SlideShare a Scribd company logo

Audits, inspections and reporting -

Download as PPTX, PDF
Qualsys Ltd
Qualsys Ltd

Identifying risks and opportunities through audits

Business
1 of 31
Audits, inspections and reporting Identifying risks and opportunities 20th March 2019 Chris Owen, Services Director at Qualsys
Agenda: Identifying risks and opportunities in audits Why audit? Five common auditing mistakes Is your auditing process broken? Risks and opportunity management and reporting Chris Owen Services Director
400+ successful implementations
Auditing today: Preventing business disruption in a digital world 2018-2019 2017-2018
90% of internal audit reports cost over £5,000 each IIA Report: Nearly 70% of internal audit assignments last more than 15 days 0-5 man days 6-10 man days 11-15 man days 16-20 man days More than 20 days • Source: https://www.iia.org.uk/media/198130/13._benchmarking_report_internal_audit_assignments_22_september_2008_1_.pdf
It’s all about risk and opportunity
Auditing Generates valuable insights Prevents waste Creates value Helps organisations to grow Fixes leaking buckets
Auditing has an image problem
What would your organisation say about the audit function? • Internal audit survey prior to implementation of a management system
Mistake #1: Poor communications • Same questions, same responses
The auditing landscape 1. Collect risk and opportunity data 2. Audits 3. Risk treatment  Internal issues, NCRs, training  Macro-environmental changes  Inspections  Policies & documentation  Process reviews  Culture health checks  Department audits  Risk and opportunity identification  Reports  Business continuity  Workflows / CAPA  Business improvement
Mistake #2: Lack of creativity • Same questions, same responses
Goldilocks auditor • The best auditors listen, learn and guide Overly friendly Too rigid Good communicators
Your internal auditors are as valuable to your business as external auditors
Mistake #3: Inconsistent approaches and experience
Audits vs Inspections Audit Inspections Qualitative Quantitative Exploratory Tick-box Who, Why, What, Where, When, How? Yes / No Useful for: Leadership audits, risks and opportunities, improvement initiatives, operational excellence, growth, profitability, ideas and innovation Useful for: Exposing vulnerabilities, quality control, waste reduction, fact- checking, process management. Complex root cause analysis and problem solving Rapid root cause analysis
Use your audit report wisely Benefits of using a scale Disadvantages of using a scale Simple to understand Diversion from findings to a negotiation on a number Provides areas of focus Promotes competition between departments Scale reflects risks Repetition of recommendations against risks (no integration of activities leading to duplication of effort) Allows committee members to assess strength of controls without reading report Management may ignore areas of weakness or good practice Powerful communication tool Does not include recommendations, instead agreed management actions • How can we communicate risk and opportunity in a way people are going to understand? • How can we drive action from audit reports? • How can we change the perception of an internal audit from a tick-box exercise to one where it drives cultural change? !Think carefully before putting a scale in the audit report
Mistake #4: Not investing in auditors
Attitude, approach, communication and appearance
“Quality people are the needle and thread, stitching the whole end-to- end together. To do this you have to be a good communicator and influencer who can quickly build respect and credibility. People who can truly do this are very thin on the ground.” Leading quality in the 21st Century – CQI & Oakland research report
Mistake #5: Poor follow up activity
Implementing Risks & Opportunities Remember to follow-up on any audit findings See all findings as an opportunities for improvement. Discuss and report your finding at senior level. ? What action did you take to address a problem? ? Did you carry out any trend analysis? ? How can you prevent a NCF from occurring again? ? How effective were your corrective and preventative actions? ? Have you updated your Risk register?
Response needs context Discipline Organisation Philosophy Continuous improvement Daily improvement Standup 5s Kaizen events Improvement projects A3 management DMAIC Low Time commitment, level of complexity & resources High
Example of 5s Performance & Grading Grid STEP 1 – (Sort) ORGANISATION Seiri STEP 2 – (Set in order) ORDERLINESS Seiton STEP 3 – (Shine) CLEANLINESS Seiso STEP 4 – (Standardize) STANDARDISATION Seiketsu STEP – (Sustain) DISCIPLINE Shitsuke A cluttered workspace with many unneeded items in random locations. Haphazard No organisation. Essential items are lost in the clutter Dirty area with no evidence of systematic cleaning No evidence of a documented routine No evidence of management, monitoring or support Some unneeded items remain. Somewhat easier to find needed items Some organisation of items. All locations not dedicated. Some visual clues Area is generally clean. Routine not in evidence. Inspection not part of routine Procedures exist but not evident in workplace. Inconsistently applied Visual measures of 5s performance posted Only needed items remain but quantities required are not defined All items neatly arranged. Dedicated locations and visual cues Cleaning and inspection of equipment clearly in evidence Procedures in place and beginning to be practiced Continuous improvement process in place. Evidence of follow-up management Only the bare essentials remain. Only defined quantities of items evident A visual work environment. "A place for everything and everything in its place" A spotless, inviting environment. Attention to detail obvious Clearly defined, effective cleaning process is in constant use Primary focus is prevention. Standards constantly being upgraded 1 POOR 2 3 4 EXCELLENT LEVEL
Let technology help
The art of data storytelling • Use reports to paint a picture of the business • Develop a flexible approach to dashboards • From many data systems to snapshots of an individual process step
The auditing landscape 1. Collect risk and opportunity data 2. Audits 3. Risk treatment  Internal issues, NCRs, training  Macro-environmental changes  Inspections  Policies & documentation  Process reviews  Culture health checks  Department audits  Risk and opportunity identification  Reports  Business continuity  Workflows / CAPA  Business improvement
Let data be the guide • Descriptive statics: • Variance • Range • Standard Deviation • Histograms • Good for Qualitative , discreet data, understanding the variations • Pareto Analysis • Value Stream Mapping • Fishbone Analysis using the 6Ms
Learn from your mistakes
Aizlewood’s Mill, Nursery Street, Sheffield S3 8GG +44 114 282 3338 info@qualsys.co.uk

Recommended

ISO 9001 - It sets out the criteria for a quality management system and is th...
ISO 9001 - It sets out the criteria for a quality management system and is th...ISO 9001 - It sets out the criteria for a quality management system and is th...
ISO 9001 - It sets out the criteria for a quality management system and is th...Tushar Sadhye
 
Quality Management System
Quality Management SystemQuality Management System
Quality Management SystemAftab Ahmed
 
Quality management system
Quality management systemQuality management system
Quality management systemJubayer Alam Shoikat
 
Quick guide to ISO9001:2015
Quick guide to ISO9001:2015Quick guide to ISO9001:2015
Quick guide to ISO9001:2015Ellen Willoughby
 
Designing a quality management system
Designing a quality management systemDesigning a quality management system
Designing a quality management systemQuality Management
 
Iso 9001:2015 Documented Information Guidance
Iso 9001:2015 Documented Information GuidanceIso 9001:2015 Documented Information Guidance
Iso 9001:2015 Documented Information GuidanceMohammad Elshahat
 
Management review format
Management review formatManagement review format
Management review formatcrazy_hornet
 
ISO 9001 2015 | Training Now Available In Johannesburg & Pretoria
ISO 9001 2015 | Training Now Available In Johannesburg & PretoriaISO 9001 2015 | Training Now Available In Johannesburg & Pretoria
ISO 9001 2015 | Training Now Available In Johannesburg & PretoriaAndre Barnarde
 

Recommended

ISO 9001 - It sets out the criteria for a quality management system and is th...
ISO 9001 - It sets out the criteria for a quality management system and is th...ISO 9001 - It sets out the criteria for a quality management system and is th...
ISO 9001 - It sets out the criteria for a quality management system and is th...Tushar Sadhye
 
Quality Management System
Quality Management SystemQuality Management System
Quality Management SystemAftab Ahmed
 
Quality management system
Quality management systemQuality management system
Quality management systemJubayer Alam Shoikat
 
Quick guide to ISO9001:2015
Quick guide to ISO9001:2015Quick guide to ISO9001:2015
Quick guide to ISO9001:2015Ellen Willoughby
 
Designing a quality management system
Designing a quality management systemDesigning a quality management system
Designing a quality management systemQuality Management
 
Iso 9001:2015 Documented Information Guidance
Iso 9001:2015 Documented Information GuidanceIso 9001:2015 Documented Information Guidance
Iso 9001:2015 Documented Information GuidanceMohammad Elshahat
 
Management review format
Management review formatManagement review format
Management review formatcrazy_hornet
 
ISO 9001 2015 | Training Now Available In Johannesburg & Pretoria
ISO 9001 2015 | Training Now Available In Johannesburg & PretoriaISO 9001 2015 | Training Now Available In Johannesburg & Pretoria
ISO 9001 2015 | Training Now Available In Johannesburg & PretoriaAndre Barnarde
 
Quality Management System for Service Companies
Quality Management System for Service CompaniesQuality Management System for Service Companies
Quality Management System for Service CompaniesPECB
 
ISO 9001:2015 Reshaping the role of the auditor - updated version
ISO 9001:2015 Reshaping the role of the auditor - updated versionISO 9001:2015 Reshaping the role of the auditor - updated version
ISO 9001:2015 Reshaping the role of the auditor - updated versionBywater Training
 
PECB Webinar: Minimizing the Documentation in a QMS system
PECB Webinar: Minimizing the Documentation in a QMS systemPECB Webinar: Minimizing the Documentation in a QMS system
PECB Webinar: Minimizing the Documentation in a QMS systemPECB
 
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008Engr. Syed Noor Mustafa Shah
 
ISO 9001:2008 Internal Auditing of Quality Management Systems - Introduction
ISO 9001:2008 Internal Auditing of Quality Management Systems - IntroductionISO 9001:2008 Internal Auditing of Quality Management Systems - Introduction
ISO 9001:2008 Internal Auditing of Quality Management Systems - IntroductionKanriConsulting
 
Management Review
Management ReviewManagement Review
Management ReviewThyssenkrupp
 
Qms kick off meeting ppt
Qms kick off meeting pptQms kick off meeting ppt
Qms kick off meeting pptANUPAM RAY
 
Quality Management System
Quality Management SystemQuality Management System
Quality Management SystemAmrutanshu Panda
 
ISO 9001:2015 Overview. Presentation for Training (Preview)
ISO 9001:2015 Overview. Presentation for Training (Preview) ISO 9001:2015 Overview. Presentation for Training (Preview)
ISO 9001:2015 Overview. Presentation for Training (Preview) Centauri Business Group Inc.
 
ISO 9001:2015 Interpretation and Implementation (10/22/16)
ISO 9001:2015 Interpretation and Implementation (10/22/16)ISO 9001:2015 Interpretation and Implementation (10/22/16)
ISO 9001:2015 Interpretation and Implementation (10/22/16)Colin Gray
 
QMS implementation, process approach
QMS implementation, process approachQMS implementation, process approach
QMS implementation, process approachAndreea Precup
 
ISO 9001 2015 Overview presentation
ISO 9001 2015 Overview presentation ISO 9001 2015 Overview presentation
ISO 9001 2015 Overview presentation Govind Ramu
 
Is Your Management Review Process Adding Value?
Is Your Management Review Process Adding Value?Is Your Management Review Process Adding Value?
Is Your Management Review Process Adding Value?Antonius Pompi Bramono
 
Process approach to qms
Process approach to qmsProcess approach to qms
Process approach to qmsrahulwable
 
Internal Auditor Course
Internal Auditor CourseInternal Auditor Course
Internal Auditor CourseDan Stehling
 
Top 5 reasons to implement a quality management system
Top 5 reasons to implement a quality management systemTop 5 reasons to implement a quality management system
Top 5 reasons to implement a quality management systemQuality Management
 
How to successfully implement ISO 9001:2015 with a minimal documents approach
How to successfully implement ISO 9001:2015 with a minimal documents approachHow to successfully implement ISO 9001:2015 with a minimal documents approach
How to successfully implement ISO 9001:2015 with a minimal documents approachPECB
 
Risk elimination and safety committee
Risk elimination and safety committeeRisk elimination and safety committee
Risk elimination and safety committeeHpm India
 
Quality Management System (QMS) for training providers
Quality Management System (QMS) for training providers Quality Management System (QMS) for training providers
Quality Management System (QMS) for training providers Linda Meyer
 
Future of-quality asq 042011-govind
Future of-quality asq 042011-govindFuture of-quality asq 042011-govind
Future of-quality asq 042011-govindGovind Ramu
 
Internal Process Audit
Internal Process AuditInternal Process Audit
Internal Process Auditintellisenseit
 
Internal audit
Internal auditInternal audit
Internal auditShoab Malek (Certified Quality Auditor)
 

More Related Content

What's hot

Quality Management System for Service Companies
Quality Management System for Service CompaniesQuality Management System for Service Companies
Quality Management System for Service CompaniesPECB
 
ISO 9001:2015 Reshaping the role of the auditor - updated version
ISO 9001:2015 Reshaping the role of the auditor - updated versionISO 9001:2015 Reshaping the role of the auditor - updated version
ISO 9001:2015 Reshaping the role of the auditor - updated versionBywater Training
 
PECB Webinar: Minimizing the Documentation in a QMS system
PECB Webinar: Minimizing the Documentation in a QMS systemPECB Webinar: Minimizing the Documentation in a QMS system
PECB Webinar: Minimizing the Documentation in a QMS systemPECB
 
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008Engr. Syed Noor Mustafa Shah
 
ISO 9001:2008 Internal Auditing of Quality Management Systems - Introduction
ISO 9001:2008 Internal Auditing of Quality Management Systems - IntroductionISO 9001:2008 Internal Auditing of Quality Management Systems - Introduction
ISO 9001:2008 Internal Auditing of Quality Management Systems - IntroductionKanriConsulting
 
Qms kick off meeting ppt
Qms kick off meeting pptQms kick off meeting ppt
Qms kick off meeting pptANUPAM RAY
 
ISO 9001:2015 Overview. Presentation for Training (Preview)
ISO 9001:2015 Overview. Presentation for Training (Preview) ISO 9001:2015 Overview. Presentation for Training (Preview)
ISO 9001:2015 Overview. Presentation for Training (Preview) Centauri Business Group Inc.
 
ISO 9001:2015 Interpretation and Implementation (10/22/16)
ISO 9001:2015 Interpretation and Implementation (10/22/16)ISO 9001:2015 Interpretation and Implementation (10/22/16)
ISO 9001:2015 Interpretation and Implementation (10/22/16)Colin Gray
 
QMS implementation, process approach
QMS implementation, process approachQMS implementation, process approach
QMS implementation, process approachAndreea Precup
 
ISO 9001 2015 Overview presentation
ISO 9001 2015 Overview presentation ISO 9001 2015 Overview presentation
ISO 9001 2015 Overview presentation Govind Ramu
 
Is Your Management Review Process Adding Value?
Is Your Management Review Process Adding Value?Is Your Management Review Process Adding Value?
Is Your Management Review Process Adding Value?Antonius Pompi Bramono
 
Process approach to qms
Process approach to qmsProcess approach to qms
Process approach to qmsrahulwable
 
Internal Auditor Course
Internal Auditor CourseInternal Auditor Course
Internal Auditor CourseDan Stehling
 
Top 5 reasons to implement a quality management system
Top 5 reasons to implement a quality management systemTop 5 reasons to implement a quality management system
Top 5 reasons to implement a quality management systemQuality Management
 
How to successfully implement ISO 9001:2015 with a minimal documents approach
How to successfully implement ISO 9001:2015 with a minimal documents approachHow to successfully implement ISO 9001:2015 with a minimal documents approach
How to successfully implement ISO 9001:2015 with a minimal documents approachPECB
 
Risk elimination and safety committee
Risk elimination and safety committeeRisk elimination and safety committee
Risk elimination and safety committeeHpm India
 
Quality Management System (QMS) for training providers
Quality Management System (QMS) for training providers Quality Management System (QMS) for training providers
Quality Management System (QMS) for training providers Linda Meyer
 
Future of-quality asq 042011-govind
Future of-quality asq 042011-govindFuture of-quality asq 042011-govind
Future of-quality asq 042011-govindGovind Ramu
 

What's hot (20)

Quality Management System for Service Companies
Quality Management System for Service CompaniesQuality Management System for Service Companies
Quality Management System for Service Companies
 
ISO 9001:2015 Reshaping the role of the auditor - updated version
ISO 9001:2015 Reshaping the role of the auditor - updated versionISO 9001:2015 Reshaping the role of the auditor - updated version
ISO 9001:2015 Reshaping the role of the auditor - updated version
 
PECB Webinar: Minimizing the Documentation in a QMS system
PECB Webinar: Minimizing the Documentation in a QMS systemPECB Webinar: Minimizing the Documentation in a QMS system
PECB Webinar: Minimizing the Documentation in a QMS system
 
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
 
ISO 9001:2008 Internal Auditing of Quality Management Systems - Introduction
ISO 9001:2008 Internal Auditing of Quality Management Systems - IntroductionISO 9001:2008 Internal Auditing of Quality Management Systems - Introduction
ISO 9001:2008 Internal Auditing of Quality Management Systems - Introduction
 
Management Review
Management ReviewManagement Review
Management Review
 
Qms kick off meeting ppt
Qms kick off meeting pptQms kick off meeting ppt
Qms kick off meeting ppt
 
Quality Management System
Quality Management SystemQuality Management System
Quality Management System
 
ISO 9001:2015 Overview. Presentation for Training (Preview)
ISO 9001:2015 Overview. Presentation for Training (Preview) ISO 9001:2015 Overview. Presentation for Training (Preview)
ISO 9001:2015 Overview. Presentation for Training (Preview)
 
ISO 9001:2015 Interpretation and Implementation (10/22/16)
ISO 9001:2015 Interpretation and Implementation (10/22/16)ISO 9001:2015 Interpretation and Implementation (10/22/16)
ISO 9001:2015 Interpretation and Implementation (10/22/16)
 
QMS implementation, process approach
QMS implementation, process approachQMS implementation, process approach
QMS implementation, process approach
 
ISO 9001 2015 Overview presentation
ISO 9001 2015 Overview presentation ISO 9001 2015 Overview presentation
ISO 9001 2015 Overview presentation
 
Is Your Management Review Process Adding Value?
Is Your Management Review Process Adding Value?Is Your Management Review Process Adding Value?
Is Your Management Review Process Adding Value?
 
Process approach to qms
Process approach to qmsProcess approach to qms
Process approach to qms
 
Internal Auditor Course
Internal Auditor CourseInternal Auditor Course
Internal Auditor Course
 
Top 5 reasons to implement a quality management system
Top 5 reasons to implement a quality management systemTop 5 reasons to implement a quality management system
Top 5 reasons to implement a quality management system
 
How to successfully implement ISO 9001:2015 with a minimal documents approach
How to successfully implement ISO 9001:2015 with a minimal documents approachHow to successfully implement ISO 9001:2015 with a minimal documents approach
How to successfully implement ISO 9001:2015 with a minimal documents approach
 
Risk elimination and safety committee
Risk elimination and safety committeeRisk elimination and safety committee
Risk elimination and safety committee
 
Quality Management System (QMS) for training providers
Quality Management System (QMS) for training providers Quality Management System (QMS) for training providers
Quality Management System (QMS) for training providers
 
Future of-quality asq 042011-govind
Future of-quality asq 042011-govindFuture of-quality asq 042011-govind
Future of-quality asq 042011-govind
 

Similar to Audits, inspections and reporting -

Internal Process Audit
Internal Process AuditInternal Process Audit
Internal Process Auditintellisenseit
 
Iso 9001 2015 process audit checklist
Iso 9001 2015 process audit checklistIso 9001 2015 process audit checklist
Iso 9001 2015 process audit checklistCinthiia Akamii
 
Academic forum 2 Group 2
Academic forum 2 Group 2Academic forum 2 Group 2
Academic forum 2 Group 2Fc2017
 
Performance audit adding value
Performance audit adding valuePerformance audit adding value
Performance audit adding valueicgfmconference
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid themSurajit Datta
 
Awareness To Lean & 7 Qc Tools
Awareness To Lean & 7 Qc ToolsAwareness To Lean & 7 Qc Tools
Awareness To Lean & 7 Qc ToolsNilesh Sawant
 
CxO Lean StepUp ACT NOW model and canvas Macrow Lean Services Melbourne +61 4...
CxO Lean StepUp ACT NOW model and canvas Macrow Lean Services Melbourne +61 4...CxO Lean StepUp ACT NOW model and canvas Macrow Lean Services Melbourne +61 4...
CxO Lean StepUp ACT NOW model and canvas Macrow Lean Services Melbourne +61 4...John Macrow
 
Internal audit mechanism
Internal audit mechanismInternal audit mechanism
Internal audit mechanismSaurabh Sawhney
 
Risk-Management-in-ISO-9001.pdf
Risk-Management-in-ISO-9001.pdfRisk-Management-in-ISO-9001.pdf
Risk-Management-in-ISO-9001.pdfukavathekar
 
Mastering the Huddle Office of Lean Transformation
Mastering the Huddle Office of Lean TransformationMastering the Huddle Office of Lean Transformation
Mastering the Huddle Office of Lean TransformationAmanda Gilmore
 
Organizational development measures
Organizational development measuresOrganizational development measures
Organizational development measuresEric Bruggeman ET
 
Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarAviva Spectrum™
 
Operational Excellence at Edward Jones: Deploying Operational Excellence Thr...
Operational Excellence at Edward Jones: Deploying Operational Excellence Thr...Operational Excellence at Edward Jones: Deploying Operational Excellence Thr...
Operational Excellence at Edward Jones: Deploying Operational Excellence Thr...The Boeing Center
 

Similar to Audits, inspections and reporting - (20)

Internal Process Audit
Internal Process AuditInternal Process Audit
Internal Process Audit
 
Internal audit
Internal auditInternal audit
Internal audit
 
Iso 9001 2015 process audit checklist
Iso 9001 2015 process audit checklistIso 9001 2015 process audit checklist
Iso 9001 2015 process audit checklist
 
file000241.pdf
file000241.pdffile000241.pdf
file000241.pdf
 
Academic forum 2 Group 2
Academic forum 2 Group 2Academic forum 2 Group 2
Academic forum 2 Group 2
 
Performance audit adding value
Performance audit adding valuePerformance audit adding value
Performance audit adding value
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid them
 
Awareness To Lean & 7 Qc Tools
Awareness To Lean & 7 Qc ToolsAwareness To Lean & 7 Qc Tools
Awareness To Lean & 7 Qc Tools
 
CxO Lean StepUp ACT NOW model and canvas Macrow Lean Services Melbourne +61 4...
CxO Lean StepUp ACT NOW model and canvas Macrow Lean Services Melbourne +61 4...CxO Lean StepUp ACT NOW model and canvas Macrow Lean Services Melbourne +61 4...
CxO Lean StepUp ACT NOW model and canvas Macrow Lean Services Melbourne +61 4...
 
Internal audit mechanism
Internal audit mechanismInternal audit mechanism
Internal audit mechanism
 
Risk-Management-in-ISO-9001.pdf
Risk-Management-in-ISO-9001.pdfRisk-Management-in-ISO-9001.pdf
Risk-Management-in-ISO-9001.pdf
 
Mastering the Huddle Office of Lean Transformation
Mastering the Huddle Office of Lean TransformationMastering the Huddle Office of Lean Transformation
Mastering the Huddle Office of Lean Transformation
 
Craig's little book of iso's
Craig's little book of iso'sCraig's little book of iso's
Craig's little book of iso's
 
Craig's little book of iso's
Craig's little book of iso'sCraig's little book of iso's
Craig's little book of iso's
 
Organizational development measures
Organizational development measuresOrganizational development measures
Organizational development measures
 
5S & Safety
5S & Safety5S & Safety
5S & Safety
 
Lean concepts and quality indicators final
Lean concepts and quality indicators finalLean concepts and quality indicators final
Lean concepts and quality indicators final
 
Healthcare measures
Healthcare measuresHealthcare measures
Healthcare measures
 
Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches Webinar
 
Operational Excellence at Edward Jones: Deploying Operational Excellence Thr...
Operational Excellence at Edward Jones: Deploying Operational Excellence Thr...Operational Excellence at Edward Jones: Deploying Operational Excellence Thr...
Operational Excellence at Edward Jones: Deploying Operational Excellence Thr...
 

More from Qualsys Ltd

Qualsys and sirus
Qualsys and sirus Qualsys and sirus
Qualsys and sirus Qualsys Ltd
 
How to Audit Leadership
How to Audit LeadershipHow to Audit Leadership
How to Audit LeadershipQualsys Ltd
 
Qualsys GXP presentation
Qualsys GXP presentation Qualsys GXP presentation
Qualsys GXP presentation Qualsys Ltd
 
APQP Training presentation
APQP Training presentationAPQP Training presentation
APQP Training presentationQualsys Ltd
 
As 9100 D QMS Training Materials
As 9100 D QMS Training Materials As 9100 D QMS Training Materials
As 9100 D QMS Training Materials Qualsys Ltd
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysQualsys Ltd
 
Culture of quality workshop - Qualsys Training Workshop
Culture of quality workshop - Qualsys Training WorkshopCulture of quality workshop - Qualsys Training Workshop
Culture of quality workshop - Qualsys Training WorkshopQualsys Ltd
 
ISO 45001:2018 Health and Safety Management Software
ISO 45001:2018 Health and Safety Management SoftwareISO 45001:2018 Health and Safety Management Software
ISO 45001:2018 Health and Safety Management SoftwareQualsys Ltd
 
8D problem solving for NCR management: Beginners training
8D problem solving for NCR management: Beginners training 8D problem solving for NCR management: Beginners training
8D problem solving for NCR management: Beginners training Qualsys Ltd
 
Lean six sigma explained: Beginners training
Lean six sigma explained: Beginners trainingLean six sigma explained: Beginners training
Lean six sigma explained: Beginners trainingQualsys Ltd
 
Sodexo governance, risk and compliance software (GRC) case study
Sodexo governance, risk and compliance software (GRC) case study Sodexo governance, risk and compliance software (GRC) case study
Sodexo governance, risk and compliance software (GRC) case study Qualsys Ltd
 
Best practice approach for PLM, Product Supply and Sourcing
Best practice approach for PLM, Product Supply and SourcingBest practice approach for PLM, Product Supply and Sourcing
Best practice approach for PLM, Product Supply and SourcingQualsys Ltd
 
ISO 22301 leadership buy in presentation
ISO 22301 leadership buy in presentationISO 22301 leadership buy in presentation
ISO 22301 leadership buy in presentationQualsys Ltd
 
ISO 19011 Revision
ISO 19011 RevisionISO 19011 Revision
ISO 19011 RevisionQualsys Ltd
 
How to Drive Engagement with Enterprise Compliance Software
How to Drive Engagement with Enterprise Compliance SoftwareHow to Drive Engagement with Enterprise Compliance Software
How to Drive Engagement with Enterprise Compliance SoftwareQualsys Ltd
 
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
 
Embedding a culture of quality: ISO 9001:2015 Focus
Embedding a culture of quality: ISO 9001:2015 FocusEmbedding a culture of quality: ISO 9001:2015 Focus
Embedding a culture of quality: ISO 9001:2015 FocusQualsys Ltd
 
7 Step Guide To Successfully Managing a Change Project & Winning Stakeholders...
7 Step Guide To Successfully Managing a Change Project & Winning Stakeholders...7 Step Guide To Successfully Managing a Change Project & Winning Stakeholders...
7 Step Guide To Successfully Managing a Change Project & Winning Stakeholders...Qualsys Ltd
 
Equipment maintenance management: implementation
Equipment maintenance management: implementationEquipment maintenance management: implementation
Equipment maintenance management: implementationQualsys Ltd
 
Global Quality Survey Results 2016
Global Quality Survey Results 2016Global Quality Survey Results 2016
Global Quality Survey Results 2016Qualsys Ltd
 

More from Qualsys Ltd (20)

Qualsys and sirus
Qualsys and sirus Qualsys and sirus
Qualsys and sirus
 
How to Audit Leadership
How to Audit LeadershipHow to Audit Leadership
How to Audit Leadership
 
Qualsys GXP presentation
Qualsys GXP presentation Qualsys GXP presentation
Qualsys GXP presentation
 
APQP Training presentation
APQP Training presentationAPQP Training presentation
APQP Training presentation
 
As 9100 D QMS Training Materials
As 9100 D QMS Training Materials As 9100 D QMS Training Materials
As 9100 D QMS Training Materials
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by Qualsys
 
Culture of quality workshop - Qualsys Training Workshop
Culture of quality workshop - Qualsys Training WorkshopCulture of quality workshop - Qualsys Training Workshop
Culture of quality workshop - Qualsys Training Workshop
 
ISO 45001:2018 Health and Safety Management Software
ISO 45001:2018 Health and Safety Management SoftwareISO 45001:2018 Health and Safety Management Software
ISO 45001:2018 Health and Safety Management Software
 
8D problem solving for NCR management: Beginners training
8D problem solving for NCR management: Beginners training 8D problem solving for NCR management: Beginners training
8D problem solving for NCR management: Beginners training
 
Lean six sigma explained: Beginners training
Lean six sigma explained: Beginners trainingLean six sigma explained: Beginners training
Lean six sigma explained: Beginners training
 
Sodexo governance, risk and compliance software (GRC) case study
Sodexo governance, risk and compliance software (GRC) case study Sodexo governance, risk and compliance software (GRC) case study
Sodexo governance, risk and compliance software (GRC) case study
 
Best practice approach for PLM, Product Supply and Sourcing
Best practice approach for PLM, Product Supply and SourcingBest practice approach for PLM, Product Supply and Sourcing
Best practice approach for PLM, Product Supply and Sourcing
 
ISO 22301 leadership buy in presentation
ISO 22301 leadership buy in presentationISO 22301 leadership buy in presentation
ISO 22301 leadership buy in presentation
 
ISO 19011 Revision
ISO 19011 RevisionISO 19011 Revision
ISO 19011 Revision
 
How to Drive Engagement with Enterprise Compliance Software
How to Drive Engagement with Enterprise Compliance SoftwareHow to Drive Engagement with Enterprise Compliance Software
How to Drive Engagement with Enterprise Compliance Software
 
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
 
Embedding a culture of quality: ISO 9001:2015 Focus
Embedding a culture of quality: ISO 9001:2015 FocusEmbedding a culture of quality: ISO 9001:2015 Focus
Embedding a culture of quality: ISO 9001:2015 Focus
 
7 Step Guide To Successfully Managing a Change Project & Winning Stakeholders...
7 Step Guide To Successfully Managing a Change Project & Winning Stakeholders...7 Step Guide To Successfully Managing a Change Project & Winning Stakeholders...
7 Step Guide To Successfully Managing a Change Project & Winning Stakeholders...
 
Equipment maintenance management: implementation
Equipment maintenance management: implementationEquipment maintenance management: implementation
Equipment maintenance management: implementation
 
Global Quality Survey Results 2016
Global Quality Survey Results 2016Global Quality Survey Results 2016
Global Quality Survey Results 2016
 

Recently uploaded

2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
rishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfrishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfmuskan1121w
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessAggregage
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service PuneVIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service PuneCall girls in Ahmedabad High profile
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
Catalogue ONG NUOC PPR DE NHAT .pdf
Catalogue ONG NUOC PPR DE NHAT .pdfCatalogue ONG NUOC PPR DE NHAT .pdf
Catalogue ONG NUOC PPR DE NHAT .pdfOrient Homes
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
RE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechRE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechNewman George Leech
 
Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...lizamodels9
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service DewasVip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewasmakika9823
 

Recently uploaded (20)

2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
rishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfrishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdf
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for Success
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service PuneVIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
Catalogue ONG NUOC PPR DE NHAT .pdf
Catalogue ONG NUOC PPR DE NHAT .pdfCatalogue ONG NUOC PPR DE NHAT .pdf
Catalogue ONG NUOC PPR DE NHAT .pdf
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
RE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechRE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman Leech
 
Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Old Faridabad ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service DewasVip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 

Audits, inspections and reporting -

  • 1. Audits, inspections and reporting Identifying risks and opportunities 20th March 2019 Chris Owen, Services Director at Qualsys
  • 2. Agenda: Identifying risks and opportunities in audits Why audit? Five common auditing mistakes Is your auditing process broken? Risks and opportunity management and reporting Chris Owen Services Director
  • 4. Auditing today: Preventing business disruption in a digital world 2018-2019 2017-2018
  • 5.
  • 6. 90% of internal audit reports cost over £5,000 each IIA Report: Nearly 70% of internal audit assignments last more than 15 days 0-5 man days 6-10 man days 11-15 man days 16-20 man days More than 20 days • Source: https://www.iia.org.uk/media/198130/13._benchmarking_report_internal_audit_assignments_22_september_2008_1_.pdf
  • 7. It’s all about risk and opportunity
  • 8. Auditing Generates valuable insights Prevents waste Creates value Helps organisations to grow Fixes leaking buckets
  • 10. What would your organisation say about the audit function? • Internal audit survey prior to implementation of a management system
  • 11. Mistake #1: Poor communications • Same questions, same responses
  • 12. The auditing landscape 1. Collect risk and opportunity data 2. Audits 3. Risk treatment  Internal issues, NCRs, training  Macro-environmental changes  Inspections  Policies & documentation  Process reviews  Culture health checks  Department audits  Risk and opportunity identification  Reports  Business continuity  Workflows / CAPA  Business improvement
  • 13. Mistake #2: Lack of creativity • Same questions, same responses
  • 14. Goldilocks auditor • The best auditors listen, learn and guide Overly friendly Too rigid Good communicators
  • 15. Your internal auditors are as valuable to your business as external auditors
  • 16. Mistake #3: Inconsistent approaches and experience
  • 17. Audits vs Inspections Audit Inspections Qualitative Quantitative Exploratory Tick-box Who, Why, What, Where, When, How? Yes / No Useful for: Leadership audits, risks and opportunities, improvement initiatives, operational excellence, growth, profitability, ideas and innovation Useful for: Exposing vulnerabilities, quality control, waste reduction, fact- checking, process management. Complex root cause analysis and problem solving Rapid root cause analysis
  • 18. Use your audit report wisely Benefits of using a scale Disadvantages of using a scale Simple to understand Diversion from findings to a negotiation on a number Provides areas of focus Promotes competition between departments Scale reflects risks Repetition of recommendations against risks (no integration of activities leading to duplication of effort) Allows committee members to assess strength of controls without reading report Management may ignore areas of weakness or good practice Powerful communication tool Does not include recommendations, instead agreed management actions • How can we communicate risk and opportunity in a way people are going to understand? • How can we drive action from audit reports? • How can we change the perception of an internal audit from a tick-box exercise to one where it drives cultural change? !Think carefully before putting a scale in the audit report
  • 19. Mistake #4: Not investing in auditors
  • 21. “Quality people are the needle and thread, stitching the whole end-to- end together. To do this you have to be a good communicator and influencer who can quickly build respect and credibility. People who can truly do this are very thin on the ground.” Leading quality in the 21st Century – CQI & Oakland research report
  • 22. Mistake #5: Poor follow up activity
  • 23. Implementing Risks & Opportunities Remember to follow-up on any audit findings See all findings as an opportunities for improvement. Discuss and report your finding at senior level. ? What action did you take to address a problem? ? Did you carry out any trend analysis? ? How can you prevent a NCF from occurring again? ? How effective were your corrective and preventative actions? ? Have you updated your Risk register?
  • 24. Response needs context Discipline Organisation Philosophy Continuous improvement Daily improvement Standup 5s Kaizen events Improvement projects A3 management DMAIC Low Time commitment, level of complexity & resources High
  • 25. Example of 5s Performance & Grading Grid STEP 1 – (Sort) ORGANISATION Seiri STEP 2 – (Set in order) ORDERLINESS Seiton STEP 3 – (Shine) CLEANLINESS Seiso STEP 4 – (Standardize) STANDARDISATION Seiketsu STEP – (Sustain) DISCIPLINE Shitsuke A cluttered workspace with many unneeded items in random locations. Haphazard No organisation. Essential items are lost in the clutter Dirty area with no evidence of systematic cleaning No evidence of a documented routine No evidence of management, monitoring or support Some unneeded items remain. Somewhat easier to find needed items Some organisation of items. All locations not dedicated. Some visual clues Area is generally clean. Routine not in evidence. Inspection not part of routine Procedures exist but not evident in workplace. Inconsistently applied Visual measures of 5s performance posted Only needed items remain but quantities required are not defined All items neatly arranged. Dedicated locations and visual cues Cleaning and inspection of equipment clearly in evidence Procedures in place and beginning to be practiced Continuous improvement process in place. Evidence of follow-up management Only the bare essentials remain. Only defined quantities of items evident A visual work environment. "A place for everything and everything in its place" A spotless, inviting environment. Attention to detail obvious Clearly defined, effective cleaning process is in constant use Primary focus is prevention. Standards constantly being upgraded 1 POOR 2 3 4 EXCELLENT LEVEL
  • 27. The art of data storytelling • Use reports to paint a picture of the business • Develop a flexible approach to dashboards • From many data systems to snapshots of an individual process step
  • 28. The auditing landscape 1. Collect risk and opportunity data 2. Audits 3. Risk treatment  Internal issues, NCRs, training  Macro-environmental changes  Inspections  Policies & documentation  Process reviews  Culture health checks  Department audits  Risk and opportunity identification  Reports  Business continuity  Workflows / CAPA  Business improvement
  • 29. Let data be the guide • Descriptive statics: • Variance • Range • Standard Deviation • Histograms • Good for Qualitative , discreet data, understanding the variations • Pareto Analysis • Value Stream Mapping • Fishbone Analysis using the 6Ms
  • 31. Aizlewood’s Mill, Nursery Street, Sheffield S3 8GG +44 114 282 3338 info@qualsys.co.uk

Editor's Notes

  1. Intro
  2. Why I am here today: - 4 Years at Qualsys - 10 years in heavily regulated financial sector where independent auditors and pension regulators would be in every fortnight. - External audit Internal Audits - Regulator Audits Independent Trustee Audits Financial (forensic) audits - 3 day audits, Have one week to prepare. One weeks notice. Sit in a room and it would be like an exam. - Internal management systems and process audits – when they are evaluating the business as usual activity – is what we’ll talk about today At Qualsys, role involves: Ensuring organisations have inspection-ready management systems wide variety of standards and regulations Implement management systems, Audit Manager - audits are working and performance can be seen.
  3. Our experience with established customers We have to be mindful and support auditors across a number of industries Number of regulators Number of standards and certifications An the number is only growing…….
  4. World is changing to digital and more regulations - These days, our economies are highly digitised and heavily-regulated. Q - Community of 20,000 quality professionals: “What is your main business challenge?” - In the past year alone you can see the shift from ISO to security. It’s all about cybersecurity, data protection, privacy impact assessments, preventing hacks, risk mitigation. All about the world wide web and how we can utilise new technologies such as AI, IoT, BI and online to add value, but equally prevent customer issues. But our internal audit processes are struggling to keep up. All too often it’s too late. We can do all the risk assessments and business continuity planning we like, but there are completely new territories Difficult to see and identify new possible risks, threats and vulnerabilities to our business. This leads to consequences ……………
  5. Its catching up with everyone These are just some of the examples of the risks e.g. pret supplier audits, facebook data breach, ethical failures etc, NORSK HYDRO (NORWAY) – SHUT DOWN BY RANSWOMWARE – MANUAL OPPERARTIONS Extreme case of poor supplier audits Carrilion – Poor effective internal auditing THEY MISSED THE RED FLAGS (problem contracts) 2800 people redundant There's never been a greater need for our internal management system to be performing but more importantly… KNOW they are performing better
  6. Internal audits are incredibly expensive. They take vast amounts of time, energy and resource. Q - In an IIA survey of SMEs (200) and global enterprise (50000) sized organisations, nearly 70% of internal audit assignments take more than 15 days to compile. INSTITUE OF INTERNAL AUDIOTRS TREND - These organisations had multiple auditors. We have one customer (Yazaki) who has over (140) auditors operating in over 42 countries. That’s a significant amount of investment on the upkeep of your management systems. So why are we doing audits? What’s the purpose? …
  7. Why is auditing internal management systems so valuable? Finding what you cant see. HIGHLIGHT OPPS- OPPS ARE EASY – PEOPLE UNDERSTAND WHAT THEY MEANS AND ARE BETTER PRACTICED AT FINDING THEM AS THEY AR EMORE REALTABLE TO THEIR DIRECT BENEFITS- EXAMPLE OF CUSTOMER OPP - Rawsons case study (increased audit activity up 80% from last year. RISK ARE DIFFERENT _ EXAMPLE OF CUSTOMER AUDIIT RISK – Case study – PICK ONE Experienced lead auditors know that traditionally there have been six basic tenets of auditing based on the following concepts. 1 – Integrity 2 – Fair presentation 3 – Due professional care 4 – Confidentiality 5 – Independence 6 – Evidence-based approach ISO 19011:2018 adds a seventh principle focused on using the risk-based approach in auditing: 7 – Risk-based approach The definition of risk presented in ISO 19011:2018 aligns with the concept of risk-based approach in ISO 13485:2016 clause 4.1.2(b).  This ISO 13485:2016 requirement instructs organizations to apply a risk-based approach in deciding how to control their QMS processes. ISO 19011 follows a similar tack in suggesting the application of risk-based measures across all aspects of auditing – from your overall audit program management through the planning and performance of an individual audit and into auditor competence. So do we think the process is broken? Or challenged?........
  8. Why Is auditing Internal Management Systems so important – EASY TO LOSE SIGHT OF THE BIGGER PICTURE SPEAK ABOUT BOTH OPPS AND RISKS Gives bird’s eye view of the organisation Diversity of audit assignments (insights) Opportunity to leverage scepticism / curiosity / experience People factor – engagement/ buy-inn / adoption / ownership Opportunity to grow and evolve So why do people (auditors/auditee) find it so challenging?..............
  9. So why do organisations struggle? ITS AN INDUSTRY CHALLENGE – IT HAPPENS EVERYWHERE Why do people/auditees feel reluctant to support audit activities? (EYES ROLL, IM OUT THE OFFICE THAT DAY, JOKES, ETC) - However, attitude towards audits is often bad. That’s an industry-wide issue. - It’s preventing business from making the most of audit opportunities and risk management. Remove the word audit and call them reviews. Audit has negative connotations of trying to catch you out, being judgey, lacking empathy…..
  10. Tone/Language supports the challenges we have in place - Survey of Quality proffesionals from a couple of years ago Overly bureaucratic… the message from industry is that auditing is a bad thing and we don’t like them. - It’s a big thing for you to challenge because its everywhere. - How are you going to get the data and the information you need to be able to show the rest of the organisation that they need to facilitate you to get the results you need? - TURN IT INTO A LEARNING OPPURTUNITY Here are some of the mistakes we’ve come across to lead to this feeling/perception…
  11. Internal Audits scope and manage lots of moving pieces, its often easy to overlook the simplest element – COMMUNICATION MIS (MANAGEMENT INFORMATION SYSTEMS) Training Institute (MISTI) is the international leader in process audit, IT audit and information security training 4 bad communication habits STOP RELYING ON EMAIL – use for routine tasks and ongoing activities – NOT FOR TRAINING WHERE CONTNET CAN BE MMISINTERPETED ANTICIPATE YOUR STAKEHOLDERS NEEDS– not all information is equal to everyone (don’t waste time on bad information) KEEP ALL MEETINGS SHORT AND ON TOPIC – exit meeting should be to obtain final consensus on raised issues and agreement on action plans NOT to talk about the audit again – DO YOUR HOMEWORK REMOVE ALL TECHNICAL JARGON – (e.g. HIGH-RISK CONTROL, risk appetite, CAPA,) Your audience may not understand or have different acronyms they follow https://misti.com/internal-audit-insights/four-communication-tips-to-increase-internal-auditor-effectiveness
  12. Map it out – be visual COLLECT THE DATA. Collect risk data using Kiosk, risk suggestions, auditing applications, issues, NCRs, CAPAs. Too many organisations expect you to simply pull this data from thin air. You need to start by collecting data from on the ground. Macroenvironmental changes – things like all of your regulatory requirements in a single system WORK WITH THE PEOPLE - Then you plan, schedule, undertake the audits MAKE THE BUSINESS BETTER - Then you implement the risk treatment strategy Different types of auditors are: management system audits, process audits, quality audits, supplier audits etc Our customers are conducting internal audits all the time! But it’s now a natural part of the process and part of the CHANGING culture.
  13. HABIT, HABIT, HABIT – Habits are hard things to break? if you ask the same questions you will get the same answers. You end up going into this loop where you are bringing up the same old issues time and time again and nothing gets done about it. OR WORSE THINGS GET MISSED! You need to think – where is my auditing process failing? Is there different source of data you need access too? GOOD EXAMPE OF CLASSIC AREAS BEING OVERLOOKED – MARKETING? - In the field of marketing technology systems, the number of martech companies has risen from under 1,000 to over 5,000 platform (2000%), data and software providers in just 3 years. On average, 49% of companies are currently using marketing automation and the sector is soon expected to be worth more than 5 billion a year. The field of artificial intelligence (AI) is expected to be worth £16 billion by 2022, growing at a compound annual growth rate of 63% from 2016 to 2022. One of the issues holding back an even greater rate of growth is data hygiene, which is seen as a primary concern for those investing in marketing automation. Do you know what data your marketing team have on customers and how they are using, maintaining that data? Is it inline with the GDPR?
  14. Auditing is an art, it takes practice and experience to get the balance right. In my experience there are three types of auditors. 1) The first are those which are over friendly. They don’t look at the detail. They skim the facts and don’t make recommendations which feel like they are of any value. 2) The second are rigid. They are direct, trying to catch you out, leave you feeling unprepared. 3) The best auditors are transparent and collaborative. They know how to balance the right amount of detail with professionalism. They give you an overview of areas they want to cover, it’s not an exam, both parties leave feeling motivated and as if they’ve learned something. THIS IS ALSO THE SAME FOR THE AUDITEE
  15. PUT THE COMPANY FIRST – WHAT IS CRITICAL TO THE ORGANISATION AND WHY DO THESE AUDIT MATTER Better insights, better understanding of the internal cultures It’s about identifying risks and opportunities, and using this to generate revenue for your company. SPOT THE RED FLAGS
  16. Consistent Approach to audits: In order to compare results of audits, the input and output need to be consistent; i.e. Same area to be audited on regular occasions. This will allow trends and causes and effects (improvements) to be seen. Try and audit in Odd numbers – 3 or 5 examples of the item(s) in question – this allows a fair representation to be taken and seen. Remember that one-off issues will always happen – look for patterns. Having said that, having audits who different techniques is a benefit! Experience of Auditors The experience of auditors is important – inexperienced auditors ‘could’ have the wool pulled over their eyes. An understanding / awareness of the audit area(s) is hugely beneficial. Experienced auditors will provide hints, tips and guidance, especially if you know how to listen ask the right questions. Experienced Auditees Remember though that the experience and approach of an auditee is important too: Own your work and the area being audited. Be polite and open. Don’t offer more information Don’t be intimated Don’t be afraid to answer questions. FOR BOTH AUDITORS AND AUDITEES USE AUDITS AS AN OPPORTUNITY TO LEARN
  17. DIFFERENT APPROACHES HELP RAISE DIFFERENT OPPS/RISKs – mix n match INSPECTIONS Time to act – moving to inspections more visual and responsive – GO TO GEMBA ‘THE ACTUAL PLACE’ INSPECTIONS LET YOU SLEEP AT NIGHT (STAGE 1 PREP e.g. Data physical security, H&S, Equipment checks, etc) Risk Mitigation for process creep AUDITS STAGE 2 – SHOW WHY AND PROVE IT Risk Prevention for business creep
  18. MISTAKE 3 – THIS INCLUDES THE OUTPUTS OF YOUR AUDITS You need a consistent way to report so you can compare and trend performance over time. ‘You cant manage what you cant measure’ AND ‘If you cant measure it, you cant improve it’ PETER DRUCKER ‘Management thinker’ – you don’t know if you are being successful (risk and opps) unless success is defined. SCALE = PERFORMANCE OF AUDITS ACROSS THE BUSINESS e.g. Sodexo Astrazeneca, MonoSol – Plants who raise the most substantiated H&S observations are rewarded
  19. Good audits are NOT possible without good auditors. Audits are a valuable activity. They enable organisations to pick up positive trends, good working practices and improve efficiencies as well as highlighting any problems, areas that require review, preventative and corrective actions. What makes a good auditor? Impressive organisation skills A thirst for knowledge A natural affinity and passion for problem solving Communication/People skills Innovation Have the Required Experience. Certifications are key academic qualifications for an auditor. ... Ability to Make Independent Decisions. An auditor's decision should not be wavered or influenced by anyone. ... Auditors Have the Ability to Understand Different Business Needs. ... Dependable. ... Effective Communication Skills
  20. What do the skills look like? Key attributes of an auditor according to PwC 1. Don’t be Shy 2. Be Friendly and Tactful 3. Communicate Carefully 4. Don’t be Arrogant 5. Be a Good Listener 6. Be Careful of Arguments 7. Know Your Laws and Standards 8. Look the Part – you must look professional! FIT THE ENVIROMENT Q – WHAT DO YOU THINK AUDITEE SKILL ARE ? Q. ARE WE INVESTING ENOUGH IN OUR AUDITEES? Best soft skills: Be a Team player – able to share experience/information with the wider team Adaptability – hard to learn but easy to develop in the workplace Resilience – manage defencive employees on their work/areas https://www.morganintl.com/blog/accounting-auditing/top-soft-skills-every-internal-auditor-should-possess/
  21. It’s a very difficult role and these people are in short supply
  22. CHANGE TAKES TIME MYTH - It takes 21 days to make something a habit TRUTH - the European Journal of Social Psychology found it took on average 66 days to form a habit One of things many people forget to do is follow-up on audit activity. So what should we do?
  23. Have a clear purpose and understanding for what happens next? What is important? Are any observation/findings business critical or do they impact the business risk register? How effective were your corrective and preventative actions? – MonoSol!!!!! Lead the way.
  24. Put it all back in context – don’t do it for the sake of it! My main advice would be to make sure the resolution is contextual – it’s not a one-size fits all approach! Make it visual and precise to the business function and stakeholder level – COMMUNICATE AT THE RIGHT LEVEL
  25. Simple & easy to communicate TURN IT INTO A HABIT - MANUFACTURING Sort means that you remove all items from the workplace that are not needed for current tasks Set in order means that you arrange the items that are needed in the area and identify them or label them so that anyone can find them or put them away Shine emphasizes removing the dirt, grime, and dust from the work area Standardize by creating a consistent way of implementing the tasks that are performed on a daily basis including “Sort”, “Set in Order”, and “Shine” Sustain means that the 5S program has a discipline that ensures it’s continued success
  26. 5 MISTAKES: Poor communication Lack of creativity Inconsistent approaches and experience Not investment in Auditors Poor follow up activity USE TECHNOLOGY - GRANT THROTNON – AUDIOTRS OF THE FUTURE https://www.accaglobal.com/content/dam/ACCA_Global/Technical/audit/ea-future-of-audit.pdf Not using technology is almost like defaulting on the quality management system’. Audit in the digital age Audits are not dying yet, but they do need to adapt to the digital age. Businesses and regulations are getting more complex – are auditors trained to deal with it?’ ‘Auditors need to provide insights and contect to enhance the value of audit, and the relevance and attractiveness of the profession’.
  27. KPIs to reflect controls (quality by design) Top ad tailing #1 poor communication and #5 poor follow up activites Focused on the critical risk areas on the management system. Behavioural – Training (THE WHY) Procedural – Make them experts (THE HOW) Technological – Protect them (STOP IT HAPPENING) Configuring KPI dashboards to reflect the most important audit metrics: Risks, opportunities, vulnerabilities, issues, CAPAs, NCRs, Supplier issues, Whistleblowing from staff, I nspection results, etc is critical to making strategic decisions based on data-driven insights. Drill down dashboards helps teams to contextualise information regarding business objectives, testing, activities, qualitative research and business activities. Shift in KPI reporting moving from adaptive dashboard of the future is shifting from broad overviews to granular tactical analysis for specialists in response to viewer requirements.
  28. Map it out – be visual COLLECT THE DATA. Collect risk data using Kiosk, risk suggestions, auditing applications, issues, NCRs, CAPAs. Too many organisations expect you to simply pull this data from thin air. You need to start by collecting data from on the ground. Macroenvironmental changes – things like all of your regulatory requirements in a single system WORK WITH THE PEOPLE - Then you plan, schedule, undertake the audits MAKE THE BUSINESS BETTER - Then you implement the risk treatment strategy There can be: management system audits, process audits, quality audits, supplier audits etc Our customers are conducting internal audits all the time! But it’s now a natural part of the process and part of the culture.
  29. There are lots of options for data analytics and the trick is choosing the right tool for the job. Here are just a few examples of tools and what they are good for.
  30. TURNING RISKS INTO OPPS MAKE SURE YOU PROTECT YOUR EMPLOYEES – The risks and opportunities will most likely come from them – give them a voice Encourage your employees to fail (MAKE IT A LEARNING EXPERIENCE) - Willing to make mistakes fast enough to learn and better the process. Its just as much about the people than the business