Professional Documents
Culture Documents
29.06.2023 | Berlin
Audit Types and Purposes
Activities
ISO 9001 for Q, 14001 for
3rd Party (External) Certification Products
Env, 45001 for Safety
Limitation
‒ In summary, to help the OpCo to assess the Operations according to world class standards.
Risk Manag. Previous 1. Pre-audit with OpCo (one month before Audit) 6. Audit Report (15 days after Audit)
Manag. Review Audits ‒ Responsible: Lead Auditor ‒ Responsible: Lead Auditor
‒ Target: Identify scope, criteria and resourses ‒ Target: detail to the OpCo findings
Responsible to perform a systematic, independent and documented audit in accordance with the audit schedule(s) and audit scope to
determine the extent of fulfilment of the audit criteria.
Operations Annually
Maintenance Annually
Period may shift based on the inputs from risk management, DBIO
Occupational Safety Annually management and previous audits. The program shall be adjusted to
reduce or increase the audit time frame based on the inputs.
Environment Annually
Normally external certification audits are done once every three to five
Quality Annually years depending on the company APL (Activities, Products and
Limitations).
HR Every two years
‒ Example:
1. The process of control of externally provided products is not effecttive (P), based on ISO 9001 clause 8.4.1 requirements the
organisation shall ensure externally provided products conform to it‘s requirements (R). The evidences are the lack of inspection of
product A and B (E). The impact is that the quality of the produce/maintained good cannot be reliable (I).
‒ The actions will not be defined by the auditing team, but a target time of 30 days after the final report will be given to the operations to
set the actions and time line in a way it suits better the organisation. Of course, DBIO auditors will be available to help in setting the
actions and discussing it further.
‒ Audit Approach:
‒ Audit the system and the processes, not the people.
‒ Build rapport with auditee. Openness and honesty at all times.
‒ Risk based: Concentrate on any special, vulnerable, new or high-risk processes.
‒ Evidence-based: Evidence must be verifiable and be based on samples of the information available.
‒ Fair presentation: Audit findings, conclusions and reports reflect the audit activities. No hidden agenda.
‒ The scoring criteria for internal audits are broken up into three different sections:
‒ Compliant: means everything about a specific process is complying to the chosen the criteria.
‒ Observation: a small issue within the management system, that can be improved and changed. May be used as an audit trail for a
next audit.
‒ Non-Conformance: reflect a poor representation of a document and/or a low number of requirements met for the process.
‒ Team:
‒ Lead auditor
‒ Operations Specialist
‒ Track maintenance Specialist
‒ Management System Specialist