ISO 9001: 2000 Certified Audit Process What to do

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 2 ISO 9001: 2000 Certified Module Overview Audit Program Phases Review of categories of responsibility Review of auditor responsibilities regarding each phase

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 3 ISO 9001: 2000 Certified Audit Phases

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 4 ISO 9001: 2000 Certified Initiation and Scheduling Validus is responsible for this area which includes determination of: –Audit scope, objectives and criteria –Selection of the audit team –Complexity and locations –Determining feasibility –Establishing initial contact with auditee to determine the above items

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 5 ISO 9001: 2000 Certified Audit Preparation The auditor is responsible once an assignment is accepted to: –Understand the requirements the client is being audited against –Complete the Document Review –Request additional information if needed –Develop the audit plan/schedule (path of audit) –Gather required procedures/checklists –Schedule the on-site visit –Coordinate travel arrangements as needed

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 6 ISO 9001: 2000 Certified Conducting the Audit The auditor is responsible once on-site to: –Conduct an opening meeting –Verify audit criteria –Determine findings –Document audit findings (checklist, report, etc.) –Determine auditor recommendation on certification –Conduct closing meeting

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 7 ISO 9001: 2000 Certified Reaching the Audit Decision May involve a team effort: –Client might make final decision based on audit findings –Third-Party might be sent audit findings to make a final conclusion –Validus might review the audit findings and make a recommendation or final decision –Auditors might be asked to verify or review corrective actions, if needed, that the company must complete before audit decision is made

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 8 ISO 9001: 2000 Certified Review of Auditor Responsibilities Understanding audit requirements: –Lack of understanding leads to audit ineffectiveness –Competency on this element is taken very seriously and can be verified at any time by Validus

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 9 ISO 9001: 2000 Certified Review of Auditor Responsibilities (cont) Document Review: –Time spent on this will be dependant on the audit program and audit scope –This should include documents that help answer audit questions ahead of being on-site or help develop audit plan and questions –If all documents are not present, they should be requested or on-site verification arranged –On-site materials should be pre-paired

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 10 ISO 9001: 2000 Certified Review of Auditor Responsibilities (cont) Audit Preparation: –Audit plan defined –On-site document prep completed –Logistics determined

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 11 ISO 9001: 2000 Certified Review of Auditor Responsibilities (cont) Conduct an Opening Meeting: –Notes of attendance should be taken –Introduction and role of auditor(s) / auditee(s) –Review of audit plan/schedule –Methods and procedures used for audit –Need for note taking (documentation of all findings – positive or negative) –Gather bio-security, safety, emergency information or meet escort/guide –Provide opportunity for questions from auditee Contractor Procedures: Opening Meeting Checklist

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 12 ISO 9001: 2000 Certified Review of Auditor Responsibilities (cont) Additional Auditors –Be sure to coordinate information exchange with each other: General information sharing throughout Assessment of audit progress Reassignment of work Review of potential findings

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 13 ISO 9001: 2000 Certified Review of Auditor Responsibilities (cont) Interviews and Observations: –Ensure individuals are appropriate to functions and activities for audit –Conduct during their normal business hours –Explain note taking needs prior to questioning –Put person at ease as much as possible –Consider questioning/observation techniques –DOCUMENT IT!!! EVIDENCE IS REQUIRED!!! –Summarize results with the person –Thank them for their help and participation Technical Audit Tool Checklist

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 14 ISO 9001: 2000 Certified Review of Auditor Responsibilities (cont) PreparationAudit Summary and Closing Meeting Preparation –Preparation and organization are key –Utilize your audit records –Be aware of your audit type because it dictates your ability to make recommendations on items being reported –Organize to cover all closing meeting requirements

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 15 ISO 9001: 2000 Certified Review of Auditor Responsibilities (cont) Conduct the Closing Meeting –Notes of attendance should be taken –Thanks should be given to participants –Re-summarize audit scope & objectives –Strengths noted during audit (conformities) –Non-conformances noted Category/type of NC (if program warrants) Brief Description – remind them, they get copies –Previous non-conformances verified –Opportunities for improvement –Auditor recommendation for acceptable vs. not –Next steps (reporting timelines, follow up, etc.) –*Record all diverging opinions* Contractor Procedures: Closing Meeting Checklist

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 16 ISO 9001: 2000 Certified Review of Auditor Responsibilities (cont) Compiling of the audit findings –Findings are sent to client from Validus office –Use program form / template –Internal review may require changes (audit records, auditor competency) –Must be sent within agreed upon timeframes

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 17 ISO 9001: 2000 Certified Review of Auditor Responsibilities (cont) Audit Follow up: –All audit records come to Validus following program specific protocol –Client evaluations are reviewed –Auditor competency is evaluated

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 18 ISO 9001: 2000 Certified Summary The audit process involves many steps Validus and the auditor share these responsibilities The auditor has protocols for various stages during the process Audit findings will need to be returned to Validus to review and send to clients Auditors might be asked to verify issues prior to certification

Copyright 2005, Validus Services, LLC. All rights reserved. Revision 04/02/09 19 ISO 9001: 2000 Certified Questions? ISO 9001: 2000 Certified