2. 2
Who we are
• iqms established 1990
• Providers of training and consultancy services in quality,
environment, health & safety and business excellence
• Based in UK with overseas operations in Europe, Asia
and Central / South America.
3. 3
Domestics
• Safety and emergency exits
• Fire alarms and emergency procedures
• Venue facilities
• No smoking
• Switch off cellular/mobile telephones
• Attend all sessions promptly
• If you have any special requirements inform the tutor(s).
4. 4
Course summary
• Quality management systems and the 8 quality
management principles
• ISO 9000 series standards
• Roles and responsibilities of auditors/lead auditors
• Planning, conducting and reporting audits including
factual and value adding non-conformity reports
• Follow up activities including evaluation of corrective
action.
5. 5
Course assessment
• 50% Continuous assessment
• Competence must be demonstrated throughout
the course against the key learning objectives
• Failure of continuous assessment is failure of
the course.
6. 6
Course exam
• Examination – (closed book)
• Formal examination set by IRCA
• Sample exam paper in the appendices to your
notes
• Unmarked copy of the standard and a paper
language dictionary are allowed.
• 70% pass mark, 50% minimum in each of
the 4 sections
• 1 re-sit is allowed (different exam paper).
7. 7
Delivery style
• Comprehensive notes are provided for future reference
• The course is activity driven through the use of tasks
and workshops in addition to individual feedback
• The course notes are not necessarily mirrored by the
slideshow presentation
• Everybody has their own preferred learning style, feel
free to adopt the one that suits you best
• Don’t be afraid to ask questions.
9. 9
Topics
• What is quality?
• Quality control, Quality assurance & Quality
management
• Quality management systems
• The 8 quality management principles.
10. 10
What is Quality?
• Meeting customers’ needs or expectations?
• Value for money?
• Fitness for purpose?
• Customer satisfaction?
• Doing things right first time, every time?
• Legislative compliance?
• All of the above?
11. 11
QA & QC - What’s the difference?
Quality Control
• Checking what you got is what you wanted
• Activities include inspection, testing and measuring.
Quality Assurance
• Proactively building in quality & success
• Activities include QMS design & management, training &
training assessment, error-proofing, supplier approval
processes.
Quality Management
• Complete QMS encompassing the above.
12. 12
Task 1
What is the overall purpose and what
are the benefits of having a quality
management system?
Approximately 5 minutes thinking time & then Feedback
13. 13
Purpose & Benefits of a Quality
Management System (QMS)
Overall purpose:
• To provide a consistent level of quality and meet any legal requirements
• To continually improve performance and enhance customer satisfaction
Some important benefits:
• Ensures prevention rather than cure
• Top management involvement in the QMS
• Consistency and uniformity
• Provides basis for setting objectives and the means to achieve them
• Ensures the availability and effective use of resources
• Provides for legislative compliance
• Clarifies responsibilities - assists with leadership and training
• Improves communication
• Better understanding of costs vs benefits
Note: the overall effect of implementing a QMS should be to reduce
business risk
14. 14
8 Quality Management Principles
• Customer Focus
• Leadership
• Involvement of people
• Process approach
• Systems approach to management
• Continual improvement
• Factual approach to decision making
• Mutually beneficial supplier relationships
15. 15
Workshop 1
The 8 Quality Management Principles &
ISO 9001 Requirements
(continue after break)
17. 17
Workshop 1
The 8 Quality Management Principles &
ISO 9001 Requirements
(continued with review)
18. 18
Customer focus
• The role of top management is to ensure that customer
needs and expectations are met (see ISO 9001 clause 5.2)
• Customer focused organisations seek to fully understand
their customer in order to, for example:
• Enhance customer satisfaction and improve customer perception
• Predict and provide resources for future customer needs
• Maintain communication with the customer
• Assist the customer where possible and if appropriate
19. 19
Customer satisfaction - definition
the customers’ perception of the degree to
which the customer’s requirements have
been fulfilled
(ISO 9000:2005)
… it’s what they think about you …
20. 20
Leadership
The role of top management in ensuring the
system is effective by:
• Establishing customer requirements
• Setting direction and priorities
• Making sure communication channels are effective
• Provision of resources
• Performance review
21. 21
Involvement of people
Training and Communication
• Ensuring all people have the right skills for the right job
• Effective communication channels for fault reporting, performance
review, improvement suggestions etc..
• Releasing the technical skills of people where they are most
needed
Overall, any training and communication system should ensure full
understanding of the subject matter to maintain or improve the
competence of the individual.
22. 22
Process approach
A desired result is achieved more efficiently when
activities and related resources are managed as a
process
(ISO 9004:2009)
… a chain is only as strong as its weakest link
A process is defined as:
A set of interrelated or interacting activities which
transforms inputs into outputs
(ISO 9000:2005)
23. 23
Typical Process Schematic
PROCESS
Interrelated and Interacting
Activities
INPUT (S) OUTPUT(S)
Objectives
Requirements
including
Legislation
Controls
Products
Services
Information
Products
Services
Information
Resources
including
People
26. 26
Systems approach to management
• Managing interrelated processes - and
• Within each process, managing the interfaces:
• Between functions
• Between teams
• Between departments
• Between support and core functions
• Inside and outside of the company.
27. 27
Continual improvement
Deliberate and planned efforts to improve system
performance
• Better
• Faster
• Cheaper
• Reduced variability
Continual Improvement is defined as:
recurring activity to increase the ability to fulfil
requirements
(ISO 9000:2005)
28. 28
Factual approach to decision making
Using sound reliable facts to plan and make
Decisions e.g.:
• Process and product metrics
• Audit results
• Customer feedback
• Reject data
• Not guesses, gut feel or assumptions
29. 29
Mutually beneficial supplier relationships
Getting the most from your supplier base by, for example:
• Selection and monitoring
• Communication channels
• Product and process economies
• Managing logistics
• Managing margins
• Clear contracts
30. 30
Summary
• A procedural approach only focuses on how a limited
number of tasks are performed
• Little or no examination of interfaces
• A process approach is more effective for managing the
end to end flow of work
• It is the customers’ perception that counts
• The relationship with the supplier network is critical
33. 33
Topics
• ISO 9000 series
• Requirements
• Application
• Implementation issues
• Typical quality management system structure
34. 34
The ISO 9000 series and associated
standards
ISO 9000 - Quality management systems
Fundamentals and vocabulary
ISO 9001 - Quality management systems
Requirements
ISO 9004 – Managing for the sustained success of an organization
A quality management approach
ISO 19011- Guidelines for auditing management systems
ISO 17021 – Conformity Assessment
Requirements for bodies providing audit and certification of
management systems
35. 35
What is ISO 9004?
• ISO 9001 and ISO 9004
• these are as a complementary pair of quality management system
standards and together they provide a comprehensive model for a
process based quality management system
• ISO 9001 details the REQUIREMENTS
• ISO 9004 is an extension of ISO 9001 and is essentially a guideline for
achieving SUSTAINED SUCCESS and CONTINUAL IMPROVEMENT
essentially through SELF ASSESSMENT
• it is a GUIDE to help top management wishing to move BEYOND the
requirements of ISO 9001 and is NOT INTENDED for certification,
regulatory or contractual purposes
36. 36
ISO 9001: 2008 Process Model
Management Responsibility
Measurement, analysis
& improvement
Resource
management
Continual Improvement of the
Quality Management System
Product
Realization
Input
Output
Product
Management
responsibility
37. 37
Typical Quality Management System Structure
QUALITY MANUAL
PROCESSES PROCEDURES REFERENCES
&
FORMS
RECORDS
TIER 1
TIER 2
TIER 3
WORK
INSTRUCTIONS,
TEST METHODS
etc..
38. 38
A Typical Company System
Core Processes
Sales and re-sales
Rentals
Bistro
Studio
Leisure Club
Maintenance & Housekeeping
Policy Planning
Management
Review
Resources Improvement
Management Processes
Finance Training
Systems
Management
Health & Safety Purchasing
Support Services
TIMESHARE & LEISURE COMPLEX
39. 39
Application of scope
1.2 Application
• ISO 9001 Generic to ALL types of organisation
• Exclusions (only from clause 7) can be applied if
such exclusions do not adversely affect the ability
or responsibility to:
• provide quality products or services and
• satisfy applicable statutory and regulatory requirements
40. 40
The mandatory procedures – clause
4.2.1c.
There are SIX clauses of ISO 9001:2008 that require
a DOCUMENTED procedure – these are:
• 4.2.3 - control of documents
• 4.2.4 - control of records
• 8.2.2 - internal audits
• 8.3 - control of non conforming product
• 8.5.2 - corrective action
• 8.5.3 - preventive action
41. 41
General documentation requirements –
clause 4.2.1d.
• Overall objective – to ensure the effective planning, operation and
control of the organization’s processes.
• Typical benefits of a documented system are:
• Ensures consistency and uniformity
• Saves time – reduces repeat work
• Acts as a reference so that people can work independently
• Assists smoother transition e.g. new employee; shift change etc…
• Assists training
• Ensure process interfaces
• Provides records
• Basis for auditing
• Assists change control.
46. 46
Policy & Objectives – definitions
• Quality Policy
• overall intentions and direction of an organisation related to
quality and formally expressed by top management (ISO
9000:2005)
• Quality Objective
• something sought, or aimed for, related to quality (ISO
9000:2005)
Note : Quality objectives are generally based on the
organisation’s Quality Policy
47. 47
Purpose of policy and objectives
• Policy
• sets the context of the organisation’s business in terms of its
aims and strategies
• commitment from the top to employees and/or customers
• Objective
• a specific aim for achievement - e.g. reduce rejects
• Target (not defined in ISO 9000)
• objectives may be quantified – eg reduce rejects by 15% by the
end of xxxx (year).
48. 48
S.M.A.R.T Objectives
• SPECIFIED
• clear statement of what needs to be achieved
• MEASURABLE
• success can be objectively validated
• ACHIEVABLE
• can be done, we have the resources
• REALISTIC
• can be done given any constraints that might apply
• TIMEBOUND
• has a clear target date for achievement
49. 49
Where do objectives come from?
Analysis of data (clause 8.4), Management Review Input
(clause 5.6.2)
• Objectives (targets) may be set to address:
• changes in customer requirements
• changes in legislation
• new commercial opportunities
• operational problems and risks
• inefficiencies
• problems caused by sector downturns
• unacceptable levels of complaints or returns
• QMS performance (clause 5.6.1)
• Review of all QMS & performance trends
51. 51
Process auditing
• Tracks flow of work from input(s) to output(s)
• Audits all inputs including objectives, resources, information
etc…
• Tests the effectiveness of the process
• Establishes whether standards are followed
• Avoids narrow, procedural perspective
• Needs careful thought and planning
52. 52
Core process audit
• The audit of the core process (e.g. the
manufacturing process) should determine its
effectiveness and conformance to requirements,
start to finish
• Break into manageable steps, if required
• Measures verifying process effectiveness should
also be examined – e.g. KPI’s
53. 53
Typical Core Process Audit
customer
production
supply delivery
flow of activity
satisfaction
Products
Services
Information
Input(s)
Objectives
Requirements
including
Legislation
Controls
Resources
including
People
54. 54
The Audit Process
Quotations Procedure
Calibration Procedure
Training Procedure
Document Control Procedure
Control of Nonconforming
Product Procedure
Tenders &
Sales
Process
Production
Process
Despatch
and Delivery
Process
Warehouse
Process
Audits may be carried out by Procedure (horizontal); by Process
(vertical) or both e.g.:
Procurement
Process
62. 62
8.5.1 Continual improvement
• Organisations are required to continually improve the
effectiveness of the QMS through the use of the:
• Quality policy
• Quality objectives
• Audit results
• Analysis of data
• Corrective and preventive actions
• Management review
63. 63
P-D-C-A
• An audit of continual improvement should follow a clear
PDCA sequence
• PLAN (how is the activity planned or scheduled?)
• DO (how is it performed? by whom? how are they trained? do
they have access to up to date instructions? What records are
generated and retained?)
• CHECK (how is success evaluated? what checks are in place?
can I see a sample of test results or audit reports?)
• ACT (what happens when a problem is identified? how are
potential improvements identified and implemented? any
examples of recent improvements to the process?)
64. 64
Continual Improvement starts with …
• Setting clear targets and objectives
• Sets priority areas
• Targets resources in key business areas
• Provides a sound basis for planning
• Provides a sound basis for measurement and
review
65. 65
Considerations for objectives
• Current and future needs of the business
• Results of audits
• Customer feedback
• Process performance and product conformance
information
• Non conformances and customer complaints
• Customer needs
• Management system needs
66. 66
Auditing Continual Improvement
Policy
Objectives &
Target Setting
Planning
Performance
Measurement
Performance
Review
Continual
Improvement
Targets must
be translated
into plans
Progress against
plans must be
monitored
Measures
must be
used in some
way
Priority areas
will change over
time
68. 68
Common tools & techniques
• Specific methodologies may be used (for
example):
• Six Sigma
• Kaizen
• Ishikawa
• FMEA
• Poka Yoke
• SPC
• Problem Solving
69. 69
Summary
• The audit of continual improvement is based on a
process not clause 8.5.1 in isolation
• Effective continual improvement starts with a robust
objective setting process
• Cost/benefits must be measured and understood by the
organisation
72. 72
Topics
• The auditor
• General competence
• Quality management systems specific
competence
• The lead auditor
• Auditor attributes
73. 73
Knowledge & competence needs
• Business sector knowledge
• Auditing standards and sector standards
• ISO 9001, ISO 14001 etc…
• Regulatory standards
• Understanding of management systems and typical
documentation
• Continuing professional development (CPD) & good
practice are required for IRCA registration
74. 74
QMS specific competence
Quality related methods and techniques
• Quality terminology
• Quality management principles and their application
• Characteristics of processes and the resulting
products and services
• Quality tools and their applications, e.g.
• SPC
• FMEA
• Kaizen
75. 75
ISO 19011 Principles of auditing
• Ethical conduct
• Fair presentation
• Due professional care
• Independence
• Evidence – verifiable but based on a sample
76. 76
Auditor’s role
• Plan and organise work effectively
• Gather information from interviewing, listening,
observation and reviewing documents
• Accurate assessment of audit risks
• Effectively record information
• Prepare clear, concise audit reports
• Communicate effectively (personally or through a
translator)
77. 77
The lead auditor
Lead auditors should posses some additional
competencies:
• Knowledge, abilities and attributes for effective leadership and
management of the team
(planning, organising, directing and reporting)
• To represent the team in communications with the audit client and
auditee
• Be able to prevent and resolve conflicts
• Be able help the team reach conclusions and make judgement on the
overall capability of the management system
Note: Lead Auditors must demonstrate these by acting as a Lead
Auditor under the guidance of a qualified and experienced Lead
Auditor.
78. 78
Leading an audit team
AUDITEE
Arrangements
Clear communications
Safety rules
Language and customs
Ethical conduct
Understand the context
Minimum disruption
Fair & accurate reporting
Resolving conflict
CLIENT
Arrangements
Knowledge of criteria (eg standards)
Clear on objectives and scope
Assure team competence
Reliable & consistent
Diligence – due professional care
Independence and impartiality
Ethical conduct
Fair & accurate reporting
Final decision on the QMS
Resolving objections
AUDIT TEAM
Arrangements
Leadership and team ethic
Organise and direct
Support & involve
Clear communications
Appropriate team assignments
Adjudicate when necessary
Resolving conflict
AUDIT TEAM LEADER
79. 79
Summary
• All auditors must display technical
competence and professionalism
• Lead auditors must also accept
• Team management responsibilities
• Responsibility for liaising with client and auditee
• Responsibility for producing audit reports
81. 81
Topics
• Some important terms and definitions
• Different types of audits
• On and off-site planning issues
82. 82
Audit terms and definitions
• Audit
• “systematic, independent and documented process for obtaining
audit evidence and evaluating it objectively to determine the extent to
which audit criteria are fulfilled”
• Audit criteria
• “set of policies, procedures or requirements” (against which audit
evidence is compared)
• (determined by the person managing the audit programme)
• Audit evidence
• “records, statements of fact or other information which are relevant
to the audit criteria and verifiable.” (This can be qualitative or
quantitative).
(all definitions from ISO 9000:2005)
83. 83
Audit terms and definitions
• Audit objectives – not defined as such but is essentially the
what is to be accomplished by the audit
(determined by the person managing the audit programme)
• Audit scope
• “extent and boundaries of an audit” (from ISO 9000:2005)
- decided by the audit client and audit team leader
(determined by the person managing the audit programme)
Note: for certification audits
- Objectives decided by Certification Body – and
- Scope and the criteria decided jointly by Certification Body and Client
84. 84
Audit categories
• First Party (internal): auditing our own system for our
own purposes
• Second Party (external, not independent): e.g. a
customer auditing its suppliers
• Third Party (extrinsic or external and independent): e.g.
third party certification
85. 85
The audit programme
The nature and frequency of audits in the
programme may be influenced by:
• Management system, legislative or regulatory
requirements
• Customer or contract requirements
• Potential risk to the business
• Past problems or recent changes
86. 86
Internal audit requirements (clause 8.2.2)
• Internal Audits must:
• Be planned and intervals must reflect status and importance
of activity concerned
• Have a clear scope and criteria
• Test whether quality requirements are being met
• Be defined in a documented procedure
• Ensure that root cause corrective action takes place when
non-conformities are found
• Internal Auditors must be independent of their area of
work
87. 87
Key stages of the certification audit – stage 1
Stage 1 audit – The purpose of this audit is essentially to assess the
organisation’s readiness for, and provide a focus for, the Stage 2 audit. It
should include :
• Checking system documentation to ensure it satisfies ISO 9001 (e.g.
clauses 4.2 and 5.3) – sometimes called a Document Review
• Evaluating the site – location - special requirements etc
• Holding discussions with appropriate site personnel to ‘break the ice’
and get a feel for the overall preparedness for stage 2
• Checking the clients’ understanding of the standard and process
performance measurement
• Continued – next slide
88. 88
Key stages of the certification audit – stage 1
Stage 1 audit (continued) –
• Confirming the objectives and scope of the audit – and any legal
requirements
• Assisting in allocating resources and agreeing details for stage 2
• Providing a focus for planning the stage 2 audit – especially for
critical areas
• Checking implementation status for internal audit, document control,
management review, process performance measurement and other
system elements as appropriate
Note: occasionally Stage 1 is preceded by a Preliminary Visit mainly
to clarify Objectives, Scope and general arrangements for the audit.
89. 89
The document review
• This is an important part of a Stage 1- however --
• It is purely an assessment of system documentation
• To establish completeness of management system
• Policy statement, manual, procedures
• May be on site or off site
• Helps the auditor determine if the organisation is ready for
an on site certification audit
• Helps the auditor develop the on site audit plan
90. 90
Key stages of the certification audit – stage 2
Stage 2 audit – the audit evaluates the implementation and effectiveness
of the organisations QMS. It will include checking:
• Conformity to all requirements of the management system
• Top management responsibility – policy, objectives, plans etc…
• Process performance measurement for meeting objectives and
legal requirements
• Operational control of the processes
• The internal audit and management review results
• Links between policy, objectives, quality plans, processes, resulting
outcomes, performance measurement and action for all processes
• Continued - next slide
91. 91
Key stages of the certification audit – stage 2
Stage 2 audit (continued) –
• If there are no significant problems, certification is recommended by the
auditor to the certification bodies review panel
• Panel reviews auditor’s recommendation and, if satisfactory, awards
certification for 3 years – which is the recertification period.
• Organisation is then subject to surveillance audits at intervals not more
than 12 months (depending on size & complexity of organisation).
93. 93
Audit planning
• Clarify audit objectives, scope, criteria
• Resolve any feasibility issues (i.e. number of days
Required) and logistical issues (travel,
Accommodation)
• Establish team requirements
• Specialist or technical skills
• Sector knowledge
• Language skills
• Develop and agree plan with team and auditee in
advance
94. 94
Important planning Issues
• What are the client’s requirements for the audit?
• How will the audit be conducted (e.g. process or
procedure based? what standards will be used?)
• Who is the best person to interview?
• What information is important?
• Cover all generic key themes
• Management responsibility
• Resources
• Product realization - processes and products or services
• Measurement, analysis and improvement
95. 95
A systems audit process
policy
objectives
planning
outcomes
outputs
working
processes
inputs
Top Management Audit
Operations Audit
97. 97
Opening meeting
• Meeting held with auditee’s management
• Chaired by audit team leader
• Introductions
• Use agenda for meeting
• Records of meeting to be maintained
98. 98
Opening meeting
Typical agenda:
• Introduce team
• Objectives, scope & criteria
• Confidentiality
• Timetable
• Audit conduct – inc categories of findings
• Sampling risk – no problems found does not
mean that non exist
• Facilities and arrangements
• Confirm availability of people
• Reporting and appeals system
99. 99
Guides
• Should assist audit team
• Have relevant process or product knowledge
• Have knowledge of safety and emergency procedures
• May be authorised to agree audit findings
• Have access to relevant areas
• Should not influence audit or interfere
• Should not answer questions for others – unless to clarify a point
100. 100
Summary
• Short & sweet!
• Make sure:
• The auditee is prepared for the audit
• The auditee understands the process and
timetable
• People (or acceptable deputies) are still available
• You can proceed as planned
102. 102
Checklists
• Checklists can cover procedures, standards or
processes
• Generally prepared by the auditor
• Cover the full scope of the activity/audit
• Can be tailored to suit varying situations
• Should avoid being a “tick list”
• Format is not important (refer to procedure)
103. 103
Checklists - Advantages
• Helps you maintain a consistent approach
• Helps you track your process as you go
• Provides evidence of audit scope covered and
specific questions asked
• Prevents the auditor forgetting to test important
issues
• Usually process based for systems audits driven
• May be procedure based for single activity audits
104. 104
Checklists - Disadvantages
• Can inhibit flexibility
• May stop the auditor exploring unexpected
answers or following up ambiguous responses
• Takes time
105. 105
Information gathering techniques
• Interviews (remember to listen more, talk less)
• Observing activities
• Looking at documents
• Policy, plans, objectives, procedures, specifications, drawings,
instructions, contracts etc
• Looking at records
• Inspections & tests, minutes of meetings, log books,
complaints, audit reports
• Data, analyses, metrics, performance indicators
106. 106
Good communication techniques
• Asking the right sort of question
• Open
• Closed
• Hypothetical
• Probing, challenging
• Leading
• Being prepared to admit “I don’t understand”
• Knowing when to shut up and listen
108. 108
Some key principles
• Use your checklist
• If questions lead nowhere stop
• Cover your full scope
• Reach positive conclusions regarding conformance
• These must be supported by objective evidence
• Confirm findings with the auditee during the audit
• There should be no surprises in the closing meeting!
109. 109
Things to do
• Identify and note down the evidence you are examining
(take copies only if necessary)
• Tell the auditee when this arises
• Liaise regularly with the audit team as agreed
• Evaluate progress and findings and adjust the plan
appropriately
• Control the audit to get the best possible results
110. 110
Work to your plan
• Even if the auditee does not want you to …
• Diversionary tactics may involve:
• Long lunches or hospitality breaks
• Protracted discussion on philosophy and not facts
• Late arrival of personnel
• Consistent unavailability or absence of personnel
• Constant interruption (telephones, messages etc.)
• Unavailability of required documentation
111. 111
Auditing top management
• How is your policy formulated and communicated?
• How were quality objectives chosen?
• How do you plan to meet your objectives?
• How is success measured?
• What happens during management review?
• What data is looked at?
• What happens as a result of management review?
• How are new targets set and communicated?
• When should top management be audited?
112. 112
Summary
• It is the auditor’s responsibility to:
• Manage his or her own time
• Use the most appropriate techniques for the audit
• Stay in control
• Gather sufficient evidence to enable a reliable
conclusion to be made
• Keep appropriate records
113. 113
Non-conformities & categorisation
• Categorise only when full extent of problem is
understood
• Identify possible causes of the problem, not symptom
• Discuss with other team members if appropriate
• Always discuss and confirm with auditee at the time of
discovery
• Record evidence to support
• Communicate emerging findings and issues with
auditee at intervals
• Group similar findings
114. 114
Non-conformity report
• Should contain
• Clear reference to the part of the audit criteria not met
• Clear, concise description of the non-conformity and
where it was observed
• Specific reference to any supporting objective
evidence
• Should always be agreed by the auditee at least
verbally at the time of discovery
• As said previously, there should be no surprises in the
closing meeting!
115. 115
Typical non-conformity categorisation
Non Conformity
Category
Description
Major
nonconformity
(Major NC)
Non conformity identified as a serious or imminent
threat to quality; to delivery to the customer; to
breaching legislation etc.
Repetitive minor problems on the same issue may be
raised to a “major”
Minor NC
System problem or requirement not met, but with
lesser immediate impact on the product, service or
customer
Situation is OK at time of audit but is a POTENTIAL
non conformity. Preventive action is required
Observation Situation is OK but there is room for improvement.
Organisations can choose whether or not to act
126. 126
Preparation for closing meeting
• Review audit findings
• Prepare a list of findings
• Reach consensus with team, if appropriate
• Prepare a summary statement for the audit
• Prepare recommendations, if required to
(certification, inclusion on supplier list, etc…)
• Discuss appropriate follow up action
• This MUST be completed in time for the meeting
127. 127
Closing meeting
Typical agenda:
• Introductions and thanks
• Re-confirm objectives, scope & criteria
• Re-confirm the methods – inc. categories of findings
• Sampling risk – no problems found does not mean non exist
• Re-confirm confidentiality agreement
• Present and agree the findings – NC’s and Observations
• Discuss corrective action plans and methods of close out
• Timing of the report
• Questions, recommendations, thanks & goodbye
128. 128
The audit report
• The audit team leader is responsible for the report, its
contents and accuracy
• Contents from notes
• Report to contain positive issues
• Report should be written in a positive style where
appropriate
• The audit report should be approved by the nominated
person(s) and distributed, as required
129. 129
Audit follow up
• The findings of the audit should be followed up, as
required
• Non-conformities should be reviewed and closed out by
• Review documents submitted
• Review at next scheduled audit
• Special audit to review.
Note: a typical sequence for dealing with nonconformities is given in sec 6.26
of the notes
130. 130
Audit follow up
Before closing out an audit NC, the auditor should
Confirm that:
• Corrective action has been carried out
• Has the auditee fully investigated the problem?
• Has any remedial action been taken?
• Has the root cause of the problem been addressed?
• Is the problem now less likely to re-occur?
• Any preventive action is appropriate
• can others in the organisation benefit or learn from the audit
findings? Discuss through management review
131. 131
Audit records
• Audit records will depend on requirements of the
client, their procedures, contract, etc…
• Typically they would include
• For each audit
• audit report, non-conformity reports (as written)
checklists, audit evidence, audit plans,
correspondence
• Centrally held records
• audit programmes, auditor qualifications, non-
conformity reports (including follow up and close
out), non-conformity log
132. 132
Summary
• As you leave the closing meeting:
• The report will have been presented
• Any NCRs will have been presented and agreed
• Any corrective actions will have been agreed
• Methods and timescales for follow up will have been
agreed
• The auditee will know what happens next
135. 135
Topics
• International Register of Certificated Auditors (IRCA)
• Auditor Registration requirements
• United Kingdom Accreditation Service (UKAS)
• International recognition of Accredited Certification
• Accredited Certification
136. 136
IRCA
• An auditor can register with the IRCA as a
QMS auditor / lead auditor
• Registration criteria include
• Academic qualifications
• Work experience
• Quality experience
• Registered auditor training
• Auditor experience
• Details in notes
138. 138
UKAS
• Organisations want recognition that their quality
management systems meet ISO 9001
• Independent organisations established to provide this
service, known as Certification Bodies
• Certification Bodies themselves want recognition of their
professional standing
• In the UK - UKAS is the organisation that accredits the
Certification Bodies
139. 139
International accreditation
• World-wide there are organisations offering
accreditation to Certification Bodies
• International Accreditation Forum (IAF) set up
to co-ordinate activities
• Certification Bodies working within ISO / IEC
17021:2011 can operate in an IAF member
state without obtaining local accreditation
141. 141
Accredited certification
• Organisations receiving certification from an accredited
Certification Body can use the Accreditation Body logo (e.g.
UKAS) alongside the Certification Body logo e.g.:
0000
• The scope of certification is very important and is noted on a
separate page of the certificate
UKAS Logo
Certificate No FS 30445
142. 142
Accredited certification - advantages
Some advantages of gaining certification for
the QMS by an accredited certification body are:
• Independent assessment of the QMS
• Increased confidence in the system
• Improved market image – ensures better quality assurance for the
customer
• Improves quality culture and discipline – system must be maintained
• Improves bench-marking ability.
143. 143
Summary
• Standards for Accredited Certification are
consistently applied world-wide
• Auditing standards are also controlled
• Standards are regularly reviewed and revised