Internal Auditing presentation.pptx............

Internal Auditing
With
Integrated Management System

Objective of the Course
Standards, Principles and Definitions
Accreditation & Certifications
Audit

o To gain an understanding of Integrated Management System (IMS).
o Understanding of ISO 9001:2015, EMS and OHSAS Standard basics.
o To learn and practice internal auditing concepts including
- Preparation
- Development of Internal Audit check-lists (and their pros and cons) Auditing
- Auditing
- Process-based Auditing techniques (how to gain objective evidence)
- Auditing behavior (questioning techniques)
- Reporting
- How to implement and follow up corrective actions
Objective of the Course

Objective of the
Course
Audit

What is Quality?
V/s

Quality Assurance
QA is all systematic and planned actions are necessary to provide
adequate confidence that product or service will satisfy the given
requirement for Quality.
Quality Control
QC is the operational techniques and activities that are used to
fulfill the requirements for Quality.

What is
ISO?
 ISO, stands for (International Organization for
Standardization.
Derived from Greek word ‘ISOS’ which meaning equal.
 They officially began operations on 23rd
February 1947, in
Geneva, Switzerland.
 Its is a network of the national standards institutes of 175
countries, one member per country.
 ISO, member in Pakistan: PNAC (Pakistan National Accreditation
Council)

ISO 9001 History
 ISO 9001:1987 First edition was published in 1987 with 20 clauses
 ISO 9001:1994 Second edition was published in 1994 minor Rev.
 ISO 9001:2000 Third edition was published in 2000 (QM Process
Approach)
 ISO 9001:2008 Fourth edition was published on 14th
Nov’08 which
contains no new requirements as compared to the edition 2000
minor Rev.
 ISO 9001:2015 Fifth edition was published in 15th
Sep’15 Quality
Risk based approach.

ISO 9001:2015 Structure Annex SL
1. Scope
2. Normative Reference
3. Terms and definitions
4. Context of the Organization
5. Leadership
6. Planning
7. Support
8. Operation
9. Performance Evaluation
10. Improvement

International
Organization For
Standardization
(ISO)
International
Accreditation
Forum (IAF)
Certification Body
(BV)
Certification
Body

It is a management system that integrates all of an organization's systems and
processes in to one complete framework, enabling an organization to work as a
single unit with unified objectives.
What is an Integrated Management
System
Level 1 - IMS Manual
Level 2 - Standard Operating
Procedures / Policies
Level 3 - Method
Statements
Level 4 - Forms
Standard Operating Procedure is the Level 2 document that
describes the process, work and responsibilities.
Method Statement/Policies are the Level 3 documents that describes
how to perform work or step by step operational instructions.
Level 4 documents are used for record keeping
Records are the filled forms.

Difference between Document & Record

IMS Model

Process
Owner
-Process Owner
Develop DIMS
Document
QA
Department
- QA Review the
Document and
share comments
- Assign Number
for Identification
and Traceability
Process
Owner
-Incorporate
changes and
forward it to QA
QA
Corporate
- Upload the
Same on Online
DIMS
DIMS Documents Develop, Review and Removal

Audit is a systematic, independent and documented process for obtaining audit
evidence and evaluating it objectively to determine the extent to which audit
criteria are fulfilled.
Audit is an independent examination of a quality system
It measures the effectiveness of an organisation's integrated management system
It is a documented and systematic tool
It should be done periodically by independent and qualified people
“Audit" itself is a checking system, NOT a quality inspection
Audit

Audit Criteria: "The set of policies, procedures or other requirements against which collected evidence
is compared".
Audit Evidence: Records, statements of fact or other information.
Audit Findings: "The results of the evaluation of the collected audit evidence against audit criteria".
Auditor: Person with the competence to conduct an audit
Auditee: Organization being audited
Audit Team: One or more auditors conducting an audit, supported if needed by technical experts
Audit Scope: Extent and boundaries of an audit
Audit Conclusions as "The outcome of an audit reached by the audit team after consideration of all the
audit findings"
Audit
Audit Terminologies

Benefits of Internal
Audits
 Provides information for management review
 Demonstrates senior management commitment
 Improves personnel awareness, participation, and motivation
 Provides opportunities for continual improvement
 Increases operational performance
 Identify the root cause of a problem and plan for corrective and
preventive actions with timeline
Audit

1st
Party Audit or Internal Audit:
Internal audits are conducted by, or on behalf of the organization itself.
2nd
Party Audit:
2nd
Party audits are conducted by parties having an interest in the
organization, such as customers.
3rd Party Audit or External audits:
3rd
Party audits are conducted by external independent organizations such as
SGS, Moody & BV. Such organizations provides certification or registration of
conformity with requirements such as those of ISO 9001:2015, EMS. Etc…
Audit
Types of Audits
Pre-Qualification Audits
Vendors Audits
Client Audits

Auditor’s Competency
Knowledge:
Audit procedures
 Audit principles
 Audit techniques
 Audit activities
 ISO 9001:2015 standard
Skills:
Apply audit principles, procedures and
techniques
 Plan and organize work effectively
 Conduct audit within agreed time
schedule
 Collect audit evidence
 Verify accuracy of collected information
 Use work documents to record audit
activities
 Keep audit confidential & Maintain
security of information
 Communicate effectively
Personal Attributes:
Ethical – fair, truthful, sincere and honest
Open-minded – willing to consider alternative
ideas
Observant – aware of surroundings and activities
 Perceptive – instinctively aware of and
understands situations
Versatile – be able to adjust to different
situations
Decisive – reaches timely conclusions
Audit

Yearly Audit
Schedule
- Checklist
- Audit Team
- Previous Audit Results
Audit Plan
- Audit Date
- Methods
- Criteria
Audit Management
- Review Non-Conformance
- Report Progress
- Resolve Conflicts
- Manage Schedule
Audit Reporting
- Summary Report
- CARs Issuance
Audit
Overview of Audit Activities

 Opening Meeting
The agenda of Opening Meeting included:-
 Introduction
 Confirm the objective, scope and criteria
 Explain the summary of audit activities
 Advise that audit findings will be on a sample taken.
 Explain how findings will be categorized (non.-conformities, etc)
 Check availability of facilities.
 Agree arrangements for the closing meeting
 Invite questions for clarification.
 Closing Meeting
 Thanks to Auditees for arrangements
 Agreement on Raised CAR / Non-Conformance
Audit
Conducting On-site Audit

Audit
Audit Strategies
 Forward Trace
- Moving the process flow i.e. starting from first activity of
the section
 Backward Trace
- Moving against the process flow i.e. starting from the last
activity of the department/section
Which one to be adapted?

Audit
Compliance
The Manual, Procedures and other operational documents should meet ISO
9001:2015 requirements and evidence of implementation should be
available in the first form of documents or physically
Non Compliance
Non-fulfillment of any requirement
Observation
Observation may be obtained through any of the following methods:
• Seeking objective evidence that the system is functioning as
prescribed.
• Samples taken of the system will allow the auditor to obtain the
required evidence.
• Both positive and negative (Area for Improvement) observations are
recorded.
• Notes made by an auditor during assessment may lead to non-
compliance being raised or to provide information for the audit report.
• Notes provide Objective Evidence back-up.

Audit
Audit Reporting
Non-Conformity Report / Corrective Action Request
This report is used to specify a single non-conformance and usually consists of four
parts
 Non-compliance Section
 Root Cause
 Corrective Action
 Follow-up
Depending upon the nature of the non-compliance, the follow-up can be done in
different ways
- Document review only
- Site visit
- Verification at next audit
- In Management Reviews
 What is the Problem?
- Describe clearly, concisely and factually
 Why is it a non-compliance?
- i.e. against what requirement
 Where did it occur?
- i.e. which department or activity
 Who? – avoid appointing blame
- (i.e. naming individuals)

Audit
Audit Reporting
Audit Summary Report
Should contain following information:
 Description of audit objectives, scope, and criteria
 Number and details of non-conformities
 Summary of audit findings (both positive and
opportunities for improvement)
 Recommendations made as a result of audit findings
 Signature by the Lead Auditor

Conclusions
Nobody likes to be Audited………..
But
It is a means to have Continual Improvement
And
It is a requirement for ISO Certification

Internal Auditing presentation.pptx............

Internal Auditing presentation.pptx............

More Related Content

Similar to Internal Auditing presentation.pptx............

More from SaifRehman744965

Recently uploaded

Internal Auditing presentation.pptx............