Based on ISO 19011:2018
Initiation:
The basic right to conduct QMS audits is derived from the ‘charter’ which has been approved by upper management, following participation by all concerned.
A specific audit is initiated by the manager of the activity to be audited either by request or through approval of a program of audits. It is preferable that an audit be conducted only after a robust QMS audit program and scheme is formally implemented in the organization.
Planning:
An audit plan should be prepared to inform the manager of the activity being audited and the participating auditors regarding the details of the impending audit. Vital elements of the plan include (1) a definition of the scope and objectives of the audit, (2) identification of the area to be audited, (3) identification of the auditor(s), (4) a schedule including the expected start and completion time for the audit, (5) reference to any relevant standard or procedures, and (6) audit documentation.
Several areas of audit planning warrant highlighting here…
Scheduling:
Most auditing is done on a scheduled basis which enables all concerned to organize workloads, assign personnel, and conduct other necessary activities in an orderly manner. It also minimizes the irritations that are inevitable when auditors are unannounced.
Areas Audited:
The amount of execution plans is simply enormous, and priorities must be determined. Consequently, the audit of execution must be based on sampling; even the choice of sampling methods turns out to be an intricate problem. In contrast, the ‘sampling’ for audit of plans is fairly simple. Plans change slowly, therefore periodic audits, even every one, two or three years, are adequate.
In one large electronics company the audit of divisional practice (conducted by corporate staff auditors) employs a plan of sampling based on selected combinations of (1) the product lines made by the company, (2) the functional activities engaged in (e.g., design, production), and (3) the subject matter within these products and activities (e.g., instrument accuracy, record keeping).
This sampling approach replaced the former approach of auditing a specific product line within a specific division and reporting the results with recommendations for action.
Another form of audit sampling is by actual processes within a product line. In this approach a group of related process functions/areas are regarded as a center for sampling purposes. Each month or so a sample is chosen at random and checked for adequacy. This approach allows for the concept of auditing both product lines as well as actual processes within the product lines.
Documentation:
The necessary ‘working papers’ for the audit should be identified and/or created. These are all the documents required for an effective audit, including (1) flow charts, (2) checklists, (3) the auditing approach, (4) forms for reporting observations, and (5) results of previous audits.
Objectivity:
The auditor is expected to be objective. Where ISO standards are available, there is less need for the auditor to make a subjective judgment and thereby less opportunity for wide differences of opinion. In any case, there should be room for the auditee to provide objective evidence which may add some additional time and delay.
Discovery of Causes:
In many companies the auditor is expected to investigate major deficiencies in an effort to determine the cause. This should happen post audit once the report is completed and efforts have been made to initiate formal corrective action or may lead to only taking a corrective action which may be simple product dispositions like scrap, RTV, rework, etc.
This investigation then becomes the basis for the auditor’s recommendation. In other companies the auditor is expected to leave search investigations to the actual process owners that are responsible for the function they are in. The auditor’s recommendations will include proposals that search investigations made typically via the CAPA process.
Confidence of Auditors:
The basic education and experience of the auditor should be sufficient to enable them to learn in short order the technological aspects of the operations they are to audit. Lacking this background, they will be unable to earn the respect of the operations personnel. In addition, they should receive special training in the human relations aspects of auditing. In today’s, environment, auditors should be well certified in the specific Industry the are auditing such as:
· Commercial Product / Services – ISO 9001 :2015
· Medical Device – ISO 13485 :2016
· Aerospace – AS9100D, IAQG
· Automotive- IATF 16949:2016
Comments