Audit Technique

GMP & HACCP and
ISO 9001:2015 Audit

Why do we have to audit???
 Step 11, Principles 6 of HACCP
 ISO 9001:2015 Clause Requirements
 To ensure & maintain the effectiveness of QMS
implementation
 Evaluate the QMS effectiveness & search for
opportunities for improvement
 One of the tools for continuous improvement
Reference
ISO 19011:2011 Guidelines for auditing management system

Why do we have to do the audit & verification??
Verification Audit
•Plan
•Compare the results against target
• can do in some part of work
• Daily operation control
• Solve the daily problem
• can verify ourselves
• all QMS system
• informal
• PDCA
• Independence
Verification VS Audit

What should be kept in mind during audit:
 Identification of recur non conformance
 How to deal “not accept the audit results” problem
 The necessary to issue “CAR”
 How to solve chronic problem with P-D-C-A cycle

Why we have to the audit ???
 Management control measures
 One of the tools for continuous improvement
 Help identify non conforming and make the corrective
action
 Ensure that the QMS is going on and complied with the
requirements

Definitions:
Audit:
systematic, independent and documented process for obtaining audit evidence
and evaluating it objectively to determine the extent to which the audit criteria
are fulfilled
Audit Evidence
Records, statement of fact or other information which are relevant to the audit
criteria and Verifiable
Audit Criteria
Set of policies, procedures, requirements
Audit finding
Result of the evaluation of the collected “audit evidence” against “audit
criteria”
Note: audit finding can indicate either conformity or nonconformity with audit
criteria or opportunities for improvement

Definitions:
Auditor:
Person who conducts an audit
Auditee:
Organization being audit
Competence:
(audit) demonstrated personal attributes and demonstrated ability to apply
knowledge and skills
Non-Conformity:
Non-fulfillment of a requirement
Conformity:
Fulfillment of a requirement

Definitions:
Corrective action request:
Record or report establish by auditor to auditee for corrective action
Corrective action:
Action to eliminate the cause of detected nonconformity or other undesirable
solution

Principles of Audit:
1. Integrity: the foundation of professionalism
2. Fair presentation: the obligation to report truthfully and accurately
3. Due professional care: the application of diligence and Judgment in
auditing
4. Confidentiality: security of information
5. Independence: the audit conclusions the basis for the impartiality of
the audit and objectivity of the audit conclusions
6. Evidence-based approach: the rational method for reaching
reliable and reproducible audit conclusions in a systematic audit process
Related to the auditor
Related to the audit process

Type of Audit
1. First Party Audit
 Internal Audits
• To get the evidence of system compliance
• To obtain useful information for improvement
• Management tools to evaluate the effectiveness of Quality System
2. Second Party Audit
 Customer/ Supplier
3. Third Party Audit
 Certification Body
 Regulatory Authority

Audit Methods
2 type of audit methods
1. System audit
2. Compliance audit

Audit Methods
1. System Audit
• Review related document against requirements
•First Stage of audit
Analyze related
Documents
Use the basic
knowledge of
the business
Must be done
Before compliance
audit

Audit Methods
2. Compliance Audit
Actual work VS document Sampling by observe the related activities
Interview the
operator obtain the evidencePerform by independence
auditor

Audit Program Management
Planning
Appoint the auditor

Audit
Empowerment
Audit program 20xx 1 Planning
2. Execute the program
3. Report
4. Follow up
KPI
Improve the process
Capability of auditor
Audit process
How to manage the
Audit process

Planning
1.1 Establish documented procedure for Internal audit process
1.2 Establish audit program
1.3 Preparation before audit

1.1 Procedure : Internal Audit
•Documented the audit process
•Scope of audit must cover all activities in QMS
•Criteria for determine the audit frequency

1.2 Establish audit program
Audit scope must cover all activities and area
Every area must be audit at least once a year
Frequency of audit depends on ; the important of
that area and previous audit result
Audit program must be approved by authorize persons
before use

1. Audit according to flow process
Audit Trial
Department A Department B Department C
Forward Trace
Backward Trace
1
Purchase
2
Production 3
Storage & distribute

1. Audit by activity
Audit Trial
1
Purchase
2
production
3
Storage & Distribution
Department A Department B Department C

Internal audit schedule 20xx by activities / area
Area Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
FMR activity
Production
R & D
Warehouse
Audit schedule XAudit re-schedule Audit performed
with CAR
Audit performed
no CAR
Follow up
schedule
Follow up
incomplete
Follow up
all CAR closed outX
Prepared by ………………………………/…/….. Approved by ………………………………/…/…..

Internal audit schedule 20xx by activities / area
Area Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
QMR activity
Production
R & D
Warehouse
Audit schedule XAudit re-schedule Audit performed
with CAR
Audit performed
no CAR
Follow up
schedule
Follow up
incomplete
Follow up
all CAR closed outX
Prepared by ……Mr. Bean……/…/….. Approved by ………Mrs. Bean…/…/…..
X
X

How to select and appoint the auditor
1.Competency Education Training Experience Skill
2. Personal Characteristics
…..Auditor must not be appointed to audit
his/ her own work………

Auditor Should…..
 Ethical conduct
 Open mind
 Dealing skill
 Be observant
 Understand the process
 Agility
 Precision
 Decision making
 self confidence
Auditor Should not…..
Aggressive PassiveAssertive

The audit process
Step 1. Planning and preparation for audit
Step 2. Executing the Audit
Step 3. Report the audit results
Step 4. Follow up

Step 1. Planning and prepare for audit

Preparation for audit:
Contact Auditee,
Confirm the audit schedule
Review the documents
Prepare audit schedule for
Each activities (document)
Prepare audit check list

Contact Auditee,
Confirm the audit schedule
Benefit of schedule preparation
• Clarify the audit objectives
• Transparency
• ensure that the audit cover all
concern activities
• Efficiency
Review the documents
• Audit criteria
• Document related to audit
operation
• records
• Problem, CAR that occur
before (if any)

Prepare audit schedule for Each activities (document)
• Planning the audit for each area
• Prepare the work for each auditor
• Review the important issue

Prepare audit check list
Objectives of checklist:
• Scope the audit activities
• Control the audit plan & time use
• reference for establish
• Record
How to Prepare audit check list
Checklist should help auditor to:
 Where and what we are going to see
 What issue we are going to ask
 Who we are going to talk to
 Why we have to get the information

Checklist
Audit Schedule
Audit report form
Note book
Reference
Pen
Writing board etc.
Essentials Tools for Auditor

Sample of Checklists
Auditee Department: HR Process to be Audit…Training…
Important issue
of the process to
be audit
Your
question
Audit Evidence Audit
Findings
Audit Criteria
Information Related
Documents
C NC O
Process to ensure
the staff
competency
How to measure
the effectiveness
of the process
How to ensure
staff awareness

 Opening Meeting
 Audit
 Closing Meeting
Step 2. Executing The Audit
Opening Meeting
Objectives:
Meeting with responsible manager in that manager
Transparency
Describe audit process
Confirm Schedule
Answer Question….(if any)

How we start opening meeting ????
Opening Meeting
Introduce your self and responsibility
Confirm objectives, scope, criteria
Confirm schedule
Describe the audit process, use of evidence
Confirm communication channel, etc
Practice help :19011:2011

Audit
Searching for information & evidence that reflect the
organization activities by:
Review the documents Interview the operator Observe the process

Sources of Information
Interview the operator
 Observe the activities, status and environment
 Review documents and records
• KPI
• Information sources

Auditor responsibilities:
 Ask question
 Listen to the answer
 Observe the process
 Review the finding
 Make records
 Ask for corrective action (if any)….

3 Types of the question to ask during the audit…
? Opened Questions
? Probing Questions
? Closed Questions
Using the topic in the checklist as a guideline…..

Let the auditee explain his/her job to you…
? How he/she does the job …
? What is the important part to control job quality…
You have to control the length of the answer…
Begin the question with: What is it to be done? How?
Who, Where, When, Why
Opened Questions

Continue from the last question
To find out the issue in details
For example
? Would you please explain more about ..... ?
? In case that this thing happened, what will you do?
? Please show me the record.............
Probing Questions

Closed Questions
 To confirm your understanding to the answer
 aim to make sure that it is “Yes” or “No”
“Have” or “Not have” …
? Did you record in this form after you finish
this job?

Please avoid to use the following type of question:
Question that is not related to the objectives or scope of audit
 Question that lead to your desire answer or your understanding
 Unclear question
 Containing more than one question in one sentence…
Active Listening:
Pay attention to the answer
Friendly act
Ask the auditee to make conclusion if the answer is too long…
Concentrate to the answer
Do not interrupt auditee
Give suitable time for the answer
Review your understanding again before making conclusion

Observe
Working procedure
M/C, equipment, operator
Material
Environment
Law / Regulation

How to confirm the finding:
Review the related record
Ask more than one person and compare the answer
Observe the activity
Mock up the situation
 Use checklist as a guideline and record in the checklist
 Record all necessary related information for example…
– Name and position of the interviewed person
– the answer ( in short form)
– type, name of document / document status
– device, equipment and ID number
– number of the sampling unit
– time and location
– requirement for the controlled environment (if any)

Conducting interviews:
 Interview the right person
 do it during the normal working environment
 Build the friendly situation before
 describe the reason of the interview and explain why you have to make record
 can begin by letting he/she explain her job
 always review the your conclusion with auditee
 say “Thank you for your kind cooperation” every time

Conducting interviews:
 ask the right person
 use Checklists
 record
 be steady and calm
 search for the truth
 select related sample
 inform auditee immediately
when non conform was found
 humor
Be honesty
Tip…

If non conform is found during the audit,
auditor has to inform the auditee immediately !!!
Auditors meeting after audit:
 Review the evidence and collect the idea
 Discuss the unclear issues
 Make the conclusion
 Prepare the information for writing the audit report
 Prepare to inform the audit result to auditees

Sources of information
Collecting: interview
observe, review doc.
Audit Evidence, verify
Evaluate against
Audit Criteria
Audit Findings
Reviewing
Audit Conclusion
Conform
Non Conform
Conclusion of audit
Process from collecting
The information to
The conclusion…
Inform to
do the
Corrective action

Audit conclusion:
 Compliance to the criteria in the audited area
 Effectiveness of the system, maintenance & improvement
 Competence of the reviewing system by management to ensure the maintenance
of the system (suitable, effective, continual improvement.
Audit Conclusion

Step 3. Report the audit result

Classified type of audit finding
•Non-conformity, NC
Performance that is not complied with the audit
criteria or not complied with the document in
quality management system
•Observations, O
Performance that is not NC but has potential to
become NC if there is no action taken
CA
PA

Not comply
with process
in
procedure,
WI, etc in
QMS
Not comply
with ISO
9001:2008
criteria
Affect the
quality of
product
Affect to
effectiveness
of QMS
Has potential
to become
NC
NC/CAR NC/CAR NC/CAR NC/CAR O/ PAR

L
E
N
R
Location
Evidence
Nature of NC
Requirement
At packaging storage
room, “Packaging
inspection record
(REC/WH-01)” date
20/5/2013 did not
record the inspection
result of package sp-01
which is not complied
with inspection process
inWI-WH-01 and ISO 9001
Clause 7.4.1
How to issue CAR

Corrective action request, CAR
√The audit finding that is identified as NC must be report to auditee
immediately and discuss until the issue is clarified
√ after auditor meeting, audit finding must be report to area manager
√ focus on process not person
√ area manager has to sign in audit report/ CAR/ PAR

Closing Meeting (with area manager)
For :-
•Report audit results and conclusion
•Let management have direct information
•Discuss the unclear issue,
Should covered:
Meeting between the auditor before making the report
Conclude the overall of audit finding
Closing meeting to describe the results of audit finding
Next step to be taken by auditor, auditee

Corrective & Preventive Action
 Searching for the root cause(s)
 use of P-D-C-A
 Analysis of related information
 Planning for the problem solving
 Execution of the plan
 Evaluation the effectiveness

Information from audit process that is already
classified, grouped to determine the
Effectiveness of QMS
Trend of implementation
Corrective action
4C
Correct
Complete
Clear
Concise
Audit Conclusion

Topic to be review the audit result
•The evidence : clear and traceable
• Determination : precise & concise
• Report writing : easy to understand
• review of non-agree NC

Step 4. The Follow up
•Audited area must completed corrective action before the follow up
•The follow up activities are :
Review the corrective action activities
Review the results of the corrective action : records,documents
that is changed from the action taken

Step 4. The Follow up
CAR Closed
The corrective actions results
is effective enough to ensure
that the same problem will
not occur again
Auditor records in CAR and close
the issue

Corrective action results is not effective or there is no action taken
 Record
 Submit to QMR or management
Audit follow up that can not close
Effective audit should……..
Clear objective
Auditor is well trained
Audit plan is well prepared
Open, not a surprise audit
Agree on audit results
All NC are reviewed between Auditor/ auditee
The audit result is used for adjust the audit frequency

Improvement of auditor competency
Re-Training
Internal meeting,
sharing the
Knowledge and
experience
Observe the
Audit
Activity
Of other organization
Persuade to do the job

Audit Technique

More Related Content

What's hot

Similar to Audit Technique

Recently uploaded

Audit Technique