This document provides an overview of ISO 19011 guidelines for auditing management systems. It defines an audit as a systematic, independent, and documented process for gathering objective evidence to determine if audit criteria are fulfilled. The key phases of an audit are planning, preparation, performance and review, reporting, and follow-up. Planning establishes objectives, scope, criteria and resources. Preparation includes document review and developing checklists and questionnaires. Performance involves on-site activities like opening/closing meetings, collecting evidence, and identifying findings. Reporting documents the audit process, findings, and agreed corrective actions. Follow-up verifies effectiveness and closure of non-conformities.
2. Definition
ISO 19011 defines audits as: -
Systematic , independent and documented process for obtaining
the audit evidence and evaluating it objectively to determine the
extent to which the audit criteria is fulfilled.
3. Audit Evidence:- Records, documents, statement
of facts relevant to the audit criteria.
Audit Criteria:- Set of policies, procedures or
requirements used as a reference.
Objectivity:- based upon facts
4. Principles of Auditing
1. Integrity
2. Fair presentation
3. Due professional care
4. Confidentiality
5. Independence
6. Evidence based
approach.
5. Benefits and issues of Internal Audits
Benefits
Strong evidence to
determine requirements
Quality management
tool for improvements
Input to management
review
Helps organization for
self assessment
Richer in content
Assure involvement of
the people
Issues
• Hierarchy
• Lack of transparency
• Egos
• Auditors gets a limited
view
6. Types of the Audits
First party audits
(Internal audits
within Org.)
Second party Audits
( by customer of org. for
vendors assessment to a
particular process)
Third party Audits
(certification body
e.g.TUV, BSI, FDA,
RoHS etc.)
7. Phases of the Auditing
Audit planning
Audits preparation
Audits performance and review
Audit reporting
Audit follow-ups
8. Audit Planning
Audit program:
Set of one or more
audits planned for a
specific time frame
and directive towards a
specific purpose.
Includes :-
Identifying objectives, defining scopes and
criteria, defining frequency, setting time
frame, provision of adequate resources,
provision of monitoring and review.
Audit plan:
Description of on-site
activities and
arrangement for an
audit.
Should cover:-
Audits objectives, criteria, scope, dates and
places, time and duration
audit team members , identify auditee
representatives, logistics arrangement.
9. Typical internal Audit program
Audit Type Resources Criteria Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Internal Audit Internal ISO 9001
Supplier Scond
party
Internal or
External
Purchase and
sales
C.B. (TUV) External ISO 9001
10. Typical internal Audit Plan
Time and Date Function Process Auditor Auditee
ISO 9001
Clauses
25th Apr 2018 9:30
am
Top management function control of documented information
Mr. X and Mr.
Y
MR 7.5
25th Apr 2018 11:30
am
production planning and
planning
production Mr. X Process head
8.1, 8.4, 8.5 and
8.6
25th Apr 2018 11:30
am
R&D and product development R&D Mr. Y R&D head 7.1.5, 8.3
25th Apr 2018 1:30
pm
Lunch
25th Apr 2018 2:30
pm
Top management function Closing meeting with Audit conclusion
11. Audit preparation
Conducting Document Review
Preparation of working documents
(Audit plan, checklist, sampling plans, forms for
recording information such as evidences, findings,
records of meetings)
Audit check list ( standard checklist and process
approach based checklist)
Questionnaire technique includesWHY,WHO,
WHEN,WHAT,WHERE and HOW.
12. Audit preparation cont…..
Questionnaire technique:-
Always ask question which are Efficient, open ended,
Elicit Max. information.
Always avoid question which are:-
Ineffective, close ended and leading.
13. Audit performance and review
Opening meetings
Audit objectives
Communication during audit
Collecting & verifying information
Indentifying audit finding
Preparation for audit finding
Closing meeting
14. Audit performance and review cont..
Opening meetings purpose:-
•Establish a good communication
•To confirm the audit plan
•To introduce the audit team
•Provide the short summary of the audit process
•Provide opportunity auditee to ask questions
•Ensure that planned activities can be performed.
15. Audit performance and review cont..
Collect
samples
Audit
evidences
Evaluation
reviewing
Audit finding
Audit
conclusion
Documents, records, audit
note , observation,
interview output.
Sources of
information
17. Audit reporting cont….
Audit report contains the information as:-
Audit objectives,Audit scope, name of the Auditor and auditee,Audit date
and place,Audit criteria, findings, conclusions, summary of the audits
processes,Areas not covered, Unresolved diverging opinions between
auditor and auditee, recommendation for improvements, agreed follow-up
action plans and Distribution list for audit report.
18. Audit reporting cont….
Approving & distributing the audit reports
•To be issued with in the agreed time period
•To be dated, reviewed and approved by a designated authority.
•Distribution of the audit report to the recipients
•Auditors and recipients to maintain confidentiality of the report.
19. Audit reporting cont….
Completing the audits
•Complete all the activities as per audit plan.
•Audit evidence to be pertaining for future reference.
•Maintains the confidentiality of the finding.
•Lesson learnt from the audit to be record in the Management system
continual process.