SlideShare a Scribd company logo
PRACTICAL AUDITING
  Continual Improvement Program
    for Internal Quality Auditors




                  By Sid Calayag
Agenda

• PDCA and Process Approach
• Interview/Question Technique
• Notes, Check List & Cheat Sheet
• Report Writing
• Toughest ISO 9001:2000 Clauses
• How to Audit Difficult Clauses
• How to Audit Undocumented Process
• Auditor’s Code of Ethics


           Auditor Training rev 0 022009   2
Process Based Approach

                                 MANAGEMENT
                                RESPONSIBILITY
C                                                                        C

U                                                                        U
                           RESOURCE MANAGEMENT
S                                                                        S

T                                                                        T
                           PRODUCT REALIZATION
O                                                                        O
    Requirements   INPUT
                                    PROCESS      OUTPUT
M                                                               A   P
                                                                         M
                                                                C D
E                                                                        E

R                     MEASUREMENT, ANALYSIS &                            R
                           IMPROVEMENT                    Satisfaction




                            4
THE PDCA CYCLE


                          VERIFY
               PLAN




   ACT                    DO
  EVALUATE             IMPLEMENT



               CHECK
               STUDY
VALIDATE
Interview and Question Technique

• Interview
   • Reason
   • Steps
• Question Techniques
   • Closed-ended Question
   • Open-ended question
   • Show-me Question




              Auditor Training rev 0 022009   6
Interview Reason


• Supplements the documented process
• Determines the actual defined process
• Principal way of obtaining information
• Allows auditee to explain work
  practices
• Ascertains understanding and
  commitment




             Auditor Training rev 0 022009   7
Interview Steps -1

• Interview persons at their workplace
• Conduct interviews during normal
  hours
• Put person at ease (lower anxiety
  level)
• Explain your purpose (what you want)
• Ask about their job (question; observe)
• Verify responses (confirm
  understanding)


           Auditor Training rev 0 022009    8
Interview Steps - 2

• Check the facts (use other sources)
• Record evidence (notes on checklist)
• Make tentative conclusion (no secrets)
• Give opportunity to discuss other
  topics
• Thank for their time and cooperation




           Auditor Training rev 0 022009   9
Summary on Interview

• Remember, it is an interview, not
  an interrogation!

• Investigate a claim; accept an
  admission.




          Auditor Training rev 0 022009   10
Questioning Techniques - 1

• Ask question and then actively listen
• Rely primarily on open-ended questions
• Avoid closed question (except to confirm)
• Ask for explanations and examples
• Rephrase your question for clarification
• Restate answer for your understanding
• Keep neutral; don't disagree or interrupt



                  Auditor Training rev 0 022009   11
Questioning Techniques - 2

• Ask "suppose" or "what if" questions
• Find basic flaws with simple questions
• Ask the blunt question about quality
• Nod in agreement to maintain dialog
• Use silence for expanded responses
• Observe unguarded facial expressions
• Learn from remarks of nearby people



                   Auditor Training rev 0 022009   12
Close and Open-ended Question

• Open-ended question can be used in
  determining the actual process during
  the interview.
• Close-ended question can be used to
  conclude the result of the interview.




                                              Sample

              Auditor Training rev 0 022009            13
Summary on Questioning Techniques
• STOP TALKING - LISTEN
  Do not ask closed questions unless to conclude item
  Maintain a 20% talking : 80% listening ratio
• USE THE SIX HONEST SERVING MEN
  “I keep six honest serving men
  They taught me all I knew
  Their names were WHAT and WHY and WHEN
  And HOW and WHERE and WHO”
  (The Elephant Child - Kipling)
• SHOW ME
Notes, Check List & Cheat List


• Taking Notes in an Audit
• Check List
• Cheat List




               Auditor Training rev 0 022009   15
Taking Notes in an Audit

• One use of a checklist is as a repository for your
  notes
• Take brief notes on what you have
  read, heard, and seen
• Capture specific references
• record what people are telling you about their
  practices
• Some of your notes will be used immediately
  for your next line of questioning


                  Auditor Training rev 0 022009        16
Advantages on Using Check List

Checklists, if developed and used properly:
• Promote planning for the assigned audit
• Ensure a consistent audit approach
• Act as a sampling plan and time manager
• Serve as a memory aid and confidence builder
• Provide a repository for notes on evidence




                 Auditor Training rev 0 022009   18
Drawback on Using Check List

Drawback
• May result in poor coverage.
• Restrict interview questions
• May cause the auditor to use an outdated
  tool if not updated according to the new
  standard




                   Auditor Training rev 0 022009   19
Summary on Check List

• A checklist should guide auditors through the
  system flow from quality policy, to
  objectives, to processes, to measurements, to
  results, to actions, and eventually to continual
  improvement.
• Auditors should use the checklist as a planning
  tool for their assignment and be willing to
  pursue other areas of investigation.




                   Auditor Training rev 0 022009     20
Cheat Sheet

• A "cheat sheet" is a concise set of notes used for
  quick reference
• Job notes may not accurately describe the tasks, in
  conflict with written instructions, or unapproved by
  management.
ISO 9001:2000, clause 4.2.3 states that "Documents required
by the quality management system shall be controlled." So, if
cheat sheets are needed by employees to carry out their
activities, these would be viewed as documents that must be
controlled.


                      Auditor Training rev 0 022009         21
Report Writing

• Use CPLANES as a reminder
  •   C – Clause
  •   P -- Procedure or Instruction
  •   L -- Location
  •   A – Activity
  •   N – Nature of Deficiency
  •   E – Evidence
  •   S – Scale of Deficiency




            Auditor Training rev 0 022009   22
Writing Nonconformity Reports


• Conformity,
• Conformance, or
• Compliance?




          Auditor Training rev 0 022009   23
Exercise No. 1

How well do you know the new ISO 9001:2000 standard? Can you identify the
clauses for these requirements?
 1. Reviewing the system at planned intervals
 2. Identifying the status of product measurements
 3. Maintaining process equipment
 4. Handling, packaging, and storing products
 5. Preventing the "recurrence" of nonconformities
 6. Maintaining evidence of conformity of acceptance criteria
 7. Ensuring requirements are complete and unambiguous
 8. Identifying the control of outsourced processes
 9. Planning for design review, verification, and validation
 10. Including a quality manual in the documentation
                                                                answer
                              Auditor Training rev 0 022009                 24
Toughest Requirements


• 4.1 General Requirements
• 5.1 Management Commitment
• 5.4.1 Quality Objectives
• 5.4.2 Quality Management System
  Planning (vs. 7.1 Planning of Product
  Realization)
• 7.3.1 Design and Development Planning


              Auditor Training rev 0 022009   25
Toughest Requirements


• 7.5.2 Validation of Processes for
  Production and Service Provision
• 8.2.1 Customer Satisfaction
• 8.5.1 Continual Improvement
• 8.5.3 Preventive Action




              Auditor Training rev 0 022009   26
Most Common Audit Findings

* Internal Audit Findings
• 1. Customer satisfaction data and assessment (8.2.1 . . .
• 2. Documentation gaps (4.2.3 . . .
• 3. Continual improvement process (8.5.1 . . .
• 4. Objectives not measurable (5.4.1 . . .
• 5. Collection and analysis of data (8.4 . . .
• 6-7. Top management commitment and responsibility (5.4 . . .
• 6-7. Record keeping gaps (4.2.4 . . .
• 8-9. Competency requirements (6.2.2 . . .
• 8-9. Effective control of processes (4.1 . . .
            * Ref. : <http://standardsgroup.asq.org/news/psi/IMS06-2002E-Implementing_ISO_9001-BD.pdf>


                                Auditor Training rev 0 022009                                      27
Most Common Audit Findings

* Registrar Audit Findings
• 1. Documentation gaps
• 2-3. Objectives not measurable
• 2-3. Top management commitment and responsibility
• 4. Continual improvement process
• 5-6. Customer satisfaction data and assessment
• 5-6. Effective control of processes
• 7-8. Collection and analysis of data
• 7-8. Record keeping gaps
• 9. Competency requirements
            * Ref. : <http://standardsgroup.asq.org/news/psi/IMS06-2002E-Implementing_ISO_9001-BD.pdf>


                                Auditor Training rev 0 022009                                      28
Comparison of Rankings

Internal Audit Findings                               Registrar Audit Findings
• 1. Customer satisfaction data and                   • 1. Documentation gaps
  assessment
                                                      • 2-3. Objectives not measurable
• 2. Documentation gaps
                                                      • 2-3. Top management commitment
• 3. Continual improvement process                      and responsibility
• 4. Objectives not measurable                        • 4. Continual improvement process
• 5. Collection and analysis of data                  • 5-6. Customer satisfaction data and
                                                        assessment
• 6-7. Top management commitment and
  responsibility                                      • 5-6. Effective control of processes
• 6-7. Record keeping gaps                            • 7-8. Collection and analysis of data
• 8-9. Competency requirements                        • 7-8. Record keeping gaps
• 8-9. Effective control of processes                 • 9. Competency requirements




                                   Auditor Training rev 0 022009                               29
How to Audit Difficult Clauses


4.1 General Requirements
   Clause 4.1 covers the requirement for your
   organization to set up a quality management system
   and broadly defines the associated activities. These
   activities are described in greater detail in the
   remainder of the standard. And, when you audit
   these other clauses, you are in essence auditing
   clause 4.1.

                      Auditor Training rev 0 022009       30
How to Audit ISO 9001:2000, Clause 4.1

• By recognizing its linkages to the clauses in the
  remainder of the standard.
• Audit those other areas well and you are in effect
  auditing clause 4.1.




                    Auditor Training rev 0 022009      31
How to Audit Difficult Clauses

5.1 Management Commitment
  Look for evidence on how top managers
  ensure their commitment is well known
  throughout the organization and records
  that show how they are keeping their
  promise




                Auditor Training rev 0 022009   33
How to Audit Difficult Clauses

5.4.1 Quality Objective
Are You Setting SMART Quality Objectives?
• Is it specific?
• Is it measurable
• Is it achievable
• Is it relevant
• Is it timed?



                     Auditor Training rev 0 022009   34
How to Audit Difficult Clauses

5.4.2 Quality Management System Planning
(vs. 7.1 Planning of Product Realization)
Organizations must decide how to
monitor, measure, and analyze their processes, as well
as, be ready to implement the actions necessary to
achieve planned results and continually improve the
processes. Even outsourced processes are included in
the planning.

Determine how this is done using process approach.


                     Auditor Training rev 0 022009       35
How to Audit Difficult Clauses

7.0 Product Realization
• 7.1   Planning of Product Realization
• 7.3.1 Design and Development Planning
• 7.5.2 Validation of Processes for Production
  and Service Provision


Determine how the quality plan is developed.


                  Auditor Training rev 0 022009   36
How to Audit Difficult Clauses

8.0 Measurement, analysis and Improvement
• 8.2.1 Customer Satisfaction
• 8.5.1 Continual Improvement
• 8.5.3 Preventive Action




                 Auditor Training rev 0 022009   37
Auditing Undocumented Process

Auditing a Process that is Undocumented


Refer to the guide provided to you
separately




               Auditor Training rev 0 022009   38
Summary on Audit Practice

Audits examine compliance from three perspectives:
1. Documents (or definitions) that indicate the
   process is adequate
2. Records that show the process is implemented
   (being practiced)
3. Results that prove the process is effective
   (objectives are met)
By using the process approach in auditing, you will be
able to gather all the evidence that you need in
auditing for any clause that you may encounter in the
field.


                    Auditor Training rev 0 022009        39
EXERCISE No. 2



The purpose of the exercise is to provide
practice in assessing evidence in an objective
manner..




                Auditor Training rev 0 022009    40
Workshop


Mock-up audit of Engineering Department
• 5.4.1 Quality Objectives
• 7.3.1 Design and Development Planning




                  Auditor Training rev 0 022009   41
Auditor Conduct


AN AUDITOR SHOULD NOT
• Be critical           • Be sarcastic
• Be side-tracked       • Compare
• Argue                 • Pass opinions
• Swear                 • Apportion blame
• Be late
Code of Conduct for Auditors

Purpose
To communicate the
integrity, objectivity, confidentiality, and
competence expected of internal auditors, as
well as, to provide a means for them to pledge
their commitment to these principles.




                 Auditor Training rev 0 022009   44
Code of Conduct for Auditors

Integrity
The integrity of internal auditors establishes trust
and provides the basis for relying on their
judgment. As an internal auditor, I pledge to:
1. Perform my work with
   honesty, accuracy, fairness, and
   responsibility.
2. Not engage in activities that might discredit
   the audit profession or my organization.

                   Auditor Training rev 0 022009   45
Code of Conduct for Auditors
Objectivity
Internal auditors must be objective in
gathering, evaluating, and communicating information about
the activities being examined. They must make a balanced and
impartial assessment of all the relevant facts and not be unduly
influenced by their interests, or those of others, in making
judgments. As an internal auditor, I pledge to:
3. Not join in any activity or relationship that may affect my
    unbiased assessment.
4. Not accept anything that may impair, or appear to
    impair, my judgment.
5. Disclose all the material facts to avoid any distortion of my
    audit report.


                         Auditor Training rev 0 022009             46
Code of Conduct for Auditors

Confidentiality
Internal auditors must respect the value and ownership of the
information they receive and not disclose it without the
appropriate authority (unless obligated for legal or
professional reasons). As an internal auditor, I pledge to:
6. Be prudent in the use and protection of the information
    acquired during my audit duties.
7. Not use the information for personal gain or in any way
    detrimental to the organization.




                       Auditor Training rev 0 022009            47
Code of Conduct for Auditors

Competence
Internal auditors must apply their knowledge, skills, and experience in
    the performance of their assessment duties. As an internal auditor, I
    pledge to:
8. Engage only in audits where I possess the needed
    knowledge, skills, and experience.
9. Perform audits in accordance with the procedures and practices of
    my organizations.
10. Continually improve my proficiency and the quality and value of
    my audit services.
11. Assist other auditors under my supervision to develop their audit
    management skills.
12. Report any complaints regarding my performance and address
    them to avoid recurrence.


                           Auditor Training rev 0 022009                48
Addendum

• Exercise No. 3 – take home exercise
• ISO 9000 : 2005 –
• ISO 9001: 2008 –
• Sample Question for Top Management




                Auditor Training rev 0 022009   49
Exercise No. 3

This is an exercise to see how
nonconformities are reported


This is a take-home exercise. The
answer shall be submitted later.




           Auditor Training rev 0 022009   50
ISO 9000:2005


• It makes no changes to the basic
  principles of quality management stated
  in ISO 9000:2000
• It is essentially a tidying-up exercise to
  ensure consistency within ISO Standards
• It will probably have little, or no real
  impact on our quality system



                 Auditor Training rev 0 022009   52
ISO 9001:2008

• ISO 9001:2000 is due for an update in
  2008.
• It is currently at Draft International
  Standard (DIS) stage
• Changes to the standard are very small
• It will replace ISO 9001:2000




                   Auditor Training rev 0 022009   53

More Related Content

What's hot

How to Perform a Successful Internal Quality Audit
How to Perform a Successful Internal Quality AuditHow to Perform a Successful Internal Quality Audit
How to Perform a Successful Internal Quality Audit
Greenlight Guru
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
Jami Martin
 
Standards of Internal Audit
Standards of Internal AuditStandards of Internal Audit
Standards of Internal Audit
Karan Puri
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of Controls
Sazzad Hossain, ITP, MBA, CSCA™
 
Audit Methodology
Audit MethodologyAudit Methodology
Audit Methodology
Rahul Bhan (CA, CIA, MBA)
 
8. internal control new
8. internal control new8. internal control new
8. internal control new
Syed Osama Rizvi
 
Audit documentation
Audit documentationAudit documentation
Audit documentation
Venkatesan Murali
 
Auditing And Assurance Standards
Auditing And Assurance StandardsAuditing And Assurance Standards
Auditing And Assurance Standards
Augustin Bangalore
 
Audit presentation
Audit presentationAudit presentation
Audit presentation
Metafrique group
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
Vernon Benjamin
 
Auditing Chapter 2
Auditing Chapter 2Auditing Chapter 2
Auditing Chapter 2
aaykhan
 
ISO 9001:2015 clause wise changes
ISO 9001:2015 clause wise changesISO 9001:2015 clause wise changes
ISO 9001:2015 clause wise changes
Kranthi Rainbow
 
Internal audit
Internal auditInternal audit
3a 5 Value Adding Internal Audit
3a   5   Value Adding Internal Audit3a   5   Value Adding Internal Audit
3a 5 Value Adding Internal Audit
Rajeswaran Muthu Venkatachalam
 
Planning of audit
Planning of auditPlanning of audit
Planning of audit
Foluwa Amisu
 
Internal auditing
Internal auditingInternal auditing
Internal auditing
Shach Faisal
 
Evolution of audit profession, audit
Evolution of audit profession, auditEvolution of audit profession, audit
Evolution of audit profession, audit
Md. Ibne Nayeem Hasan
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
Sazzad Hossain, ITP, MBA, CSCA™
 
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Schellman & Company
 
Audit Assertion .pptx
Audit Assertion .pptxAudit Assertion .pptx
Audit Assertion .pptx
Koh Teck Peng
 

What's hot (20)

How to Perform a Successful Internal Quality Audit
How to Perform a Successful Internal Quality AuditHow to Perform a Successful Internal Quality Audit
How to Perform a Successful Internal Quality Audit
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
 
Standards of Internal Audit
Standards of Internal AuditStandards of Internal Audit
Standards of Internal Audit
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of Controls
 
Audit Methodology
Audit MethodologyAudit Methodology
Audit Methodology
 
8. internal control new
8. internal control new8. internal control new
8. internal control new
 
Audit documentation
Audit documentationAudit documentation
Audit documentation
 
Auditing And Assurance Standards
Auditing And Assurance StandardsAuditing And Assurance Standards
Auditing And Assurance Standards
 
Audit presentation
Audit presentationAudit presentation
Audit presentation
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
 
Auditing Chapter 2
Auditing Chapter 2Auditing Chapter 2
Auditing Chapter 2
 
ISO 9001:2015 clause wise changes
ISO 9001:2015 clause wise changesISO 9001:2015 clause wise changes
ISO 9001:2015 clause wise changes
 
Internal audit
Internal auditInternal audit
Internal audit
 
3a 5 Value Adding Internal Audit
3a   5   Value Adding Internal Audit3a   5   Value Adding Internal Audit
3a 5 Value Adding Internal Audit
 
Planning of audit
Planning of auditPlanning of audit
Planning of audit
 
Internal auditing
Internal auditingInternal auditing
Internal auditing
 
Evolution of audit profession, audit
Evolution of audit profession, auditEvolution of audit profession, audit
Evolution of audit profession, audit
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
 
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
 
Audit Assertion .pptx
Audit Assertion .pptxAudit Assertion .pptx
Audit Assertion .pptx
 

Viewers also liked

Practical auditing
Practical auditingPractical auditing
Practical auditing
Isidro Sid Calayag
 
Auditing (Introduction to Auditing)
Auditing (Introduction to Auditing) Auditing (Introduction to Auditing)
Auditing (Introduction to Auditing)
Noorulhadi Qureshi
 
Auditing notes
Auditing notesAuditing notes
Auditing notes
Vishwa Nath
 
Introduction to Internal Quality System Auditing
Introduction to Internal Quality System AuditingIntroduction to Internal Quality System Auditing
Introduction to Internal Quality System Auditing
JeffStevens
 
Importance of supplier audits
Importance of supplier auditsImportance of supplier audits
Importance of supplier audits
AQSS-USA
 
Introduction of auditing
Introduction of auditingIntroduction of auditing
Introduction of auditing
Kanchan Tripathi
 
Basic & Simple Quality management tools
Basic & Simple Quality management toolsBasic & Simple Quality management tools
Basic & Simple Quality management tools
Mohammed Kamal
 
Chapter 1.
Chapter 1.Chapter 1.
Chapter 1.
Thane
 
Auditng Ppt(2)
Auditng Ppt(2)Auditng Ppt(2)
Auditng Ppt(2)
Augustin Bangalore
 
Presentation chapter 9
Presentation chapter 9Presentation chapter 9
Presentation chapter 9
Emran Habeeb
 
Beginning auditor (1)
Beginning auditor (1)Beginning auditor (1)
Beginning auditor (1)
Idear S. Wanichkul
 
Audit Fraud & error p7
Audit Fraud & error p7Audit Fraud & error p7
Audit Fraud & error p7
Richard Clarke Academy
 
Topik 8 Audit Sampling
Topik 8 Audit SamplingTopik 8 Audit Sampling
Topik 8 Audit Sampling
Dania Johan
 
Pre statutory audit - checklist
Pre statutory audit - checklistPre statutory audit - checklist
Pre statutory audit - checklist
CA MUKESH TYAGI
 
investment analysis_and_portfolio_management
 investment analysis_and_portfolio_management investment analysis_and_portfolio_management
investment analysis_and_portfolio_management
Babasab Patil
 
Surbhi Bansal Auditing Notes
Surbhi Bansal Auditing NotesSurbhi Bansal Auditing Notes
Surbhi Bansal Auditing Notes
Sudheer Paidi
 
Chapter 2. audit planning procedures & documentation
Chapter 2. audit planning procedures & documentationChapter 2. audit planning procedures & documentation
Chapter 2. audit planning procedures & documentation
Thane
 
Presentation 3 - Audit Program & Procedure
Presentation 3 - Audit Program & ProcedurePresentation 3 - Audit Program & Procedure
Presentation 3 - Audit Program & Procedure
Marzanur Rahman
 
9001 Awareness Session Current
9001 Awareness Session Current9001 Awareness Session Current
9001 Awareness Session Current
senioke
 
FRAUD, MONEY LAUNDERING AND FORENSIC AUDIT
FRAUD, MONEY LAUNDERING AND FORENSIC AUDITFRAUD, MONEY LAUNDERING AND FORENSIC AUDIT
FRAUD, MONEY LAUNDERING AND FORENSIC AUDIT
EMAC Consulting Group
 

Viewers also liked (20)

Practical auditing
Practical auditingPractical auditing
Practical auditing
 
Auditing (Introduction to Auditing)
Auditing (Introduction to Auditing) Auditing (Introduction to Auditing)
Auditing (Introduction to Auditing)
 
Auditing notes
Auditing notesAuditing notes
Auditing notes
 
Introduction to Internal Quality System Auditing
Introduction to Internal Quality System AuditingIntroduction to Internal Quality System Auditing
Introduction to Internal Quality System Auditing
 
Importance of supplier audits
Importance of supplier auditsImportance of supplier audits
Importance of supplier audits
 
Introduction of auditing
Introduction of auditingIntroduction of auditing
Introduction of auditing
 
Basic & Simple Quality management tools
Basic & Simple Quality management toolsBasic & Simple Quality management tools
Basic & Simple Quality management tools
 
Chapter 1.
Chapter 1.Chapter 1.
Chapter 1.
 
Auditng Ppt(2)
Auditng Ppt(2)Auditng Ppt(2)
Auditng Ppt(2)
 
Presentation chapter 9
Presentation chapter 9Presentation chapter 9
Presentation chapter 9
 
Beginning auditor (1)
Beginning auditor (1)Beginning auditor (1)
Beginning auditor (1)
 
Audit Fraud & error p7
Audit Fraud & error p7Audit Fraud & error p7
Audit Fraud & error p7
 
Topik 8 Audit Sampling
Topik 8 Audit SamplingTopik 8 Audit Sampling
Topik 8 Audit Sampling
 
Pre statutory audit - checklist
Pre statutory audit - checklistPre statutory audit - checklist
Pre statutory audit - checklist
 
investment analysis_and_portfolio_management
 investment analysis_and_portfolio_management investment analysis_and_portfolio_management
investment analysis_and_portfolio_management
 
Surbhi Bansal Auditing Notes
Surbhi Bansal Auditing NotesSurbhi Bansal Auditing Notes
Surbhi Bansal Auditing Notes
 
Chapter 2. audit planning procedures & documentation
Chapter 2. audit planning procedures & documentationChapter 2. audit planning procedures & documentation
Chapter 2. audit planning procedures & documentation
 
Presentation 3 - Audit Program & Procedure
Presentation 3 - Audit Program & ProcedurePresentation 3 - Audit Program & Procedure
Presentation 3 - Audit Program & Procedure
 
9001 Awareness Session Current
9001 Awareness Session Current9001 Awareness Session Current
9001 Awareness Session Current
 
FRAUD, MONEY LAUNDERING AND FORENSIC AUDIT
FRAUD, MONEY LAUNDERING AND FORENSIC AUDITFRAUD, MONEY LAUNDERING AND FORENSIC AUDIT
FRAUD, MONEY LAUNDERING AND FORENSIC AUDIT
 

Similar to Practical Auditing

Webinar-ISO-9001-Back-to-Basics-Internal-Auditing
Webinar-ISO-9001-Back-to-Basics-Internal-AuditingWebinar-ISO-9001-Back-to-Basics-Internal-Auditing
Webinar-ISO-9001-Back-to-Basics-Internal-Auditing
mufajzaposh
 
ISO-9001:2015-Awareness Presentation.pdf
ISO-9001:2015-Awareness Presentation.pdfISO-9001:2015-Awareness Presentation.pdf
ISO-9001:2015-Awareness Presentation.pdf
AnkitPasswala
 
MMC - ISO-9001: 2015 - Awareness Basic - Stage 1
MMC - ISO-9001: 2015 - Awareness Basic  - Stage 1MMC - ISO-9001: 2015 - Awareness Basic  - Stage 1
MMC - ISO-9001: 2015 - Awareness Basic - Stage 1
mufajzaposh
 
ISO 9001-2015 Awareness.pdf
ISO 9001-2015 Awareness.pdfISO 9001-2015 Awareness.pdf
ISO 9001-2015 Awareness.pdf
yousrazeidan1
 
Audit Report Writing
Audit Report WritingAudit Report Writing
Audit Report Writing
Mira Anuar
 
presentation quality awareness draft02.pptx
presentation quality awareness draft02.pptxpresentation quality awareness draft02.pptx
presentation quality awareness draft02.pptx
AhmedAltantawi
 
Iso 9001:2015 internal auditor Course
Iso 9001:2015  internal auditor Course Iso 9001:2015  internal auditor Course
Iso 9001:2015 internal auditor Course
Atif Alhaj
 
ISO 9001 2015 INTERNAL AUDIT PRESENTATION COMET PORTHARCOURT.pptx
ISO 9001 2015 INTERNAL AUDIT PRESENTATION COMET PORTHARCOURT.pptxISO 9001 2015 INTERNAL AUDIT PRESENTATION COMET PORTHARCOURT.pptx
ISO 9001 2015 INTERNAL AUDIT PRESENTATION COMET PORTHARCOURT.pptx
jbnickaf
 
ISO DOcumentation tips
ISO DOcumentation tipsISO DOcumentation tips
ISO DOcumentation tips
Ganapathi subramania sreedharan
 
Quality management in construction
Quality management in constructionQuality management in construction
Quality management in construction
Isidro Sid Calayag
 
continuous improvement in school management (4) .pdf
continuous improvement in school management (4) .pdfcontinuous improvement in school management (4) .pdf
continuous improvement in school management (4) .pdf
lynnmdasuki1
 
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
Engr. Syed Noor Mustafa Shah
 
Iso 9000 new
Iso 9000 newIso 9000 new
Iso 9000 new
Bibin Thomas
 
QLAC_2013.ppt
QLAC_2013.pptQLAC_2013.ppt
QLAC_2013.ppt
maher30
 
Internal Audit Training with different .pptx
Internal Audit Training with different .pptxInternal Audit Training with different .pptx
Internal Audit Training with different .pptx
BonAlexisGuatato
 
Quality Management Systems in different industries - from ISO 9001 to cGxP
Quality Management Systems in different industries - from ISO 9001 to cGxPQuality Management Systems in different industries - from ISO 9001 to cGxP
Quality Management Systems in different industries - from ISO 9001 to cGxP
Pauwels Consulting
 
Iso 9000 2008 auditing
Iso 9000 2008 auditingIso 9000 2008 auditing
Iso 9000 2008 auditing
Yoke S. Fabianto
 
ISO 90012008 Understanding and Internal Auditing.ppt
ISO 90012008 Understanding and Internal Auditing.pptISO 90012008 Understanding and Internal Auditing.ppt
ISO 90012008 Understanding and Internal Auditing.ppt
FirozKhan158275
 
Best Practices in Auditing
Best Practices in AuditingBest Practices in Auditing
Best Practices in Auditing
PECB
 
TQM Presentation1 (2).ppt
TQM Presentation1 (2).pptTQM Presentation1 (2).ppt
TQM Presentation1 (2).ppt
ANANTKUMARGUJAR
 

Similar to Practical Auditing (20)

Webinar-ISO-9001-Back-to-Basics-Internal-Auditing
Webinar-ISO-9001-Back-to-Basics-Internal-AuditingWebinar-ISO-9001-Back-to-Basics-Internal-Auditing
Webinar-ISO-9001-Back-to-Basics-Internal-Auditing
 
ISO-9001:2015-Awareness Presentation.pdf
ISO-9001:2015-Awareness Presentation.pdfISO-9001:2015-Awareness Presentation.pdf
ISO-9001:2015-Awareness Presentation.pdf
 
MMC - ISO-9001: 2015 - Awareness Basic - Stage 1
MMC - ISO-9001: 2015 - Awareness Basic  - Stage 1MMC - ISO-9001: 2015 - Awareness Basic  - Stage 1
MMC - ISO-9001: 2015 - Awareness Basic - Stage 1
 
ISO 9001-2015 Awareness.pdf
ISO 9001-2015 Awareness.pdfISO 9001-2015 Awareness.pdf
ISO 9001-2015 Awareness.pdf
 
Audit Report Writing
Audit Report WritingAudit Report Writing
Audit Report Writing
 
presentation quality awareness draft02.pptx
presentation quality awareness draft02.pptxpresentation quality awareness draft02.pptx
presentation quality awareness draft02.pptx
 
Iso 9001:2015 internal auditor Course
Iso 9001:2015  internal auditor Course Iso 9001:2015  internal auditor Course
Iso 9001:2015 internal auditor Course
 
ISO 9001 2015 INTERNAL AUDIT PRESENTATION COMET PORTHARCOURT.pptx
ISO 9001 2015 INTERNAL AUDIT PRESENTATION COMET PORTHARCOURT.pptxISO 9001 2015 INTERNAL AUDIT PRESENTATION COMET PORTHARCOURT.pptx
ISO 9001 2015 INTERNAL AUDIT PRESENTATION COMET PORTHARCOURT.pptx
 
ISO DOcumentation tips
ISO DOcumentation tipsISO DOcumentation tips
ISO DOcumentation tips
 
Quality management in construction
Quality management in constructionQuality management in construction
Quality management in construction
 
continuous improvement in school management (4) .pdf
continuous improvement in school management (4) .pdfcontinuous improvement in school management (4) .pdf
continuous improvement in school management (4) .pdf
 
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
QMS - Quality Management System - Internal Quality Auditor - ISO 9001:2008
 
Iso 9000 new
Iso 9000 newIso 9000 new
Iso 9000 new
 
QLAC_2013.ppt
QLAC_2013.pptQLAC_2013.ppt
QLAC_2013.ppt
 
Internal Audit Training with different .pptx
Internal Audit Training with different .pptxInternal Audit Training with different .pptx
Internal Audit Training with different .pptx
 
Quality Management Systems in different industries - from ISO 9001 to cGxP
Quality Management Systems in different industries - from ISO 9001 to cGxPQuality Management Systems in different industries - from ISO 9001 to cGxP
Quality Management Systems in different industries - from ISO 9001 to cGxP
 
Iso 9000 2008 auditing
Iso 9000 2008 auditingIso 9000 2008 auditing
Iso 9000 2008 auditing
 
ISO 90012008 Understanding and Internal Auditing.ppt
ISO 90012008 Understanding and Internal Auditing.pptISO 90012008 Understanding and Internal Auditing.ppt
ISO 90012008 Understanding and Internal Auditing.ppt
 
Best Practices in Auditing
Best Practices in AuditingBest Practices in Auditing
Best Practices in Auditing
 
TQM Presentation1 (2).ppt
TQM Presentation1 (2).pptTQM Presentation1 (2).ppt
TQM Presentation1 (2).ppt
 

More from Isidro Sid Calayag

Upgrade iso 9001 2000 to 2008 version
Upgrade  iso 9001 2000 to 2008 versionUpgrade  iso 9001 2000 to 2008 version
Upgrade iso 9001 2000 to 2008 version
Isidro Sid Calayag
 
Ms project training ver 01
Ms project training ver 01Ms project training ver 01
Ms project training ver 01
Isidro Sid Calayag
 
Kick off meeting presentation
Kick off meeting presentationKick off meeting presentation
Kick off meeting presentation
Isidro Sid Calayag
 
Crash course rca training rev 01
Crash course rca training rev 01Crash course rca training rev 01
Crash course rca training rev 01
Isidro Sid Calayag
 
5 s – a program to improve project.ppt [compatibility mode]
5 s – a program to improve project.ppt [compatibility mode]5 s – a program to improve project.ppt [compatibility mode]
5 s – a program to improve project.ppt [compatibility mode]
Isidro Sid Calayag
 
Upgrade iso 9001 2000 to 2008 version
Upgrade  iso 9001 2000 to 2008 versionUpgrade  iso 9001 2000 to 2008 version
Upgrade iso 9001 2000 to 2008 version
Isidro Sid Calayag
 
Ms project training ver 01
Ms project training ver 01Ms project training ver 01
Ms project training ver 01
Isidro Sid Calayag
 
5 S – A Program To Improve Project
5 S – A Program To Improve Project5 S – A Program To Improve Project
5 S – A Program To Improve Project
Isidro Sid Calayag
 
Basic Cleanroom Protocol
Basic Cleanroom ProtocolBasic Cleanroom Protocol
Basic Cleanroom Protocol
Isidro Sid Calayag
 
Typical Quality Management System Based On Iso 9001 2008
Typical Quality Management System Based On Iso 9001 2008Typical Quality Management System Based On Iso 9001 2008
Typical Quality Management System Based On Iso 9001 2008
Isidro Sid Calayag
 
Quality Management In Construction
Quality Management In ConstructionQuality Management In Construction
Quality Management In Construction
Isidro Sid Calayag
 
Kick Off Meeting Presentation
Kick Off Meeting PresentationKick Off Meeting Presentation
Kick Off Meeting Presentation
Isidro Sid Calayag
 
Crash Course Rca Training Rev 01
Crash Course Rca Training Rev 01Crash Course Rca Training Rev 01
Crash Course Rca Training Rev 01
Isidro Sid Calayag
 
Rca Training Rev 0
Rca Training Rev 0Rca Training Rev 0
Rca Training Rev 0
Isidro Sid Calayag
 

More from Isidro Sid Calayag (14)

Upgrade iso 9001 2000 to 2008 version
Upgrade  iso 9001 2000 to 2008 versionUpgrade  iso 9001 2000 to 2008 version
Upgrade iso 9001 2000 to 2008 version
 
Ms project training ver 01
Ms project training ver 01Ms project training ver 01
Ms project training ver 01
 
Kick off meeting presentation
Kick off meeting presentationKick off meeting presentation
Kick off meeting presentation
 
Crash course rca training rev 01
Crash course rca training rev 01Crash course rca training rev 01
Crash course rca training rev 01
 
5 s – a program to improve project.ppt [compatibility mode]
5 s – a program to improve project.ppt [compatibility mode]5 s – a program to improve project.ppt [compatibility mode]
5 s – a program to improve project.ppt [compatibility mode]
 
Upgrade iso 9001 2000 to 2008 version
Upgrade  iso 9001 2000 to 2008 versionUpgrade  iso 9001 2000 to 2008 version
Upgrade iso 9001 2000 to 2008 version
 
Ms project training ver 01
Ms project training ver 01Ms project training ver 01
Ms project training ver 01
 
5 S – A Program To Improve Project
5 S – A Program To Improve Project5 S – A Program To Improve Project
5 S – A Program To Improve Project
 
Basic Cleanroom Protocol
Basic Cleanroom ProtocolBasic Cleanroom Protocol
Basic Cleanroom Protocol
 
Typical Quality Management System Based On Iso 9001 2008
Typical Quality Management System Based On Iso 9001 2008Typical Quality Management System Based On Iso 9001 2008
Typical Quality Management System Based On Iso 9001 2008
 
Quality Management In Construction
Quality Management In ConstructionQuality Management In Construction
Quality Management In Construction
 
Kick Off Meeting Presentation
Kick Off Meeting PresentationKick Off Meeting Presentation
Kick Off Meeting Presentation
 
Crash Course Rca Training Rev 01
Crash Course Rca Training Rev 01Crash Course Rca Training Rev 01
Crash Course Rca Training Rev 01
 
Rca Training Rev 0
Rca Training Rev 0Rca Training Rev 0
Rca Training Rev 0
 

Practical Auditing

  • 1. PRACTICAL AUDITING Continual Improvement Program for Internal Quality Auditors By Sid Calayag
  • 2. Agenda • PDCA and Process Approach • Interview/Question Technique • Notes, Check List & Cheat Sheet • Report Writing • Toughest ISO 9001:2000 Clauses • How to Audit Difficult Clauses • How to Audit Undocumented Process • Auditor’s Code of Ethics Auditor Training rev 0 022009 2
  • 3. Process Based Approach MANAGEMENT RESPONSIBILITY C C U U RESOURCE MANAGEMENT S S T T PRODUCT REALIZATION O O Requirements INPUT PROCESS OUTPUT M A P M C D E E R MEASUREMENT, ANALYSIS & R IMPROVEMENT Satisfaction 4
  • 4. THE PDCA CYCLE VERIFY PLAN ACT DO EVALUATE IMPLEMENT CHECK STUDY VALIDATE
  • 5. Interview and Question Technique • Interview • Reason • Steps • Question Techniques • Closed-ended Question • Open-ended question • Show-me Question Auditor Training rev 0 022009 6
  • 6. Interview Reason • Supplements the documented process • Determines the actual defined process • Principal way of obtaining information • Allows auditee to explain work practices • Ascertains understanding and commitment Auditor Training rev 0 022009 7
  • 7. Interview Steps -1 • Interview persons at their workplace • Conduct interviews during normal hours • Put person at ease (lower anxiety level) • Explain your purpose (what you want) • Ask about their job (question; observe) • Verify responses (confirm understanding) Auditor Training rev 0 022009 8
  • 8. Interview Steps - 2 • Check the facts (use other sources) • Record evidence (notes on checklist) • Make tentative conclusion (no secrets) • Give opportunity to discuss other topics • Thank for their time and cooperation Auditor Training rev 0 022009 9
  • 9. Summary on Interview • Remember, it is an interview, not an interrogation! • Investigate a claim; accept an admission. Auditor Training rev 0 022009 10
  • 10. Questioning Techniques - 1 • Ask question and then actively listen • Rely primarily on open-ended questions • Avoid closed question (except to confirm) • Ask for explanations and examples • Rephrase your question for clarification • Restate answer for your understanding • Keep neutral; don't disagree or interrupt Auditor Training rev 0 022009 11
  • 11. Questioning Techniques - 2 • Ask "suppose" or "what if" questions • Find basic flaws with simple questions • Ask the blunt question about quality • Nod in agreement to maintain dialog • Use silence for expanded responses • Observe unguarded facial expressions • Learn from remarks of nearby people Auditor Training rev 0 022009 12
  • 12. Close and Open-ended Question • Open-ended question can be used in determining the actual process during the interview. • Close-ended question can be used to conclude the result of the interview. Sample Auditor Training rev 0 022009 13
  • 13. Summary on Questioning Techniques • STOP TALKING - LISTEN Do not ask closed questions unless to conclude item Maintain a 20% talking : 80% listening ratio • USE THE SIX HONEST SERVING MEN “I keep six honest serving men They taught me all I knew Their names were WHAT and WHY and WHEN And HOW and WHERE and WHO” (The Elephant Child - Kipling) • SHOW ME
  • 14. Notes, Check List & Cheat List • Taking Notes in an Audit • Check List • Cheat List Auditor Training rev 0 022009 15
  • 15. Taking Notes in an Audit • One use of a checklist is as a repository for your notes • Take brief notes on what you have read, heard, and seen • Capture specific references • record what people are telling you about their practices • Some of your notes will be used immediately for your next line of questioning Auditor Training rev 0 022009 16
  • 16. Advantages on Using Check List Checklists, if developed and used properly: • Promote planning for the assigned audit • Ensure a consistent audit approach • Act as a sampling plan and time manager • Serve as a memory aid and confidence builder • Provide a repository for notes on evidence Auditor Training rev 0 022009 18
  • 17. Drawback on Using Check List Drawback • May result in poor coverage. • Restrict interview questions • May cause the auditor to use an outdated tool if not updated according to the new standard Auditor Training rev 0 022009 19
  • 18. Summary on Check List • A checklist should guide auditors through the system flow from quality policy, to objectives, to processes, to measurements, to results, to actions, and eventually to continual improvement. • Auditors should use the checklist as a planning tool for their assignment and be willing to pursue other areas of investigation. Auditor Training rev 0 022009 20
  • 19. Cheat Sheet • A "cheat sheet" is a concise set of notes used for quick reference • Job notes may not accurately describe the tasks, in conflict with written instructions, or unapproved by management. ISO 9001:2000, clause 4.2.3 states that "Documents required by the quality management system shall be controlled." So, if cheat sheets are needed by employees to carry out their activities, these would be viewed as documents that must be controlled. Auditor Training rev 0 022009 21
  • 20. Report Writing • Use CPLANES as a reminder • C – Clause • P -- Procedure or Instruction • L -- Location • A – Activity • N – Nature of Deficiency • E – Evidence • S – Scale of Deficiency Auditor Training rev 0 022009 22
  • 21. Writing Nonconformity Reports • Conformity, • Conformance, or • Compliance? Auditor Training rev 0 022009 23
  • 22. Exercise No. 1 How well do you know the new ISO 9001:2000 standard? Can you identify the clauses for these requirements? 1. Reviewing the system at planned intervals 2. Identifying the status of product measurements 3. Maintaining process equipment 4. Handling, packaging, and storing products 5. Preventing the "recurrence" of nonconformities 6. Maintaining evidence of conformity of acceptance criteria 7. Ensuring requirements are complete and unambiguous 8. Identifying the control of outsourced processes 9. Planning for design review, verification, and validation 10. Including a quality manual in the documentation answer Auditor Training rev 0 022009 24
  • 23. Toughest Requirements • 4.1 General Requirements • 5.1 Management Commitment • 5.4.1 Quality Objectives • 5.4.2 Quality Management System Planning (vs. 7.1 Planning of Product Realization) • 7.3.1 Design and Development Planning Auditor Training rev 0 022009 25
  • 24. Toughest Requirements • 7.5.2 Validation of Processes for Production and Service Provision • 8.2.1 Customer Satisfaction • 8.5.1 Continual Improvement • 8.5.3 Preventive Action Auditor Training rev 0 022009 26
  • 25. Most Common Audit Findings * Internal Audit Findings • 1. Customer satisfaction data and assessment (8.2.1 . . . • 2. Documentation gaps (4.2.3 . . . • 3. Continual improvement process (8.5.1 . . . • 4. Objectives not measurable (5.4.1 . . . • 5. Collection and analysis of data (8.4 . . . • 6-7. Top management commitment and responsibility (5.4 . . . • 6-7. Record keeping gaps (4.2.4 . . . • 8-9. Competency requirements (6.2.2 . . . • 8-9. Effective control of processes (4.1 . . . * Ref. : <http://standardsgroup.asq.org/news/psi/IMS06-2002E-Implementing_ISO_9001-BD.pdf> Auditor Training rev 0 022009 27
  • 26. Most Common Audit Findings * Registrar Audit Findings • 1. Documentation gaps • 2-3. Objectives not measurable • 2-3. Top management commitment and responsibility • 4. Continual improvement process • 5-6. Customer satisfaction data and assessment • 5-6. Effective control of processes • 7-8. Collection and analysis of data • 7-8. Record keeping gaps • 9. Competency requirements * Ref. : <http://standardsgroup.asq.org/news/psi/IMS06-2002E-Implementing_ISO_9001-BD.pdf> Auditor Training rev 0 022009 28
  • 27. Comparison of Rankings Internal Audit Findings Registrar Audit Findings • 1. Customer satisfaction data and • 1. Documentation gaps assessment • 2-3. Objectives not measurable • 2. Documentation gaps • 2-3. Top management commitment • 3. Continual improvement process and responsibility • 4. Objectives not measurable • 4. Continual improvement process • 5. Collection and analysis of data • 5-6. Customer satisfaction data and assessment • 6-7. Top management commitment and responsibility • 5-6. Effective control of processes • 6-7. Record keeping gaps • 7-8. Collection and analysis of data • 8-9. Competency requirements • 7-8. Record keeping gaps • 8-9. Effective control of processes • 9. Competency requirements Auditor Training rev 0 022009 29
  • 28. How to Audit Difficult Clauses 4.1 General Requirements Clause 4.1 covers the requirement for your organization to set up a quality management system and broadly defines the associated activities. These activities are described in greater detail in the remainder of the standard. And, when you audit these other clauses, you are in essence auditing clause 4.1. Auditor Training rev 0 022009 30
  • 29. How to Audit ISO 9001:2000, Clause 4.1 • By recognizing its linkages to the clauses in the remainder of the standard. • Audit those other areas well and you are in effect auditing clause 4.1. Auditor Training rev 0 022009 31
  • 30. How to Audit Difficult Clauses 5.1 Management Commitment Look for evidence on how top managers ensure their commitment is well known throughout the organization and records that show how they are keeping their promise Auditor Training rev 0 022009 33
  • 31. How to Audit Difficult Clauses 5.4.1 Quality Objective Are You Setting SMART Quality Objectives? • Is it specific? • Is it measurable • Is it achievable • Is it relevant • Is it timed? Auditor Training rev 0 022009 34
  • 32. How to Audit Difficult Clauses 5.4.2 Quality Management System Planning (vs. 7.1 Planning of Product Realization) Organizations must decide how to monitor, measure, and analyze their processes, as well as, be ready to implement the actions necessary to achieve planned results and continually improve the processes. Even outsourced processes are included in the planning. Determine how this is done using process approach. Auditor Training rev 0 022009 35
  • 33. How to Audit Difficult Clauses 7.0 Product Realization • 7.1 Planning of Product Realization • 7.3.1 Design and Development Planning • 7.5.2 Validation of Processes for Production and Service Provision Determine how the quality plan is developed. Auditor Training rev 0 022009 36
  • 34. How to Audit Difficult Clauses 8.0 Measurement, analysis and Improvement • 8.2.1 Customer Satisfaction • 8.5.1 Continual Improvement • 8.5.3 Preventive Action Auditor Training rev 0 022009 37
  • 35. Auditing Undocumented Process Auditing a Process that is Undocumented Refer to the guide provided to you separately Auditor Training rev 0 022009 38
  • 36. Summary on Audit Practice Audits examine compliance from three perspectives: 1. Documents (or definitions) that indicate the process is adequate 2. Records that show the process is implemented (being practiced) 3. Results that prove the process is effective (objectives are met) By using the process approach in auditing, you will be able to gather all the evidence that you need in auditing for any clause that you may encounter in the field. Auditor Training rev 0 022009 39
  • 37. EXERCISE No. 2 The purpose of the exercise is to provide practice in assessing evidence in an objective manner.. Auditor Training rev 0 022009 40
  • 38. Workshop Mock-up audit of Engineering Department • 5.4.1 Quality Objectives • 7.3.1 Design and Development Planning Auditor Training rev 0 022009 41
  • 39. Auditor Conduct AN AUDITOR SHOULD NOT • Be critical • Be sarcastic • Be side-tracked • Compare • Argue • Pass opinions • Swear • Apportion blame • Be late
  • 40. Code of Conduct for Auditors Purpose To communicate the integrity, objectivity, confidentiality, and competence expected of internal auditors, as well as, to provide a means for them to pledge their commitment to these principles. Auditor Training rev 0 022009 44
  • 41. Code of Conduct for Auditors Integrity The integrity of internal auditors establishes trust and provides the basis for relying on their judgment. As an internal auditor, I pledge to: 1. Perform my work with honesty, accuracy, fairness, and responsibility. 2. Not engage in activities that might discredit the audit profession or my organization. Auditor Training rev 0 022009 45
  • 42. Code of Conduct for Auditors Objectivity Internal auditors must be objective in gathering, evaluating, and communicating information about the activities being examined. They must make a balanced and impartial assessment of all the relevant facts and not be unduly influenced by their interests, or those of others, in making judgments. As an internal auditor, I pledge to: 3. Not join in any activity or relationship that may affect my unbiased assessment. 4. Not accept anything that may impair, or appear to impair, my judgment. 5. Disclose all the material facts to avoid any distortion of my audit report. Auditor Training rev 0 022009 46
  • 43. Code of Conduct for Auditors Confidentiality Internal auditors must respect the value and ownership of the information they receive and not disclose it without the appropriate authority (unless obligated for legal or professional reasons). As an internal auditor, I pledge to: 6. Be prudent in the use and protection of the information acquired during my audit duties. 7. Not use the information for personal gain or in any way detrimental to the organization. Auditor Training rev 0 022009 47
  • 44. Code of Conduct for Auditors Competence Internal auditors must apply their knowledge, skills, and experience in the performance of their assessment duties. As an internal auditor, I pledge to: 8. Engage only in audits where I possess the needed knowledge, skills, and experience. 9. Perform audits in accordance with the procedures and practices of my organizations. 10. Continually improve my proficiency and the quality and value of my audit services. 11. Assist other auditors under my supervision to develop their audit management skills. 12. Report any complaints regarding my performance and address them to avoid recurrence. Auditor Training rev 0 022009 48
  • 45. Addendum • Exercise No. 3 – take home exercise • ISO 9000 : 2005 – • ISO 9001: 2008 – • Sample Question for Top Management Auditor Training rev 0 022009 49
  • 46. Exercise No. 3 This is an exercise to see how nonconformities are reported This is a take-home exercise. The answer shall be submitted later. Auditor Training rev 0 022009 50
  • 47. ISO 9000:2005 • It makes no changes to the basic principles of quality management stated in ISO 9000:2000 • It is essentially a tidying-up exercise to ensure consistency within ISO Standards • It will probably have little, or no real impact on our quality system Auditor Training rev 0 022009 52
  • 48. ISO 9001:2008 • ISO 9001:2000 is due for an update in 2008. • It is currently at Draft International Standard (DIS) stage • Changes to the standard are very small • It will replace ISO 9001:2000 Auditor Training rev 0 022009 53