Download presentation
Presentation is loading. Please wait.
1
Photocopies Occasionally need uncontrolled copies
induction? information for client? Mark copy as uncontrolled Explain how in documentation Photocopies The number of uncontrolled copies of QMS documents should be kept as low as possible. Occasionally, however, a copy is needed over and above the set of controlled copies. For example, a copy may need to be provided to a client. To make this possible, the QMS documentation should make provision for how uncontrolled copies are to be identified. Typically, they are stamped with the words, “Uncontrolled copy”. Uncontrolled copies should not be used for routine laboratory functions, such as laboratory testing.
2
Handwritten Amendments
May be permitted Explain how in documentation Must be authorised All copies must be amended Minimise Handwritten Amendments Handwritten changes to QMS documents may not be made unless: the QMS documentation specifies that this may be done, and how it is to be done; all copies are amended in the same way; the changes are authorised, normally by the initials of authorised person next to the manual change. An organisation may choose not to allow any handwritten changes to QMS documents.
3
Control of Records Documented procedures, records of: testing
equipment calibration internal audits management review corrective, preventive actions Control of Records Records are generated during the activities of the organisation. Some records are of course generated by laboratory testing, and by associated activities such as equipment maintenance and calibration. Others are generated by management processes that are integral to the quality management system, e.g. audit check lists and audit reports.
4
Control of Records What was done Who did it Immediate recording
Preservation Alterations - no erasure Control of Records cont. The QMS documentation needs to specify how all records are generated (and by whom) and how and where they are stored and archived. This applies to electronic as well as paper records. Records must be generated immediately information is obtained, to prevent error. Records must not be erased, or altered in such a way that the previous form of the record is not legible. For example, correction fluid must not be used. Alterations to records must be authorised, typically with the initials of an authorised staff member making the alteration.
5
Internal Audits
6
Outline What is an internal audit ? Types of Audits
How to meet standard requirements Effective auditing Preparing for an audit Conducting an audit
7
Internal Audits Required:
By ISO 9000 clause 4.17 By ISO/IEC 17025 clause 4.13 (management requirements)
8
What is an Internal Audit ?
Systematic and independent examination of the quality management system (QMS) By someone within the organisation In addition to external audits What is an Internal Audit ? An internal audit is an examination of the quality management system undertaken by someone within the organisation. These audits are the organisation’s own process for monitoring their system and its implementation. Internal audits are conducted in addition to external audits. External audits involve and an auditor from an accrediting or certifying body visiting the organisation to examine the QMS to ensure the it meets the standard requirements.
9
The Internal Audit Process
Scheduled Audits programme managed by Quality Manager examine documents, results, processes identify problems improve Unscheduled Audits investigate problem The Internal Audit Process Audits are conducted as part of an internal audit programme which is managed by the Quality Manager. The documents within the QMS, the processes outlined in the documents and the final test results are examined during the audit. Problems within the system are usually identified and must be resolved using the corrective action program. In most cases the QMS documentation will need to be altered to prevent the problem from recurring. At other times audits may be conducted in response to a problem within the system. These unscheduled audits aim to fix the problem and improved the system to prevent recurrence.
10
Why Internal Auditing ? Is QMS implemented exactly as intended ?
To investigate a problem why did it occur ? how can it be resolved ? how can it be prevented in future ? Identify opportunities to improve Does the QMS meet requirements of standards ? Why Internal Audits Internal audits serve four main purposes: To determine whether the system in place is being implemented exactly as intended ie. are all procedures and work instruction being followed as they are documented ? To identify any problem within the system and determine how the system allowed it to occur, how the problem can be resolved and how to improve the system so that the problem will not recur. To identify areas within the system which can be improved. To determine whether the QMS meets the specified requirements which are critical to the organisation ie. relevant standards, regulations, client needs. It is also an excellent opportunity to determine if the appropriate resources are available to carried out required tasks.
11
Types of Internal Audits
Horizontal all departments audited against one element of standard or procedure Vertical one department audited against all element of standard or procedure Types of Audits There are generally two types of audits: Horizontal Audits In this approach the audit program is based on periodic audits directed at the application of particular elements across the organisation. One element is chosen, for example document control, and the application of this element is examined in all departments eg. document control would be audited in Serology, Virology and Administration. This type of audit is useful in identifying differences in the interpretation or application of quality system procedures between different parts of the organisation. A horizontal audit does not address the interaction between different procedures or processes. Vertical Audits In this approach a particular test or process is chosen and all inputs, operations and activities that go into conducting the test are examined i.e all elements of the standard are reviewed in one department. For example, with an EIA test all steps which go towards producing a results are examined, from when the sample was first booked into accession to when the report was released. The most practical way to conduct a vertical audit is to choose a test report and follow the records and procedures back through the system to ensure all activities were adequately completed. Reagents, equipment, staff skills, procedures and document control are all reviewed in relation to this sample. A vertical audit examines the interfaces between all the systems elements and procedures but may miss the inconsistent application of procedures between different activities.
12
Standard Requirements: ISO 9001 and 17025
Audit program Documented procedures Auditors independent of activity Audit results documented and reported to management Prompt action after problems identified Follow up activities Standard Requirements ISO 9001 and 17025 The internal audit program is an integral part of the quality management system and has a dedicated clause in both ISO 9001 and ISO The requirement of each clause is similar and is summarised below: audits must be conducted audit and follow up process must be documented audits must be scheduled on the basis of the status and importance of the activity auditors must be independent, i.e. they are not responsible for the area or task they are auditing audit results must be recorded and reviewed by management action must be taken after identifying a problem during audit all problems identified during the audit must be followed up to ensure they have been resolved and that the resolution is effective The remainder of this section will address the standard requirements.
13
Management’s Responsibility
Define internal auditing policy Assign responsibility of internal audit program Quality Manager Must be advised of internal audit outcomes discussed at management review Management’s Responsibility If an internal audit program is to be successful everyone within the organisation must be aware of the program and its objectives. Management must develop a policy on internal auditing which is included in the quality manual and is communicated to all staff. Management must designate a staff member, usually the Quality Manager, responsibility to establish and implement the program. Management will determine how and when they are advised of the outcomes of the audit program. Possibly the best way to ensure audit reports are reviewed by management is by including them as an agenda item in the management review meetings.
14
Quality Manager’s Responsibility
Establish & maintain internal audit system Develop schedule Coordinate audits Manage corrective action system Advise management audit outcomes Quality Manager’s Responsibility It is the responsibility of the Quality Manager to establish, manage and monitor the internal audit program. To establish a program, the Quality Manager will need to develop and document auditing procedures, establish auditing schedules, select and train internal auditors and develop audit report and corrective action forms. To maintain the program after its establishment the Quality Manager will coordinate the audits using the schedule, and ensure their timely delivery. Corrective action system must be monitored and maintained. Management must be regularly advised of audit outcomes.
15
Who Audits ? Trained & qualified auditors
Quality Manager selects and trains internal auditors observer on Quality Manager’s audits fist audit under supervision of qualified auditor Independent of the activity to be audited Who Audits ? In the early stages of the audit program the Quality Manager will play a key role in each of the audits. As the program becomes more established the audits will be conducted by staff from a pool of internal auditors. Internal auditors are chosen and trained by the Quality Manager. Ideally the internal auditor should have an understanding of the QMS, knowledge of testing technologies, ability to analyse situations and good communication skills. Internal Auditor training should include observing a qualified auditor on an internal audit. In most cases this will be the Quality Manager. The newly trained internal auditor will conduct their first audit under the supervision of a trained auditor. Ideally, the Quality Manager has attended an internal audit training course to gain his own qualifications and knowledge of internal auditing Auditors must be independent of the area of which they will audit. For example, the head of Serology can not audit the Serology laboratory and the Quality Manager can not audit the internal audit section. Rather, the Quality Manager could audit the Serology laboratory and the head of Serology could audit the internal audit process.
16
Audit Schedule Annual Address all elements of the quality system
not all departments Frequency ? critical areas Audit Schedule The audit schedule should be produced annually and include all audits which must be conducted during the year. All elements of the QMS must be addressed in the schedule but these elements do not need to be examined in every laboratory. The frequency of audits is left to the judgement of the Quality Manager; neither ISO 9000 nor ISO specify how often audits are conducted. Audits should be scheduled ‘on the basis of importance and status’ which means that critical areas which will affect the quality of your test result should be visited more frequently than those activities of less importance. Remember, not all of the element of the QMS have equal impact on the quality of a test result.
17
Documents used in Internal Auditing
Checklists Corrective action request forms Audit report forms Document used in Internal Auditing It is the responsibility of the Quality Manager to develop and manage the working documents that are used in internal auditing. Checklists are prepared by the auditor during preparation stage and are filled out during the audit Corrective Action Request Forms record any problems identified during the audit and are used to monitor the resolution of the problem. Audit Report Forms are used by the auditor to summarise the audit. These documents should be as simple as possible, for ease of use.
18
Documenting the Audit Program (1)
Quality Manual quality policy on internal auditing responsibility for internal audits Documenting the Audit Program (1) After the Quality Manager has developed the overall audit concept, the audit program must be documented. Quality Manual In a small organisation the documents relating to the audit program may be included in the Quality Manual. In larger organisations the Quality Manual is a general document relating to the quality system and the standard. Detail on the ‘how to do’ is maintained in procedures and work instructions. In a larger organisation the Quality Manual should contain the overall policy for internal audits and the define who is responsibility for the audit programs.
19
Documenting the Audit Program (2)
Internal audit procedure(s) selection and training of auditors scheduling audits responsibilities of auditors preparation, conducting and reporting on audits identifying, resolving and following up corrective actions reporting audit results to management Documenting the Audit Program (2) Internal Audit Procedure A description on how the audit program is to be implemented and the detailed responsibilities of those involved with the program will be documented in the internal audit procedure and work instructions. The elements which must be addressed are listed above, most of which are discussed in detail within this section. An example of an internal audit procedure is provided at the end of this section.
20
Effective Auditing (1) Gather evidence about compliance with quality system or standard Effective Auditing (1) The aim of the audit is to gather evidence about the work done and its compliance with the standard or documented procedures it claims to follow.
21
Effective Auditing (2) Gather information about:
process, operating procedures staff, equipment, test methods environment, handling of samples quality control, verification activities recording and reporting practices. Compare with documented system Identify breakdown in system or departure from procedures Effective Auditing (2) During the audit the auditor must: Gather information about the process, operating procedures, staff, equipment, test methods, environment, handling of samples, quality control and verification activities, and recording and reporting practices. Evaluate this information against the documented quality system and the procedures and work instructions.
22
What to Audit Systems audit Technical audit Combination
adherence to documented procedures Technical audit Technical correctness adherence to documented procedures/test methods auditor must have technical knowledge of test Combination vertical audit What to Audit A laboratory internal audit is usually a systems audit or a technical audit, or possibly a combination of both. Systems audit Directed at management or administration activities such as reception of samples or preparation and issue of test reports. Directed at adherence to the documented procedures - ’are you doing exactly what you say you are doing in your procedure?’ Technical audit Directed at technical correctness of each activity such as the actual performance of tests or laboratory quality control. The auditor conducting a technical audit must have technical knowledge of the process or test method to be able to understand the implications of incorrectly performing the activity. Combination audits Audits which involve the whole laboratory or all processes within a particular department i.e. vertical audit.
23
What to Audit - Technical Audit
Staff Methods Equipment Testing Environment Samples and Test Items Quality Control Computers Records and Reports What to Audit - Technical Audit The above list suggests the many different elements which should be examined when conducting a technical audit.
24
Audit Preparation Quality Manager determines Contact auditee
audit team lead auditor audit details scope of audit time, date, duration Contact auditee date, time, type & duration Audit Preparation When an audit is due, according to the audit schedule, it is the Quality Manager’s responsibility to select who will conduct the audit. If the audit is a large audit taking more than a day a team may need to be selected, the Quality Manager selecting the lead auditor. The Quality Manager must brief the auditor/audit team, advising on the scope of the audit i.e. what is to be audited (which activities, test methods) in which area of the organisation, against what criteria (standard, quality manual, procedures) The auditor should contact the auditee to brief them on the upcoming audit, advising them of the scope, time and expected duration.
25
Conducting the Audit 1. Audit Plan 2. Develop Checklists
3. Opening Meeting Conducting the Audit 4. Gather Evidence 5. Record Results Conducting the Audit From this point it is the internal auditors responsibility to conduct the audit. This involves a number of different steps which are summarised above. 6. Closing Meeting 7. Audit Report
26
1. Audit Plan Objectives & scope Collect documents History
standard, procedure, work instructions, forms desk top review History 1. Audit Plan After accepting the audit it is the lead auditor’s responsibility to plan for the audit. Auditors should gather and study the briefing documents to familiarise themselves with the activities which are to be audited. This may include procedures, work instructions, forms, quality manual, regulatory documents and the standard. Often, part of the audit can be conducted before the proper audit by conducting a desk top review. This involves reviewing the documented system (procedures and work instructions) for compliance with standards. Reports from any previous audits, external assessments and corrective actions should be examined. Any issues raised in these documents which required corrective action should be listed on the audit checklist and the resolution of these issues checked.
27
2. Developing Checklists
Guidelines Review documents identify important aspects of the activity list in logical order set of questions 2. Developing Checklists As part of the audit plan the auditor will prepare a checklist which will be used throughout the audit The checklist is a guideline which will lead the auditor though the audit in a logical manner and act as a prompt, reminding the auditor to ask questions, check documents and records. To develop a checklist the documents must be reviewed to identify the important aspects of the activity i.e. activities which must be conducted to meet the requirements of the standard or the documented system. List these activities in a logical order. The checklist will form the basis of the questions the auditor will ask during the audit. The activities may be listed on the checklist in the form of questions which will be asked directly to the auditee, or the checklist can include notes in point form from which the auditor will structure audit questions.
28
P-AD-0012 3.5 Audit Follow-up Activities
It may be necessary for a follow-up audit to be performed to verify the effectiveness of any corrective action carried out. Corrective action, and subsequent follow-up audits, should be completed within a time period agreed to by the auditee, in consultation with the auditor. The Quality Manager should schedule the follow-up audit and enter details on the Audit Schedule and the Audit Status Log. Developing Checklists P-AD Audit Follow-up Activities The above paragraphs are taken from the NRL procedure for Internal Auditing. Section 3.5 describes the requirements for follow up activities in the NRL audit program. The sections highlighted in clause 3.5 are activities which should be investigated during the audit. These activities are ‘auditable’ as the procedure states that they should or must be implemented. A checklist is presented on the next page which is developed from clause This checklist would be used by an auditor to audit the internal audit program.
29
Audit Checklist The above checklist lists the activities which must be completed according to P-AD-0012. It may be useful to include in the interview a question relating to ‘why a task is required’. This gathers information on the staff knowledge of and familiarity with the documented quality system. In all audits, the documents in use within the area should be checked for compliance with the document control procedure.
30
3. Opening Meeting Who ? What ? auditor/audit team auditee
any staff from area to be audited that may be interviewed What ? Scope expected duration 3. Opening Meeting The manager of the area to be audited and staff members which will be involved in the audit should be included in the opening meeting. At this point the auditor or lead auditor will reiterate the scope and expected duration of the audit.
31
4.1 Gather Evidence about Compliance
Interviews ask questions about system and its implementation who, what, when, how, where, why ? other questions direct hypothetical clarifying 4.1 Gather evidence about compliance Reviewing the system and gathering evidence can be achieved by using three basic techniques: Interviewing staff Ask questions about the system and its implementation. Six questions which will provide information effectively and efficiently are: who, what, when, how, where and why. These questions will produce answers of substance and keep dialogue flowing between the auditor and auditee. Other questions to ask: include direct questions ‘ do you always…..?’ hypothetical questions ‘what would you do if……?’ clarifying questions ‘I don’t understand, can you please explain……?’.
32
4.2 Gather Evidence about Compliance
Examine documents procedures, work instructions, forms, quality manual copies controlled ? available ? correct issue status ? used in manner intended ? Quality Records stored correctly ? used as objective evidence many forms 4.2 Gather evidence about compliance Examine documents - Procedures, work instructions, forms, test reports, any documents which are involved in a testing process, should be examined for compliance and document control. Controlled copies should be available to appropriate people. These copies must be of the correct issue status and being used in the manner intended. Quality records must be in compliance with the instructions given in the relevant procedure/ work instruction and be stored according to the documented procedures. Examining quality records is a means of confirming that processes have been correctly completed and can be used to obtain objective evidence in vertical audits. Remember that quality records may be in the form of control charts and test reports.
33
4.3 Gather Evidence about Compliance
Observe activities what is said or written may not reflect practice “show me” Examine facilities as travel through laboratory/offices examine: equipment standard of housekeeping size and layout of working area environment eg. temperature in lab 4.3 Gather evidence about compliance Observe activities A lot of information will be gathered by asking questions but this information should not always be taken at face value. What is said, or what is written in procedures, may not be occurring in practice. The only way to confirm this is to ask the auditee to carry out the task and observe the activities. Examine facilities As the auditor travels through laboratories the organisation’s facilities should be observed. Examine equipment, appraising the standard of tidiness and evaluating the size and layout of the working areas.
34
Record on checklists activities which do not adhere to quality system
5. Recording Results Record on checklists activities which do not adhere to quality system may be classified major non-conformance minor non-conformance areas for improvement 5. Recording results During the auditing process activities or documents will be identified which do not strictly adhere to the quality management system. These discrepancies should be recorded on the audit checklist with reference to the original documents. Objective evidence must be identified. A discrepancy in the system is called a non-conformance. These may be divided further to include: A major non-conformance - a serious breakdown in the system which will effect the quality of the test result. An example of a major non-conformance is a significant problem with the reception or identification of samples when they come into the laboratory. A minor non-conformance - an issue which does not adhere to the documented procedures but will not critically effect the quality of the test result. This issue must be rectified but this does not need to occur immediately. An example of a minor non-conformance may be a staff members ‘skills register' which is not up to date. During the audit the auditor may identify duplication in the system or ways in which the system can be improved. These issues should be documented on the checklist and can be discussed with the auditee as areas for possible improvement.
35
6. Closing Meeting(s) Audit team meeting Closing meeting
discuss audit results Closing meeting discuss corrective actions determine resolution dates Identify corrective actions use corrective action forms 6. Closing Meeting(s) The audit team should meet after the audit to consolidate audit findings. The auditee/s and the auditor/s meet at a closing meeting where the auditor briefs the auditee on findings identified during the audit. All non-conformances raised, appropriate responses and time frames are discussed with the auditee. Non-conformances are identified on Corrective Action Report forms (CARs). CARs are multi-purpose forms which record the non-conformance, the agreed corrective action and the resolution. In collaboration with the auditee the auditor suggests a resolution and determines an expected completion date.
36
7. Audit Report Audit details Summary of findings Distribute
corrective actions numbered objective evidence reference the document observations Distribute 7. Audit Report The (lead) auditor must summarise the audit findings in an audit report. (an example of an internal audit report form is provided at the end of this section). The audit report must include: audit details such as the audit date, the auditor(s), area and activity to be audited, summary of audit outcomes, a list of corrective actions raised during the audit and their identification numbers objective evidence to back up the non-conformance any observations or suggested areas for improvement. The audit report should be distributed to the auditee and the Quality Manager. The Quality Manager logs the audit report into the Audit log and allocates a unique audit report number.
37
Corrective and Preventive Action
38
Outline What is a corrective action ? What is a preventive action ?
Corrective and preventive action program Corrective and preventive action process
39
Corrective & Preventive Action Required:
By ISO 9000 clause 4.14 By ISO/IEC 17025 clause 4.10 corrective action clause 4.11 preventive action
40
Corrective Action An action taken to correct a problem
incorrect result departure from procedure Corrective Action An action taken to correct a problem or non-conformance within the QMS. A non-conformance may be: the production of an incorrect result. any step within a process which contributed to an incorrect result. when the documented quality system is not followed exactly as intended. when the quality system does not meet the requirements of the standard.
41
Preventive Action A proactive process to identify
improvement opportunities potential sources of non-conformance Preventive Action A proactive process which when implemented may prevent a corrective action. Preventive actions may be: improvements to the quality system actions taken to prevent future non-conformances
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.