ISO 9001 2015 version Quality Management System

ISO 9001 : 2015* New version
3 Main reason the changes of standard
 Process Review from technical committee TC 176
- Aims to ensure conformity of standard with changes and development of the
industry
- Held a minimum of 5 years
 Input from System Users
- survey result and questionnaire
- Include recommendations given by the user from result of interpretation process
 Trend
- To adjust with development in management system field

Objective of ISO 9001:2015
 To provide a consistent framework for the next 10 years
 To be quite generic, but still relevant to all types and sizes of organizations, regardless of their industry or sector
 To keep the focus on effective management processes in order to achieve the desired results
 To account for major changes in the implementation of QM and technology since the last revision in 2000
 To reflect the changes in the working of the increasingly complex and dynamic environment in which the
organization operates
 To apply a uniform structure, the core text and definitions set out in Annex SL of Directive ISO (High-Level
Structure) to ensure compatibility with other ISO management system (eg ISO 14001)
 To facilitate the effective implementation within the organization
 To use a term more simple terms to ensure a common understanding and consistent interpretation of the
requirements

ISO Standard Annex SL
Annex SL
• High-level structure
• Identical core text
• Common terms and core definitions
Annex SL (High-level structure)
Introduction
1. Scope
2. Normative references
3. Terms and definitions
4. Context of the organization
5. Leadership
6. Planning
7. Support
8. Operation
9. Performance evaluation
10. Improvement
Appendix
Bibliography
10
Action
4, 5
6, 7
Plan
9 8
Check Do

ISO 9001 : 2015 Timeline
2013 2014 2015
June 2013 CD
(committee Draft)
April 2014 DIS
(Draft International
Standard)
July 2015 FDIS
(Final Draft International
Standard)
September 2015
Published
International Standard

ISO 9001 : 2015
Transition Timeline
2015 2016 2017 2018
September 2015
Published International
Standard
September 2015 start of 3 years transition period to
September 2018

Main Changes – ISO 9001 : 2015
a) Changes in terminology
b) Organizational context
Two new clause relating to the organization 4.1 Understanding the organization and its
context and 4.2 Understanding the needs and expectation of interested parties that requested
the
Organization to determine the issues and requirements that may affect the planning of the
Quality management system and can be used as input into the development system quality
management
ISO 9001:2008 ISO 9001:2015
Products Products and services
Exclusions NOT USED
Management Representative NOT USED
Documentation, quality manual,
documented procedures, records
Documented information
Work environment Environment for the operation processes
Monitoring and measuring equipment Monitoring and measuring resources
Purchased product Externally provided products and services
Supplier External provider

Main Changes – ISO 9001 : 2015
d) Risk and Preventive Action
Clause concerning preventive action (8.5.3) is replaced with risk identification requirements
(clauses 4.1 and 6.1) aims to make the concept of prevention in the development and
implementation based on the thinking and approach to risk
e) Documented information (Information documented)
Changing the terms of ducuments and recordings with Documented information
f) Control of external provision of products and services
Clause 8.4 clearly require organizations controlling the supply of goods and services from
outside the company either purchases from jsuppliers, through contrac with corporate partners,
through the outsourcing process or by other means.
g) Quality Manual: Specifications on the contents of the quality manual still apply, but there are
no specific requirements concerning it. (sub-clause 4.4, sub-clause 7.5).
h) Management representative : there is no specific requirement for MR

ISO Requirement
ISO 9001 : 2008 ISO 9001 : 2008
1. Scope
4. Quality Management System
5. Management Responsibility
6. Resource management
7. Product Realization
8. Measurement, Analysis and
Improvement
1. Scope
5. Leadership
6. Planning
7. Support
8. Operation
10. Continual improvement
Annex A (informative) Clarification of new
structure, terminology and concepts
Annex B (informative) Other International
Standards on quality management and quality
management systems developed by ISO/TC 176

ISO 9001 :2015
1. Scope
4.1 Understanding the organizational and its context
4.2 Understanding the needs and expectation of
interested parties
4.3 Quality management the scope of the quality
management system
4.4 Quality management system and its processes
5. Leadership
5.1 Leadership Commitment
5.1.1 General
5.1.2 Customer Focus
5.2 Policy
5.2.1 Establishing the quality policy
5.2.2 Communicating the quality policy
5.3 Organizational roles, responsibilities and
authorities
6 Planning for the quality management system
6.1 Actions to address risks and opportunities
6.2 Quality objectives and planning to achieve them
6.3 Planning of changes
7 Support
7.1 Resources
7.1.1 General
7.1.2 People
7.1.3 Infrastructure
7.1.4 Environment for the operation of processes
7.1.5 Monitoring and measuring resources
7.1.6 Organizational knowledge
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented information
7.5.1 General
7.5.2 Creating and updating
7.5.3 Control of documented information
next slide : clause 8,9,10

ISO 9001 :2015
8 Operation
8.1 Operational planning and control
8.2 Requirements for products and services
8.2.1 Customer communication
8.2.2 Determination of requirements for product
and services
8.2.3 Review of requirements for products and service
8.2.4 Change to requirements for product and service
8.3 Design and development of products and services
8.3.1 General
8.3.2 Design and development planning
8.3.3 Design and development inputs
8.3.4 Design and development controls
8.3.5 Design and development outputs
8.3.6 Design and development changes
8.4 Control of externally provided products and services
8.4.1 General
8.4.2 Type and extent of control of external provision
8.4.3 Information for external providers
8.5 Production and service provision
8.5.1 Control of production and service provision
8.5.2 Identification and traceability
8.5.3 Property belonging to customers or external providers
8.5.4 Preservation
8.5.5 Post-delivery activities
8.5.6 Control of changes
8.6 release of products and services
8.7 Control of nonconforming process outputs
9.1 Monitoring, measurement, analysis and evaluation
9.1.1 General
9.1.2 Customer satisfaction
9.1.3 Analysis and evaluation
9.2 Internal audit
9.3 Management review
9.3.1 General
9.3.2 management review inputs
9.3.3 Management review outputs
10. Improvement
10.1 General
10.2 Nonconformity and corrective action
10.3 Continual improvement

Definition of risk according to “ISO 9001”
Risk = Effect of uncertainty on an expected result
Note 1: An effect is a deviation from the expected situation – positive or negative.
Note 2: Uncertainty is the state, even partial, of deficiency of information, related to
understanding or knowledge of an event, its consequences or likelihood.
Note 3: Risk is often characterised by reference to potential events and consequences, or a
combination of these.
Note 4: Risk is often expressed in terms of a combination of consequences of an event
(including changes in circumstances) and the associated likelihood of occurrence.
Note 5: The term “risk” is sometimes used when there is only the possibility of negative
consequences.

Risk based thinking
 This concept included in the standard ISO 9001:2015
 Is essential to achieve an effective quality management system
 Risk based thinking is something we all done automatically and often
unconsciously
 The concept of risk-based thinking has been implied in previous editions, for
example in preventive action to eliminate potential nonconformities, analyzing
every nonconformities that occures, and take measures to prevent recurrence
 In the 2015 version of this concept is made more explicit
 To conform to the requirement of this standard, organizations need to plan and
implement measures to address the risks and opportunities

ISO Requirement (ISO 9001:2015)
ISO 9001:2008
5.1 Management commitment
5.2 Customer focus
5.3 Quality policy
5.4 Planning
5.5 Authorities, Responsibility
and communication
5.6 Management Review
ISO 9001:2015
5. Leadership
5.1 Leadership and commitment
5.2 Policy
5.3 Organization roles, responsibilities and
authorities
Communication 7.4 9001:2015
6. Planning
6.2 Quality objectives and planning to achieve
them
Management Review on clause 9.3
9001:2015

ISO 9001:2008
5.4 Planning
ISO 9001:2008
6. Planning
them

ISO 9001:2008
6. Resource Management
6.1 General
6.2 Human Resource
6.3 Infrastructure
6.4 Work Environment
ISO 9001:2008
7. Support
7.1 Resource
7.2 Competence
7.3 Awareness
7.4 Communication
Klausul 4.2.3 dan 4.2.4 ISO 9001:2008

ISO 9001 : 2015
7. Support
7.1 Resources
7.1.1 General
7.1.2 Infrastructure Klausul 6.3 ISO 9001:2008
7.1.3 Process environment Klausul 6.4 ISO 9001:2008
7.1.4 Monitoring and measuring devices Klausul 7.6 ISO 9001:2008
7.1.5 Knowledge Klausul 6.2.1 and 6.2.2 ISO 9001:2008
7.2 Competence Klausul 6.2.1 and 6.2.2 ISO 9001:2008
7.3 Awareness Klausul 6.2.2 ISO 9001:2008
7.4 Communication Klausul 5.5.3 ISO 9001:2008
7.5 Documented information Klausul 4.2.3 dan 4.2.4 ISO 9001:2008
7.5.1 General
7.5.3 Control of documented Information

ISO 9001:2008
7. Product Realization
7.1 Planning of product realization
7.2 Customer-related processes
7.3 Design and development
7.4 Purchasing
7.6 Control of monitoring and
measuring equipment
ISO 9001:2008
8. Operation
8.2 Determination of market needs and
interaction with customers
8.3 Operational planning
8.4 Control of external provision of goods and
services
8.5 Development of goods and services
8.6 Realization of goods and services
8.7 Release of goods or services
8.8 Nonconforming goods and services

8. Operation
8.1 Operational planning and control Clausal 7.1 ISO 9001:2008
8.2 Determination of market needs and interactions with
Customers
8.2.1 General
8.2.2 Determination of requirements related to the goods and services
8.2.3 Review of requirements related to the goods and services
Same with Clausal
7.2 ISO 9001:2008

8.3 Operational planning Clausal 7.1 ISO 9001:2008
8.4 Control of external provision of goods and services
8.4.1 General
8.4.3 Documented information for external providers
8.5 Development of goods and services
8.5.1 Development processes
8.5.2 Development controls
8.5.3 Development transfer
Clausal 7.4 ISO
9001:2008
Same with Clausal
7.3 ISO 9001:2008

8.6 Realization of goods and services
8.6.1 Control of production of goods and provision of services Klausul 7.5.1&2
8.6.2 Identification and traceability Klausul 7.5.3 ISO 9001:2008
8.6.3 Property belonging to customers or external providers Klausul 7.5.4
8.6.4 Preservation of goods or services Klausul 7.5.5
8.6.5 Post delivery activities Persyaratan berkaitan dengan pasca delivery
8.7 Release of goods or service Klausul 8.2.4 ISO 9001:2008
8.8 Nonconforming goods and services Klausul 8.3 ISO 9001:2008

ISO Requirement
ISO 9001:2008
8. Measurement, analysis and
improvement
8.1 General
8.2 Monitoring and measurement
8.3 Control of nonconforming
product
8.4 Analysis of data
8.5 Improvement
ISO 9001:2008
9. Performance
9.1 Monitoring, measurement, analysis and
evaluation
9.2 Internal audit
9.3 Management review
10. Improvement
10.2 Improvement

ISO Requirement
Tambahan Annex mengenai Quality management systems dalam ISO 9001:2008 akan tetapi ada
perubah menjadi 7 Prinsip Management System
8 Prinsip
Sistem manajemen Pada
ISO 9000:2005
7 Prinsip
Sistem manajemen Pada
ISO 9001:2015
QMP 1 – Customer focus
QMP 2 – Leadership
QMP 3 – Involvement of people
QMP 4 – Process approach
QMP 5 – System approach to management
QMP 6 – Continual improvement
QMP 7 – Factual approach to decision making
QMP 8 – Mutually beneficial supplier relationships
QMP 1 – Customer focus
QMP 2 – Leadership
QMP 3 – Engagement of people
QMP 4 – Process approach
QMP 5 – Improvement
QMP 6 – Evidence-based Decision Making
QMP 7 – Relationship Management

Internal Audit Training ISO 19011 : 2011
Mobilitat
Und Verkehr
Anlagentechnik
Energie
Und umwelt
Produktiqualitat
Zertifizierung
Von Systemen
Consulting
Mensch
Und Arbeit
International
Welcome to
Management
System Audit
Training

Mobilitat
Und Verkehr
Anlagentechnik
Energie
Und umwelt
Produktiqualitat
Zertifizierung
Von Systemen
Consulting
Mensch
Und Arbeit
International
Requirement Review

ISO Standard Annex SL
Annex SL
• High-level structure
• Identical core text
• Common terms and core definitions
Annex SL (High-level structure)
Introduction
1. Scope
5. Leadership
6. Planning
7. Support
8. Operation
10. Improvement
10
Action
4, 5
6
Plan
9 7, 8
Do
Check

ISO 9001:2015 and ISO 14001:2015 Certification
Transition Timeline
2015 2016 2017 2018
September 2015
Published International
Standard
Plan :
September 2015 start of 3 years transition period to
September 2018

P-D-C-A Cycle of ISO 9001:2015
Support &
Operation
(7, 8)
Planning
(6)
Leadership
(5)
Performance
Evaluation
(9)
Improvement
(10)
Quality management System (4)
Customer
satisfaction
Result of
The QMS
Products
And services
Organization
And
It’s context
(4)
Customer
requirement
Needs
And
Expectation
Of
Interested parties
(4)

ISO 9001:2015 Requirement
1. Scope
4.1 Understanding the organization and its
context
4.2 Understanding the needs and expectations of
interested parties
4.3 Determining the scope of the quality
management system
4.4 Quality management system and its processes
5. Leadership
5.1 Leadership Commitment
5.1.1 General
5.1.2 Customer Focus
5.2 Policy
5.2.1 Developing the quality policy
5.2.2 Communicating the quality policy
5.3 Organizational roles, responsibilities and
authorities
6. Planning for the quality management system
6.1 Actions toaddress risks and opportunities
them
7. Support
7.1 Resources
7.1.1 General
7.1.2 People
7.1.3 Infrastructure
7.1.4 Environment for the operation of
processes
7.1.5 Monitoring and measuring resources
7.1.6 Organizational knowledge
7.2 Competence
7.3 Awareness
7.4 Communication
7.5.1 General
7.5.3 Control of documented information
Next slide : clause 8, 9, 10

ISO 9001:2015 Requirement
8. Operation
8.2 Requirements for products and services
8.2.2 Determination of requirements related to products
and services
8.2.3 Review of requirements related to products and service
8.2.4 Change to requirements for product and service
8.3 Design and development of products and services
8.3.1 General
8.3.2 Design and development planning
8.3.3 Design and development Inputs
8.3.4 Design and development controls
8.3.5 Design and development outputs
8.3.6 Design and development changes
8.4 Control of externally provided products and services
8.4.1 General
8.4.3 Information for external providers
8.5.1 Control of production and service provision
8.5.2 Identification and traceability
8.5.3 Property belonging to customers or external providers
8.5.4 Preservation
8.5.5 Post delivery activities
8.6 Release of products and services
8.7 Control of products and services
9.1 Monitoring, measurement, analysis and
evaluation
9.1.1 General
9.1.2 Customer satisfaction
9.1.3 Analysis and evaluation
9.2 Internal audit
9.3 management review
9.3.1 General
9.3.2 Management review inputs
9.3.3 Management review outputs
10. Improvement
10.1 general
10.3 Continual Inprovement

Mobilitat
Und Verkehr
Anlagentechnik
Energie
Und umwelt
Produktiqualitat
Zertifizierung
Von Systemen
Consulting
Mensch
Und Arbeit
International
INTRODUCTION TO
INTERNAL AUDIT
 Definition of Audit
 Type of Audit
 Internal Audit
 Internal Audit Objectives
 Benefits of Internal Audit

AUDIT (ISO 19011)
‘A systematic, independent and
documented process for obtaining audit
evidence and evaluating it objectively to
determine the extent to which agreed
criteria are fulfilled.’

AUDIT (ISO 19011)
Audit Evidence
Records, statements or facts or other information which are relevant
to the audit criteria and verifiable.
Audit Criteria
Set of policies, procedures or requirements
used as reference.

• FIRST PARTY
• SECOND PARTY
• THIRD PARTY
TYPE of AUDIT
TYPE of AUDIT
By organization
Its self
Independent
Supplier Audit
3rd
party
1st
Party
2nd
party

INTERNAL AUDIT
ISO 9001 requirement (9.2) :
• Audits shall conducted at planned intervals
• Considers the status and importance of the processes and areas to be audited
• There shall be a procedure that regulates the internal audit
• The auditor shall not audit their own job
• Audits shall be objective and impartial
INTERNAL AUDIT Objectives
Internal audit is done to ensure that the management system :
• Implemented (according Procedures / WI)
• As per the requirements of the standard (eg ISO 9001)
• Effectively implemented and maintained
• Audit should also find improvement potentials

INTERNAL AUDIT BENEFIT
Why need an audit?
To see a different
Perspective and
Accurately what is
Going on in an
organization
Another benefit:
• Opportunities for improvement
• Maintain consistency of staff
• Assist the development of the
ability of auditors
• Assist the auditor in
understanding the company
• Preparation of external audit
• As a management tool

Mobilitat
Und Verkehr
Anlagentechnik
Energie
Und umwelt
Produktiqualitat
Zertifizierung
Von Systemen
Consulting
Mensch
Und Arbeit
International
AUDIT PRINCIPLES
AND AUDITOR
COMPETENCE
 Audit Standard
 Principle of Auditing
 Auditor competence

Audit Standard Guidelines
ISO 10011-1:1990
ISO 10011-2:1991
ISO 10011-3:1991
Quality
TC 176
(Quality managemen
& quality assurance)
Environmental
TC 207
(Environmental
Management)
ISO 14010:1996
ISO 14011:1996
ISO 14012:1996
ISO 9000:2005
Fundamentals &
Vocabulary ISO 19011:2002
Guidelines for quality and / or environmental management systems auditing
ISO 19011:2011
(Guidelines for auditing management systems)
Combined Audit
ISO 9001:2008
ISO 14001:2004
OHSAS 18001:2007
Our company
Customer Supplier
ISO 14050:2002
Vocabulary

AUDIT PRINCIPLES (ISO 19011)
 Integrity : the foundation of professionalism
 Fair presentation : the obligation to report truhfully and accurately audit findings,
audit conclusions and audit reports should reflect truthfully and accurately the audit
activities.
 Due profesional care : the application of diligence and judgment in auditing
 Confidentiality : security of information
 Independence : the basis for the impartiality of the audit and
 Evidence-based approach : the rational method for reaching reliable and reproducible
audit conclusions in a systematic audit process

AUDITORCOMPETENCES
Quality Environmental
Quality –
Specific
Knowledge
And Skills
7.3.3
Generic
Knowledge
And Skills
7.3.1 and
Environmental
Specific knowledge
And Skills
7.3.4
Education Work Experience Auditor Training Audit Experience
7.4
Personal Behaviours
7.2

□ Competence of Auditor
General
An internal auditor shall be
Competent,
▪ education ▪ training
▪ work experience ▪ audit experience

Generic knowledge and skills
auditor
 Audit principles, procedures and techniques
 Management system and reference documents
 Organizational situations
 Applicable laws, regulation and other requirements

Lead auditor
 Audit principles, procedures and techniques
 Management system and reference documents
 Organizational situations
 Applicable laws, regulation and other requirements
 Organizing and directing audit team members
 Leading the audit team to reach conclusions
 Preventing and resolving conflicts
 Preparing and completing the audit report

Lead auditor
 Quality terminology (ISO 9000:2015)
 Quality management principles (ISO 9000:2015)
 Quality management tools and their application
 Products, including services and operational processes

Personal attributes
 Fair, truthful, sincere, honest, discreet
 Open minded
 Diplomatic
 Observant
 Perceptive
 Decisive
 Self-reliant

□ Evaluation Method of Auditor competencies
Metode Evaluasi
Review of Records
Positive and Negative
Feedback
Interview
Observation
Testing
Post-audit review
Obyektif
To verify the background of auditor
To provide information on How the
performaance of auditor is perceived
To evaluate personal attributes and
Communication skills, to verify
Information and test knowledge and to
acquire additional information
To evaluate personal attributes and
The ability to apply knowledge and
Skills.
To evaluate personal attributes and the
ability to apply knowledge and skills and
their application
To provide information where direct
observation may not be possible or
appropriate
Contoh
Analysis of records of education,
Training, employment and audit
experience
Survey, questionnaires, personal
references, testimonials, complaints,
performance evaluation, peer review
Face-to-face and telephone interviews
Role-play, witnessed audit, on-the-job
performance
Oral and written exams, psychometric
testing
Review the audit report snd
Discussion with the audit client,
auditee, colleagues, and with the
auditor

Be an Ideal Auditor
• More friendly
• Good listener and communicates well
• Showed a strong interest
• More objective and logical
• Positive view of all things
• Always respond in kind
• Easy to get along with every levels of organization
• Always motivate and provide ideas
• Have a high curiosity
• Understanding technology and new things

Type of Auditor
 Passive
 Aggressive
 Assertive
 Expression of needs, desires, views
and feelings
 Perfect attitude
 Straight to the issue
 Uphold the rights of others
 Work for the satisfaction of all

Auditor should :
 Avoid looking mistake of auditee
 Note the good stuff too
 On time
 Check all processes
 Avoid arguments
 Only audit appropriate requirements agreed
 Respect the confidentiality of company / organization
 Avoid reading Procedure/documents by auditor, ask auditee to explain
 Audit the system rather than individuals
 Record objective evidence.

Example of Matrix of Auditor Competencies
Parameter
Education
Work
Experience
Experience in
Quality and/or
Environmental
Management
Auditor training
Audit
experience
Auditor
Bachelor
5 years
Min of 2 yrs from 5 years
Experience
40 hrs of auditor trainee
4 complete audit with
total of 20 mandays under
Supervision of competent
or lead auditor
Audit should be
conducted within three
years in consecutive
Auditor Q and E
Same as auditor
Same as auditor
2 years in second field
24 hrs in second field
total of 15 mandays as
auditor under
supervision of lead
auditor
Audit should be
conducted within two
years consecutive
Audit team leader
Same as auditor
Same as auditor
Same as auditor
Same as auditor
total of 15 mandays as
Lead auditor under
supervision of other
competent lead auditor
Audit should be
conducted within two
years consecutive

Mobilitat
Und Verkehr
Anlagentechnik
Energie
Und umwelt
Produktiqualitat
Zertifizierung
Von Systemen
Consulting
Mensch
Und Arbeit
International
Managing an audit
programme
 Managing an audit
programme
 Audit Implementation
 Audit Report

Managing the Audit Program
Top management should grant the authority for managing the audit
program :
□ establish, implement, monitor, review and improve the audit
programme,
□ identify the necessary resources and ensure they are
provided
An organization can establish more than one audit program. The audit
program can include audits with a variety of objectives.

Managing the Audit Program
5.2 Establishing the audit programme objectives
5.3 Establishing the audit programme
5.3.1 Roles and responsibilities of the person managing
the audit programme
5.3.2 Competence of the person managing the audit
programme
5.3.3 Extablishing the extend of the audit programme
5.3.4 Identifying and evaluating audit programme risks
5.3.5 Establishing procedures for the audit programme
5.3.6 Identifying audit programme resources
5.4 Implementing the audit programme
5.4.1 General
5.4.2 Defining the objectives scope criteris for an
individual audit
5.4.3 Selecting the audit methods
5.4.4 Selecting the audit team members
5.4.5 Assigning responsibility for an individual audit to
the audit team leader
5.4.6 Managing the audit programme outcome
5.4.7 Managing and maintaining audit programme
records
5.5 Monitoring the audit programme
5.6 Reviewing and improving the audit programme
Competence and
evaluation of auditors
(Clause 7)
Performing an audit
(Clause 8)
PLAN
DO
CHECK
ACT

 Managing the Audit Program
Objectives
These objectives can be based on consideration of:
 Management priorities
 Commercial itentions
 Management system requirements
 Regulatory and contractual requirements
 Need for supplier evaluation
 Customer requirements
 Needs of other interested parties
 Risks to the organization

Resources
When identifying resources for audit program, consideration
should be given to:
 Financial to develop, implement, manage and improve audit
activities
 Audit techniques
 Processes to achieve and maintain the competence of
auditor, and improve their performance
 Availability of auditors and technical experts
 The extent of the audit program
 Travelling time, accommodation, etc

AUDIT INITIATED
AUDIT PLAN
(obj. Scope,
Criteria)
INITIAL VISIT
PREPARE AUDIT DOCUMENTS
BRIEF AUDIT TEAM
CARRY OUT AUDIT
OPENING MEETING
PHYSICAL AUDIT
CLOSING MEETING
RESULT OF OVERALL
PERFORMANCE
CONTINUAL IMPROVEMENT
Finding
CORRECTIVE/
PREVENTIVE ACTION
MANAGEMENT REVIEW VERIFICATION
RESOLVE WITH
AUDITEE
NOT OK
OK
NO YES
YES NO
1ST
party audit
2nd
party
Audit
3rd
party
Lead Auditor,
Auditor,
Expert,
Trainee
Audit Plan,
Audit Checklist
Audit Notes,
NC Report
Audit Report,
AUDIT WORKFLOW

Records
 Individual records
• audit plans
• audit report
• nonconformity report
• corrective action report
• follow up audit report
 Result of review
 Personel records
• auditor competence and performance
evaluation
• audit team selection
• maintain and improve of auditor
competence
Notes:
Records should be
retained and
controlled
with appropriate
security.

Audit Program Monitoring and Reviewing (5.6)
The implementation of the audit program should be monitored and, at appropriate
intervals, reviewed to assess whether its objectives have been met and to identify
opportunities for improvement. The result should be reported to top management.
Performance indicator should be used to monitor charcteristic such as :
• The ability of the audit teams to implement the audit plan
• Conformity with the audit program and schedules
• Feedback from audit clients, auditees and auditors

Audit Program Monitoring and Reviewing (5.6)
The audit review should consider, for example:
• Result and trends from monitoring
• Conformity with procedures
• Audit program records
• Alternative or new auditing practices
• Consistency in performance between audit teams in similar situation

PELAKSANAAN KEGIATAN AUDIT
6.2 Initiating the audit
6.2.1 General
6.2.2 Establishing initial contact with the auditee
6.2.3 Determining the feasibility of the audit
6.5 Preparing and distributing the audit report
6.5.1 Preparing the audit report
6.5.2 Distributing the audit report
6.6 Completing the audit
6.7 Conducting audit follow-up
(it specifed in the audit plan)
6.3 Preparing audit activities
6.3.1 Performing document review in preparation for the audit
6.3.2 Preparing the audit plan
6.3.3 Assigning work to the audit team
6.3.4 Preparing work documents
6.4 Conducting the audit activities
6.4.1 General
6.4.2 Conducting the opening meeting
6.4.3 Performing document review while conducting the audit
6.4.4 Communicating during the audit
6.4.5 Assigning roles and responsibilities of guides and observes
6.4.6 Collecting and verifying information
6.4.7 Generation audit findings
6.4.8 Preparing audit conclusions
6.4.9 Conducting the closing meeting

 Conducting the Audit
Initiating the audit
□ appointing the audit team leader
□ defining audit objectives, scope and criteria
□ determining the feasibility of audit ( audit plan information,
cooperation from auditee, time and resources)
□ establishing the audit team
□ establishing initial contact with the auditee

Conducting document review
The documentation can include relevant management
System documents and records and previous audit reports.
Relevant documents:
 Env Manual
 Env Procedure
 Work Instruction
 External Documents
 Product Standard

Preparing and Conducting the audit
Audit plan :
 Audit objectives
 Audit criteria and documents reference
 Scope, inc.: identification of the organizational and
functional unit and processes to be audited
 The dates and places
 Expected time and duration
 Roles and responsibilities
 Allocation of appropriate resources
 Auditee identification

AUDIT PLAN (SAMPLE)
Company / Auditee PT. XYZ
Audit Objective Check QHSE systems implementation
Audit Location JL. Soekarno Hatta, Bandung
Auditee Representatives MR and Division Head
Audit Scope All Division
Audit Criteria ISO 9001:2015, ISO 14001:2015 dan OHSAS 18001:2007
Date of Audit 2016-06-26 to 2016-06-27
Audit Leader messi (MS) – Lead Auditor
DAY / TIME
AREA / ORGANIZATIONAL
UNIT
AUDITEE AUDITOR RELATED CLAUSES TO QHSEMS
Day One
14:00 – 14:15 Opening Meeting All Team
14:15 – 15:30 Top Managemen MR All Auditor ISO 9001:2015 and ISO 14001:2015
5.1, 5.2, 5.3, 9.3, 10.3
OHSAS 18001:2007
4.2, 4.4.1, 4.6

Preparing and Conducting the audit
The assignment should take into account for:
 Auditor idependence
 Auditor competence
 Effective use of resources as well as different roles and
responsibilities of
• auditor
• auditors-in-training
• technical experts
Changes to the work assignment can be made as the audit progress to
ensure the achievement of the audit objectives.

Preparing work documents
Work documents should be prepared and used by the audit team for
the purpose of reference and recording the proceedings of the audit
and can include:
 Checklist and audit sampling plan
 Form for recording (Corrective Action Request/report)
Work documents, including records resulting from their use, should be
retained, at least until audit completion.
(see element 4.5.5 ISO 14001:2004)

The use of Checklist
 To arrange and manage time during the audit
 To arrange and control the audit scope as agreed plan and
schedule
 To guide in tracing the reference document
 Tools to aid preparing the audit report

Preparation of Checklist
 What – what activities will be checked / verified
 Why – the purpose of the activity (conformity with the target, policy,
procedural, etc..)
 Where – required information related to the implementation of the
activity observed
 When – performance reporting deadlines and completion activities
on target
 Who – person / section / site is responsible for the implementation of
related activities and responsible for follow-up if the target is not
reached
 How – how the rules of implementation, monitoring and
measurement of the activity

 Checklist Sample
Clause Item to check Dokumentation
Implemented
Yes No
Objective
evidence
Status
Mj Mn
Remark
(eg.
Observation)
6.2 Target at purchasing
9.1.2
Monitoring and
Measurement of target
Achievement at
purchasing
5.3
Roles and
Responsibilities at
purchasing
8.4
Planning and process
Implementation at
purchasing
10.2
10.2
Any non-conforming
Incidents at purchasing
Any corrective action
Been done

Opening Meeting
 Introduction of the participants
 Confirmation of the audit objectives, scope and criteria
 Confirmation of the audit time table
 Methods and procedure
 Resources and facilities needed
 Confirmation of matters relating to confidentiality
 Confirmation of availability of relevant personnel

Method of conducting audit
 Asking 5W 1H 1S 1N
 Activity observation
 Document review
 Demonstration / Test

Audit Method : Interview
Use 5W + 1H + 1S + 1N
Why (Mengapa) , Where (Dimana), What (Apa) , When (Kapan) , Who
(Siapa) , How (Bagaimana),
Accompanied by proof / verification result. (Show me)
Do not forget to note the evidence (Note)
Example:
Q: How do you store the flammable material?
A: The materials are stored in a separate and secure area accompanied
adequate warning signs and there is a fire extinguisher
Q: Show me (note / record evidence / observations)

 Open Question:
• general
• not answered by ‘yes’ or ‘no’
• source could be from prepared checklist or
requirements of ISO 9001:2000
 Extended Question:
• source from auditee’s statement responding the open question
 Closed Question:
• closing the questions raised
• used to confirm the facts

 Trace Backward
trace from output to input to know how the output resulted
Example:
tracing the marketing contract and ensure whether the customer requirements
have been fulfilled
 Trace Forward
trace from input to output to know how the input is processed to become the
output.
Example:
From customer complaints or returned product, the production process, inspecting,
material used have to be evaluated.
 Combination

To be recorded
 Date of audit
 Area/Place of audit :
Laboratory, Warehouse, Production, Maintenance, etc.
 Relevant elements of ISO 14001:2004
 Document reference number
 Description of process, product, resources to audited
 Title and date of audited document

Interview Process
1. Identify the person who want you asked
2. Introduce yourself
3. Explain the purpose and objectives
4. Open Questions
5. Ask Detailed answers
6. Ask to ‘show me’
7. See and record the fact
8. Thanks
9. Trail audit

WARNING!
• Not to be interrogator
• Friendly and Objective
• Listening more (75%)
• Avoid trapping, suspect, accusing
or question consecutive

 Character and Audit Situations
• People are argumentative
• Total attack
• Time waster
• Waffles
• People who are love to praise / flatterers
• Senility
• Planned / unplanned Interruptions
• Cool’s Tours and long explanation
• Coffe / lunch break specific cases

Need to remember
• Speak to the person incharge
• Do not shusing
• Speak with the language of the interview
• Speak clearly
• Do not confuse the auditee, asking questions one by one
• Back to the question that can not be answered
immediately

Audit Method : physical observation
1. Observation of the infrastructure condition (eg. Building, AC, machines,
etc.)
2. Observation of the Environmental work (related to the quality,
environmetal or health and safety
3. Observations in the working process (appropriate requirements / no)
4. Human behavior (especially relating to unsafe action)
Don’t forget to record
Note: at the time of physical observation / field should be
accompanied by awitness (either from guide or auditee) to
strengthen the evidence report

Audit Findings
Audit findings should be evaluated against to the audit criteria to determine the
audit findings. Audit findings can indicate either conformity or nonconformity
with audit criteria and/or identify an opportunity for improvement.
Audit Findings:
 Observation
 Minor Non-conformity
 Major Non-conformity

Audit Findings
 not categorized as nonconformity
 Suggestion for improvement
 Based on internal auditor experience and knowledge
Observation

Audit Findings
 Not seriously affecting quality or quality system
 Human error
Example :
 Error or nonconformity in document: procedure, work instruction
vs. the implementation or applicable standard requirements.
 Deviation between implementing and procedure/work instruction
Minor Nonconformity

Audit Findings
 Potential to seriously affect quality or quality system
Example :
 Verification is not performed when receiving raw material.
 No control over key processes
 No internal quality program
Major Nonconformity

 Reporting the Audit
NC
P
r
o
b
l
e
m
R
e
f
e
r
e
n
c
e
Location & objective Evidence
 If P-L-O but no
reference ??
 If P-R-L but no evidence
found ??
 If R-L-O but no problem
found ??
 If P-L-O-R then ??

Analisa Penentuan Status Temuan
Problem : What is the problem?
Location : where the location?
Objevtive evidence : what the evidence?
Reference : requirement/reference?
• Problem √
• Location √
• Objective Evidence √
• Reference √
There are no
One or more
Factor above
“OBSERVATION
Yes
NC
Significant
Impact
MAJOR
No Significant
Impact
MINOR

Audit reporting (Sample)
At the time of the audit section of marketing, the auditor asked for evidence of corrective action
from the quality objectives regarding the targeted customer satisfaction> 80% but only reached
75%. Auditee say they are just monitoring the course and not take any action.
Analysis using the P L O R:
Problem: no corrective action
Location: the marketing department
Objective evidence: the quality objectives customer satisfaction rate is only 75%, the target of>
80% no follow-up
Reference: clause 10.2 of ISO 9001 : 2015 “The organization shall take action to eliminate the
causes of nonconformities in order to prevent recurrence”
Conclusion: non conformity
Reporting audit:
At the Departement og marketing There is no evidence of corrective action, to failure in the
quality objectives regarding customer satisfaction (target> 80%, achievement: 75%) “as
requested in the Procedure PM / MR / 08 revision 01 and clause 10.2 of ISO 9001 : 2015.

Closing Meeting
• Present audit findings and conclusions
• Resolve of any diverging opinions about the findings
• Present any recommendation for improvement, if specified by audit
objectives
• Ensure when corrective actions should be done
• Inform when the audit report will be delivered
• Emphasive on the confidentiality of information gathered

Internal Quality Auditor’s Task
 Reporting found nonconformities in LKS/PTKP/CAR
 Explain it to auditees
 Ask for auditee’s agreement the due date to perform the corrective
Action
 Verify the action taken

Verification
 Verify to prove whether the root cause is identified
 Verify to prove whether the taken corrective action is effective
 Ensure the relevant personnel are aware of the taken corrective ation
 Find evidence whether the taken corrective actions revised the quality
management system documentation

ISO 9001 2015 version Quality Management System

More Related Content

Similar to ISO 9001 2015 version Quality Management System

Recently uploaded

ISO 9001 2015 version Quality Management System