise and well defined? Are they clear?
• Are they communicated and understood?
Measureable • How will the individual know when the task has been completed? What
evidence is needed to confirm it?
• Have you stated how you will determine it has been completed or no?
Achievable • Is it within their capabilities?
• Are there sufficient resources available to make this happen?
• Can it be done at all? What is the baseline?
Realistic • Is it possible for the individual to perform the objectives?
• How sensible is the objective in the current business context?
• Doe it fit into the overall pattern of this individual’s work?
Time frame • Is there are deadline?
• Is it feasible to meet this deadline?
• Is it appropriate to do this work now?
• Are there review dates?
 OH&S Objectives

Objective Statement
Complete
Completion Progress/
Baseline Target Management Program Resp. (Y/N/in
date Issues
progress)
where do you Identify the target to help meet Insert your series of tasks Identify who It can be useful
stand the above Objective. to meet the target is Insert Due to insert a
identified. responsible Date brief update
for the task. on progress.
Insert new lines as you
need to.

Identify any further target(s) to As above. As above. As above. As above.

help meet the above Objective.
Insert new lines as you need to.
 Emergency Planning and Response

Establish, Implement and maintain a process for preparation and response to:
• potential emergencies including the levels of emergencies (Tier 1, Tier 2 & Tier 3
Crisis/Disaster Management)
• Compliance to applicable legal requirements

The following shall be taken into consideration while planning for emergency response:

Process: Plan is documented and approved , all potential emergencies are identified,
evacuation/rescue plans are prepared and tested, coordinated with the external
agencies.

Persons: roles, responsibilities, authorities are identified, training and awareness is done,
special needs are considered ( first aiders, rescue team members, IRT etc.)

Equipment : identified and available, inspected/tested and maintained including

AED, Fire extinguishers, Sirens/Alarms, tripods, medical equipment, vehicles etc.

• Dynamic Risk Assessment to be carried out by the Incident Commander prior to

responding to any emergency situation
• Recording the exercises and reporting lessons learned.
 BASICS
OF
AUDITING
 Audit Terms & Definitions
Audit An audit is a systematic, independent and documented
process for obtaining audit evidence and evaluating it
objectively to determine the extent to which audit
criteria are fulfilled
Objectives The audit objectives define what is to be accomplished
by the audit
Audit Set of policies, procedures or requirements. Audit
Criteria Criteria is used as a reference against which audit
evidence is compared
Audit The audit scope generally includes a description of the
Scope physical locations, organizational units, activities and
processes, as well as the time period covered.
 Terms & Definitions
Audit Description of the activities and arrangements
Plan for an audit
Audit Arrangements for a set of one or more audits
Program planned for a specific time frame and directed
towards a specific purpose
Audit Records, statements of fact, observations or
Evidence other information which are relevant to the
audit criteria and verifiable e.g. comparison of
records with the requirements.

Audit Results of the evaluation of the collected audit

Findings evidence against audit criteria. Findings can be
positive or negative
 Terms & Definitions
Audit Organization or person requesting an audit
client
auditee An organization or person being audited

observer Person who accompanies the audit team but

does not audit.

An observer is not a part of the audit team and

does not influence or interfere with the conduct
of the audit.

An observer can be from the auditee, a regulator

or other interested party who witnesses the
audit.
 Auditing Process

1st Party Internal audits – conducted by internal auditors

2nd Party Supplier audits – conducted by organizational auditors on
suppliers, manufacturers, contractors etc.
3rd Party Certification Audits – conducted by 3rd Party certification
bodies
 Audit Stages

Planning Execution Reporting Closure

Selection of
Opening Meeting Audit Report Follow up
Auditors

Audit Checklist Field work Corrective Actions Close out

Audit Notifications Closing Meeting

 Audit Program
• When establishing the audit program, the organization
shall take into consideration:
- the importance of the processes concerned
- changes affecting the organization and
- the results of previous audits
This approach is called risk based auditing
• The organization shall:
a)define the audit criteria and scope for each audit
b)select auditors and
c)conduct audits to ensure objectivity and the impartiality
of the audit process
d)ensure that the results of the audits are reported to
relevant management
 Audit Plan
The audit plan should cover or reference the
following:
the audit objectives; the audit scope, including identification
of the organizational and functional units, as well as
processes to be audited; the audit criteria and any reference
documents the locations, dates, expected time and duration
of audit activities to be conducted, including meeting with
the auditee’s management; the audit methods to be used,
including the extent to which audit sampling is needed to
obtain sufficient audit evidence and the design of the
sampling plan, if applicable the roles and responsibilities of
the audit team members, as well as guides and observers;
the allocation of appropriate resources to critical areas of
the audit.
 Audit Plan
• The audit plan may also cover the following, as appropriate:
identification of the auditee’s representative for the audit; the working
and reporting language of the audit where this is different from the
language of the auditor or the auditee or both; the audit report topics;
logistics and communications arrangements, including specific
arrangements for the locations to be audited; any specific measures to
be taken to address the effect of uncertainty on achieving the audit
objectives; matters related to confidentiality and information security;
any follow-up actions from a previous audit; any follow-up activities to
the planned audit; coordination with other audit activities, in case of a
joint audit The audit plan may be reviewed and accepted by the audit
client, and should be presented to the auditee. An objections by the
auditee to the audit plan should be resolved between the audit team
leader, the auditee an the audit client.
 Audit Plan

Audit Reference: IA-01/2018 Date: 20-11-2018

AUDITEE DETAILS
Organization/ Project Details Xyz organization
Name Designation
Focal Point/ MR:
Mr. Smith Quality Manager
AUDIT TEAM
Lead Auditor Auditor(s) Observer
Paul (A) John (B) N/A
Project Site 123, Management System process, Construction , Inspection and
Audit Scope:
Testing processes and Maintenance and Calibration Process
Audit Criteria: ISO 45001:2018
PROPOSED PLAN
Sr. No Activity Date Time Auditor
1 Opening Meeting 10-12-2017 9:00 – 9:20 A+B
2 Management System processes 10-12-2017 9:20 – 12:30 A
3 Construction processes 10-12-2017 9:20 – 11:30 B
5 Inspection and Testing 10-12-2017 11:30 – 12:30 B
4 Lunch Break 10-12-2017 12:30 – 13:30
6 Document Control 10-12-2017 13:30 – 14:30 B
7 Maintenance and Calibration 10-12-2017 13:30 – 14:30 A
8 Auditor’s meeting 10-12-2017 14:30 – 14:45 A+B
9 Closing Meeting 10-12-2017 14:45 – 15:15 A+B
 Attributes of an Auditor
Collaborative

Ethical
Culturally
Sensitive

Open Minded
Morally
Courageous

Diplomatic Professional
Auditor Attribute
(Personal Behavior)

Observant
Self-reliant

Perceptive Decisive

Versatile Tenacious
 Opening Meeting

• Introduce members of the audit team

• Review scope, objectives and audit plan
• Discuss which personnel will be involved
• Agree on time table
• Provide summary of methods to be uses
• Establish communication links between audit team and
auditee
 Closing Meeting Meeting

• Acknowledgement of support
• Thanks for cooperation
• Recap the audit scope, objectives and plan
• Review of findings
• Any special issues of circumstances
• Initial discussion of next visit
 Process Approach to Auditing
• A process audit is an objective evaluation of a process
to determine the extent to which the process is
meeting its requirements. Using the process
definition, the process audit includes an examination
of process inputs, activities, and outputs and
evaluates its outcomes against the intended results.

• However, a process is part of a larger set of processes

that make up an overall management system.
Therefore, a process audit must also consider the
linkage and interaction of the process with these
other processes.
 Process Audit Trail
Man Machine
• Roles, Responsibilities, Authorities • Suitable and appropriate

Incidents & Non-Conformities

• Competencies (education, Training or • Properly Maintained

Analysis and Evaluation

experience) • Certified and recertified as required

Legal requirements
• Awareness
• Communication Material

Audit
• Participation and consultation • Approved and non or less hazardous
• Assessed for hazard
Method • Stored properly
• How the work needs to be done
• Local/International Standard OR Measure
organization has determined the • How and when it is monitored
method • What are the monitoring criteria
Working Conditions
• Temperature – hot , cold, humid, windy, rainy
• Place of work – confined space, work at height, adjacent to water, buried services,
ground conditions, overhead restraints, physical restrains
• Working conditions – lone working, exposed to noise, exposed to harmful substance
Objectives

Activities Activities Activities Activities Activities

Hazards – Risks – Control Measures Emergencies

 Non-Conformance

Non- fulfilment of requirements

1.Requirements of international standard
2.Legal requirements
3.Contractual requirements
4.Requirements related to product
 Non-Conformity and Corrective Actions Process

10.2 Incident, nonconformity and corrective action

The organization shall establish, implement and maintain a process(es), including
reporting, investigating and taking action, to determine and manage incidents and
nonconformities.

When an incident or a nonconformity occurs, the organization shall:

a) react in a timely manner to the incident or nonconformity and, as applicable:
1) take action to control and correct it;
Corrections
2) deal with the consequences;

46
 Non-Conformity and Corrective Actions Process

b) evaluate, with the participation of workers and the involvement of other relevant interested parties,
the need for corrective action to eliminate the root cause(s) of the incident or nonconformity, in order
that it does not recur or occur elsewhere, by:

1) investigating the incident or reviewing the nonconformity; Corrective Actions

2) determining the cause(s) of the incident or nonconformity;
3) determining if similar incidents have occurred, if nonconformities exist, or if they could potentially
occur;
c) review existing assessments of OH&S risks and other risks, as appropriate
d) determine and implement any action needed, including corrective action, in accordance with the
hierarchy of controls and the management of change;
e) assess OH&S risks that relate to new or changed hazards, prior to taking action;
f) review the effectiveness of any action taken, including corrective action;
g) make changes to the OH&S management system, if necessary.

Corrective actions shall be appropriate to the effects or potential effects of the incidents or
nonconformities encountered.
47
 Incident, Non-Conformity and Corrective Actions Process

1 2 Non- Non-Conformities can be identified through:

Incidents • Audits
Conformities
• Inspections/Site Visits
• Observations during the site operations
Actions Control
and correct

Deal with
Consequences

Investigate the Review the

Incident nonconformity

Determine the ca uses Determine the ca uses

of Inci dent of nonconformity

Corrective Actions may be identified
through Incident Investigations
Determine & Implement any actions
needed including Corrective Actions
Review the effectiveness of any actions
taken including Corrective Actions
Corrective Actions may be identified
through review of causes of non-
conformities

Corrective actions shall be appropriate to the effects or potential effects of the incidents or
48
nonconformities encountered
 Non-Conformance -Scenario
• A company is dealing in recycled papers. It buys the used papers e.g. magazines,
newspapers etc. with a series of processes, breaks down this input material into its
original wood pulp fibers before recycling it into large reels of newsprint. These reels are
then sold to the newspaper industry.
• The production process uses a large volume of water extracted from a local river and
bore hole on site. Throughout the recycling process this water becomes heavily
contaminated and needs to be treated before discharging into the river.
• The process is licensed by local Regulatory Authority, and the license imposes a limit on
the amount of suspended particles within the discharged water. The Regulatory
Authority takes a sample every 6 months for analysis by an accredited laboratory; so far
the results have always been within the allowed limit, although close to the maximum
value. The license conditions require the company to monitor the parameters every
week and issue an “annual statement of compliance” to the Regulatory Authority. The
most recent statement is available.
• Whilst in the effluent treatment plant the auditor observed that a flow meter, which is
being used to monitor the volume of discharged water, after treatment, to the river, has
a 7 years’ old calibration certificate supplied by the manufacturer at the time of
installation, when the previous unit was replaced due to a reading fault.
 Non-Conformance
–State the Problem Clearly:
Problem Statement
• Nonconformity: The company has failed to ensure that monitoring and measurement
equipment should be calibrated or verified and maintained, as appropriate.
• Requirement:. ISO 45001:2018
• Objective Evidence: 7 years’ old calibration certificate
–Contain the Problem (Correction)
• Stop discharging water until calibrated equipment is available
• Get the flow meter calibrated
–Select a person responsible and Corrective Action Team:
• Person responsible: xx
• Corrective Action Team: xx, xx
• Identify the immediate, underlying and root causes
• Establish an action plan to eliminate the causes to prevent recurrence
• Implement the actions
• Monitor and evaluate the effectiveness of the actions taken.
 Corrective Action Management Process

Identify
Initiate corrective
1 2 Assign owner 3 containment &
action request Correction

Implement
Determine root
6 cause(s) 5 Review & Analyze 4 containment &
Correction

Implement Follow up & Close

7 Corrective Action
8 Verify Effectiveness 9 CAR
 Correction & Corrective Action
Correction: is an action taken to eliminate a detected
nonconformity. If the detected nonconformity is a drip treys are
not available then provision of drip trey is correction.
Correction addresses the short-term need and gets immediate
attention, and most organizations do a good job of correcting
the nonconformity.

Corrective action: is taken to eliminate the cause of a

detected nonconformity. This requires understanding the root
cause of the detected nonconformity and taking action to
eliminate the root cause(s) to prevent recurrence of the
nonconformity. Corrective action, on the other hand, is a long-
term solution. In my opinion, organizations do not invest
adequate resources in addressing corrective action.
Root Cause Analysis – Cause & Effect Methodology
Previous Incidents
Management Man Method
Previous NCs
Supervision Responsibilitie Sequence
s Legal Requirements
Inspections Competencies Procedure/MS
Project Requirements
Action Plans Awareness Standard

what to monitor Suitable Approved

How to monitor Working Conditions

maintained hazardous • Temperature – hot , cold, humid, windy, rainy
• Place of work – confined space, work at height,
When to monitor Storage adjacent to water, buried services, ground
Certified
conditions, overhead restraints, physical
restrains
• Working conditions – lone working, exposed to
noise, exposed to harmful substance
Measurement Machine Material
 Root Cause Analysis

Define the problem Collect Data

• What proof do you have that the
• What happened?
problem exists?
• When did it happen?
• How long has the problem existed?
• Where did it happen?
• What was the impact? • What is the impact of the problem?

Identify Possible Causal Factors

• What sequence of events lead to the problem?
• What conditions allow the problem to occur?
• What other problems surround the occurrence of the central problem?
 Root Cause Analysis
Contributing Factors:
Human causes – people did something wrong, or did not do something that was needed. Human
causes typically lead to physical causes (ex no one filled the brake fluid, which lead to the brakes
failing)

Physical causes – tangible, material items failed in some way (ex car’s brakes stopped working)

Organizational causes - a system, process, or policy that people use to make decisions or do their
work is faulty (ex no one person was responsible for vehicle maintenance, and everyone assumed
someone else had filled the brake fluid)

Where to look for contributing factors

1. Tasks...policy procedures, guidelines
2. environment and site conditions (weather, noise, air, surroundings)
3. Materials/equipment
4. Personnel (training, stress, fatigue, experience)
5. Management (supervision, inspections, action plan follow-up)
 Root Cause Analysis
Causal Factor Identification Tools
• 5 whys – Ask “why” until you get to the root of the problem
• Drill Down – Break down a problem into small, detailed parts to better
understand the big picture
• Cause and Effect Diagrams – Create a chart of all the possible causal
factors, to see where the trouble may have begun
• We Have Successfully Established:
• What the problem was
– A pressure fitting on the machine failed.
• How the problem occurred
– Inspection of hoses and fittings is not part of the preventive
maintenance (PM) schedule.
• Why the system failed
– The PM system does not consider Equipment Manufacturer’s
recommendations to develop PM schedules.
 Effective Corrective Action
5 whys
Very often, the answer to the first "why" will prompt
another "why" and the answer to the second "why" will
prompt another and so on; hence the name the 5 Whys
strategy.
Example:
– An employee in the plant slipped and fell while performing their
regular duties.
1. Why? – There was oil on the floor.
2. Why? – The machine in that cell was leaking oil.
3. Why? – A pressure fitting on the machine failed.
4. Why? – Inspection of hoses and fittings is not part of the preventive maintenance (PM)
schedule.
5. Why? – The PM system does not consider Equipment Manufacturer’s recommendations to
develop PM schedules.
 Effective Corrective Action

– Verification of effectiveness
Monitor and measure if anyone else sustains a similar injury?
– This seems like a logical way, but is reactive in nature.
– Someone has to get hurt before we take further action.
– Risk may be too great.
– Additional methods should be considered.

– Verification of Effectiveness
– Often confused with verification of implementation.
– Completion of corrective action tasks.
– Monitor and measure the process to verify the effectiveness of the actions
taken.
– Poor results often indicate wrong Root Cause or wrong Corrective Action(s).
– Consider performing audits as a verification tool.
 Effective Corrective Action
Verification of effectiveness
• Perform regular audits of:
• Production Areas
• Check for oil leaks in production cells
• Preventive Maintenance Process
• PM schedule
• Maintenance personnel training
• Introduction of new equipment
Closure
• Closure can only happen after successful verification of Corrective
Actions.
• By nature, effective Corrective Actions will prevent recurrence.
• If Corrective Actions cannot be called effective, then Root Cause
Analysis should be repeated.
• Record the date of closure.
 Auditing Process – Report Preparation
AUDIT REPORT
The report shall contain the important issues of the complete audit :
• identification of the certification body/ auditing authority;
• the name and address of the client and the client’s representative;
• the type of audit (e.g. initial, surveillance or recertification audit or special
audits);
• the audit criteria;
• the audit objectives;
• the audit scope, particularly identification of the organizational or functional
units or processes audited and the time of the audit;
• any deviation from the audit plan and their reasons;
• any significant issues impacting on the audit programme;
• identification of the audit team leader, audit team members and any
accompanying persons;
• the dates and places where the audit activities (on site or offsite, permanent
or temporary sites) were conducted;
• audit findings, reference to evidence and conclusions, consistent with the
requirements of the type of audit;
• significant changes, if any, that affect the management system of the client
since the last audit took place;
• any unresolved issues, if identified;
 Auditing Process – Report Preparation
AUDIT REPORT

The report shall contain the important issues of the complete audit :
• where applicable, whether the audit is combined, joint or integrated;
• a disclaimer statement indicating that auditing is based on a sampling
process of the available information;
• recommendation from the audit team
• the audited client is effectively controlling the use of the certification
documents and marks, if applicable;
• verification of effectiveness of taken corrective actions regarding previously
identified nonconformities, if applicable.
The report shall also contain:
• a statement on the conformity and the effectiveness of the management
system together with a summary of the evidence relating to:
✓ the capability of the management system to meet applicable requirements
and expected outcomes;
✓ the internal audit and management review process;
✓ a conclusion on the appropriateness of the certification scope;
✓ confirmation that the audit objectives have been fulfilled.