Presentation on theme: "ASPEC Internal Auditor Training Version 1.0 2013."— Presentation transcript:
ASPEC Internal Auditor Training Version 1.0 2013
Training Outline Training Purpose The purpose of the course is to ensure understanding and competency of persons conducting internal auditing. internal audit process. Training Logistics The course is envisaged to take approximately 15 minutes There will be quiz questions used throughout to ensure that you understand the material You can contact Hannah Morgan email@example.com for any firstname.lastname@example.org The window can be closed at any time and progress saved A certificate will be emailed to you upon completion. Training Contents 1.Introduction to QMS in ASPEC 2.Internal Auditing
ISO2001: 2008 Background ISO9001:2008 involves an international set of standards which ensures that organizations ensure that they meet the needs of customers and other stakeholders. It defines what an organisation does to ensure that its products or services satisfy the customer’s quality requirements and comply with any regulations applicable to those products or services. Third party certification bodies provide independent confirmation that organizations meet the requirements of ISO 9001: 2008 A number of major purchasers require their suppliers to hold ISO9001 certification. ISO9001: 2008 standard specifies that the organisation shall issue and maintain the following six documented procedures: Control of Documents (4.2.3) Control of Records (4.2.4) Internal Audits (8.2.2) Control of Nonconforming Product / Service (8.3) Corrective Action (8.5.2) Preventive Action (8.5.3)
Quality Management System ASPEC has developed, documented, implemented and maintained a continually improving a QMS around the requirements of ISO9001: 2008. It uses a ‘process approach’ to describe and control ASPEC workflow to ensure the ASPEC product meets the client requirements. The QMS is comprised of the below documents. These are the documents used to explain and demonstrate how ASPEC meets the requirements of ISO9001. Thus the ASPEC Quality Manual mirrors these headings. These documents are located on the restricted Q drive and are controlled by the Quality Manager. The current versions of these documents are placed on the ASPEC website under the Quality Management system page; accessed by the password protected member’s areas.
ASPEC Quality Responsibilities Quality RepQuality ManagerDirectors To conduct internal audits each month To participate in the PCA process at various office locations To disseminate quality information as required to the Workforce and or to the Project Manager Ensuring the processes needed for the quality management system are established, implemented and maintained Reporting to top management on the performance of quality management system and need for improvement Ensuring the promotion of awareness of customer requirements throughout the organisation Liaising with the Quality certification body to ensure that the quality certification is maintained Develop and circulate Quality management review meeting reports Maintain the website with current version controlled documents Update processes and manuals as required Develop and Maintain training modules Manage Internal Auditing process Endorse Quality Manual Oversee Quality Management Review meetings Communicating to the organisation the importance of meeting customer/ statutory/ regulatory requirements Establishing the quality policy and displaying it in each ASPEC office Engaging in quality management system planning Ensuring that quality objectives are established for each site Ensuring availability of resources To support the functioning of the QMS ASPEC has added a position of Quality Representative. The responsibilities are as follows:
Auditing The international business management system auditing standard ISO 19011 defines an audit as: The above criteria is explained as follows: – Systematic – audits are usually a planned and scheduled activity. – Independent – Auditors must be independent of the area being audited. This means not related to, performing, supervising or having direct responsibility for the process and activities being audited thus avoiding any conflicts of interest and remaining free of influences which could effect objectivity – Documented – the audit process is a published written procedure – Evidence – evaluating it objectively means comparing the evidence with the audit criteria using facts without ‘subjective judgements or opinion – Audit criteria – the requirements of the audit according to the audit type. For example mandatory compliance if the criteria is government legislation – Fulfilled – conformation that the system conforms to the audit criteria “Systematic, independent and documented process for obtaining evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled”.
Audit Process Flow 1. Schedule Audits 3. Document audit reports 2. Conduct audits 4. Address inefficiencies 5. Use audit outcomes for continuous improvement The strategic planning schedule maps out the audit schedule based on a risk- management process Using the frequencies outlined in the strategic planning schedule, the audit process is conducted Audit reports are disseminated to the QUALITY Manager upon completion. Audit findings are tabled at the Management Review Meetings Audit non-conformances are entered into the PCA system for action Through the PCA process, any actions will be allocated to action openers. The action list will be reviewed at the monthly meeting ACTIVITY Person Responsible Quality Manager Quality Rep Quality Manager
1. Schedule of Audits The internal audit schedule is based on the Strategic Planning document. This document is created after a meeting with the Group Leaders where they determining, and evaluating the quality priorities based on the current risk of the business. Risk Management is performed with aid of documents such as the PCA register, past management meeting reports, Non-conformances recorded Director Meeting discussions and observations of quality performance in each office location, etc. The internal audit schedule live document can be obtained on the Quality Management System page of the website with controlled access through the password protected Members Area. The current audit schedule contains two types of audits: 1. External Audits – This is done by CACS on a six monthly basis at a varied ASPEC office location – This is required to maintain our ISO9001:2008 Certification – The auditors review our actions from previous audits to make sure we close them off by the required date – The auditors also audit our QMS against the ISO9001:2008 audit criteria to ensure our system meets the requirements – This will be facilitated by the Quality Manager 2. Internal Audits – Quality Manager: Annual ISO9001:2008 audit, 6 monthly full system audit – Quality Representative: Monthly online audit
1. Schedule of Audits Continued Every audit must have an objective(s), criteria and scope. These will be determined by the Quality Manager who will ensure this information is contained on the Audit Report Documents. Audit Objectives The audit objective is the specific purpose for conducting audits and is usually based on management priorities (as indicated in the strategic management schedule). For example to: – Maintain accreditation of certification to a Standard (external audit by CACS) – Satisfy a customer or contract requirement – Determine whether the business management system meets the overall objectives of the organisation – Verify whether a process is being performed in accordance with a written procedure and determine its effectiveness – Identify best practice regarding implementation and effectiveness of the quality management system so this can be benchmarked across the organisation Audit Criteria A set of policies, procedures, standards or elements. For example: – Management Systems Standards including ISO9001:2008 Quality Management – ASPEC Quality Management System Documents Audit Scope The scope of the quality audit related to the locations, area or process or elements in the management system being audited. For example, auditing the entire organisation or limited to one department or one part of a complex process. The depth of the audit refers to the amount of detail that is to be reviewed.
2. Conducting an audit Planning The Quality Manager will ensure that the relevant audit team is aware of the upcoming audit details as indicated on the strategic planning schedule: – The audit criteria and scope – Location – Duration of the audit and resources required – Identification of audit team/ and auditee(s) – Identification of documentation required for the audit criteria Preparation The lead auditor shall then: – Book a meeting time and venue for the audit (invite attendees) – Bring any supporting material – Ensure access to the relevant audit template (see internal pages of website below)
3. Document Audit Report The formstack form is in the format of an audit report, thus one is not required to be completed It is important to fill out the summary section for management Upload the completed audit to this page upon completion 4. Address inefficiencies If any non-conformances have been identified – enter a PCA record for action The result from the audit will be tabled at the Management Review Meeting Minutes 5. Use audit outcomes for continuous improvement The PCA’s will be then followed up to ensure continuous Improvement Activities