Internal Audits -part 1

1.     Internal audits are scheduled by the management representative.  These audits are scheduled based on how well the area to be audited is doing (status), the effect a problem would have on the area if it was allowed to go on until a problem was detected (importance, risks, and/or significance) and how well the area did on the last audit. At a minimum, audits will be conducted on an annual basis and at a maximum audits will be conducted quarterly.  The audit criteria are the clauses or sections of the applicable standard and/or the documents defining the activities or processes being audited.  Scope tends to be based upon the sections of the applicable standard in use, but may be based upon a defined area or process. 

2.     While maintaining a "big picture" view of the process, the audit team (may also be an individual auditor) develops an understanding of the service or product provided by the process and the inputs from other processes.  This perspective helps develop an audit plan focused on performance, instead of simply verifying a document is being followed.

3.     Work with management and those responsible for environmental and/or occupational health and safety requirements applicable to the area being audited to determine if there are compliance or performance considerations needing attention.  If environmental or occupational health and safety performance/compliance requirements are applicable, add these requirements to the plan.

4.     Based on the processes/areas determined to be part of the audit, request copies of the applicable documents.  These documents may include:

·         The environmental, occupational health and safety, and/or quality manual,

·         Procedures, work instructions, or forms supporting the activity/area, and

·         Peripheral documents (standards/regulations, specifications, procedures, previous audit results, corrective/preventive actions issued since the last audit, etc.), as needed.

5.     Document review and audit planning may be accomplished prior to and/or during the audit.  The auditor uses the documents to formulate the questions to be asked and evidence to be reviewed.  This plan may be a documented plan (an ISO 9001 audit checklist or an intregrated audit checklist , a highlighted document depicting questions to be asked/evidence to be reviewed, etc.) or may simply be a copy of the applicable standard, regulation, or management system document.  In any case, the intent is for the auditor to familiarize himself/herself with the activities/processes to be audited and any applicable statutory/regulatory requirements associated with the process.  The main thing to remember is, this is what might be seen not what will be seen (as it is possible that what is happening does not match the documents but the process is working).  In other words, we need to stay open minded to allow the evidence to speak for itself..

Go to part 2

Internal Audits-2

Internal Audits     2

6.     The audit plan is the checklist, itinerary, or other such plan defining the evidence needing to be seen so we can come to a conclusion about the performance of the process.  The Big Picture Audit report may be used to pull together requirements related to ISO 9001:2008.

7.     Greet area personnel, helping them feel comfortable with the audit process and powering down your notes.  (example: "Hi, I am here to perform an audit of ____ and I need your help.  What I mean by that is I need you to speak on behalf of the process because you know what really happens.  This will help us make sure the procedures are right.  I will be taking notes along the way.  My notes are not about you, but about the process.  If there are things that need to be fixed or improvement opportunities, I will be writing those down so we can give management the information they need to take action.")  REMEMBER: you (the Auditor) are not there to resolve any issues so do not make promises as to how or what will be fixed. 

8.    Ask open-ended questions! We are looking for evidence related to performance and behavior.  In order to find this and to make sure we are focused on what we need to see, open-ended questions help us ask the witness to show us how something works and what the results are.  Also, make sure your questions are about the evidence that proves or disproves a process is working. While maintaining focus on performance and behavior, be sure to evaluate these things along the way (as the opportunity arises):   

o        Familiarity with the policy and objectives (can the employee describe how they help the City of Dallas live up to the policy and objectives?).

o        Documents/records needed to support the process are available/retrievable, identifiable/legible, and are controlled as defined in document and records control procedures.

o        Personnel involved with the process appear to have received the education, skills, experience, or training needed to ensure the process is performing effectively (assessed along the way, with the conclusion reached at the end of the audit).

o        Resources need to ensure the policy, objectives, and activities or processes audited are and will continue to be effective/drive performance are in place (assessed along the way, with the conclusion reached at the end of the audit). 

9.     CRITERIA: 

o         means what we said in a document is actually happening, meets the requirements, and is effective.

o         means what we said in a document is not happening, the document does not meet all of the requirements, and/or is not effective.

o         means we are not sure how we feel about what we see and probably need to ask additional questions to be able to come to a conclusion.  

REMEMBER: Avoid rabbit trails (issues involving processes other than the one the Auditor is currently auditing), staying away from discomforts not directly related to the audit, unless it is obvious a nonconformance or ineffective condition related to the area or process being audited exists.

10.     Make sure any findings are based upon facts not assumptions.  Make note of the condition, powering down your notes so the witness does not think it is about him/her…..Go to part 3

http://www.4eval.com/ ref.

Internal Audits-3

Internal Audits 3

 11.Remember, if you see something positive that is noteworthy, write it down.  This is the only time you write someone's name on your audit report (unless their name is the sample, such as those you sample for training records).  If your note taking skills are good enough to capture the evidence of conformance, that is great!  At a minimum, make sure your results reflect what you audited (with the assumption being that no findings means the area/process is conforming and effective).

12.Ask additional questions or ask to see more evidence that will allow you to deal with your discomfort.  Make sure they understand what you are uncomfortable with.  This may help them with the answer. Be careful not to let your discomfort influence them into making process changes they do not need.  REMEMBER: Make sure you are adding value, not imposing beliefs.

13.If your discomfort is something you feel will be an issue in the future, be sure to add it to your audit as a comment or observation.  This will tell the next auditor what they should follow up on and may help area management recognize an opportunity for improvement, as any action they take would be preventive action. Work with affected personnel and area management to reach an agreement on the findings.  While this may not be achievable (they do not like your results), try to obtain agreement, powering down the process along the way.  If you still feel the finding is legitimate, there may be a need to agree to disagree with your findings continue to exist.

14.Once you are finished understanding the evidence of the process and whether that evidence reflects sound business practices, review the documents defining the process to see if the match up with what was seen.  Any variation needs to be understood and worked through with area management to determine where there is a need to update the document (if it is found that the other things included in a procedure are not needed or there are additional steps that are not in the document but are needed) or a need to work with area personnel to ensure we are following practices deemed important.

15.The audit team or auditor summarizes the audit and any findings, presenting the recorded results to area management and/or the management representative.  If the results are presented to the management representative, he or she reports the results to area management.

16.CRITERIA:

• A nonconformance was identified and will require corrective action?
• A potential problem was identified and needs preventive action?
• An opportunity for improvement was identified that could make us better (make more money or spend less money)?

If the issue(s) was able to be resolved before the end of the audit or it is believed the follow-up at the next audit will report on the results (Audit Report should be flagged to ensure follow-up), the audit may be closed out and the Audit Schedule is updated as needed (see note 1).  Records (audit results, including any records of follow-up) are maintained as defined in records controls section of the Master Control Plan. The management representative summarizes the results of audits for management review.

17.Area management facilitates corrective action, preventive action, and/or any other improvement opportunity per Improvement Systems.  This would include actions taken by area management (without undue delay) and follow-up of action taken.  The records generated as a result of corrective/preventive action are maintained as defined in the records section of the Master Control Plan.

18.The audit team, auditor, or audit coordinator, work with area management to determine when to verify any actions taken (allowing enough time for effective implementation), closing out findings (reporting the results) that have been dealt with by auditing those issues in a manner similar to the original audit (following the methods established).

Go to part 1

http://www.4eval.com/ ref.