ZAKAYO INDUSTRIES SMC – LIMITED

PROCEDURE FOR INTERNAL AUDIT

SOP Number: ZI/SOP/QIA/01

1
Table of Contents
2. Purpose..................................................................................................................3
3. Scope.....................................................................................................................3
4. Definitions............................................................................................................. 3
5. Responsibility.........................................................................................................4
6. Procedure...............................................................................................................5
6.1 Process Mapping for Internal Audit................................................................5
6.3............................................................................................................................5
6.2 Main Steps for Quality Internal Audit..............................................................6
6.3 Responsibility Matrix for Internal Audit...........................................................8
6.4 KEY................................................................................................................9
7. Related Documents................................................................................................. 9
8. References..............................................................................................................9
9. Revision History.....................................................................................................9

2
2. Purpose
To lay down a procedure for periodic internal audits to ensure compliance with
requirements. This provides information on whether the quality management system
conforms to Zakayo’s requirements for the quality management system, the requirements of
ISO 9001:2015, and if they are effectively implemented and maintained
3. Scope
The procedure shall apply to all departments of Zakayo industries
4. Definitions
4.1 Audit: - Systematic, independent, and documented process for obtaining audit evidence
and evaluating it objectively to determine the extent to which the audit criteria are
fulfilled
4.2 Internal Audits: - verification of processes used to determine the effective
implementation of documented quality systems and they are conducted by, or on behalf
of, the organization itself
4.3 Audit Program: - arrangements for a set of audits planned for a specific time frame and
directed toward a specific purpose
4.4 Audit Scope: - extent and boundaries of an audit which includes a description of the
physical and virtual locations, functions, activities, and processes, and the period
covered
4.5 Audit Plan: - description of the activities for an audit
4.6 Audit Criteria: - set of requirements used as a reference against which objective
evidence is compared. Examples shall include but not be limited to legal requirements,
policies, procedures, ISO requirements, and contractual obligations
4.7 Requirement: - need or expectation that is stated, generally implied, or obligatory
4.8 Objective Evidence: - data supporting the existence of something and it shall be
obtained through observation, measurement, test, or by other means
4.9 Audit findings: - results of the evaluation of the collected Objective evidence against
audit criteria
4.10 Audit conclusion: - the outcome of an audit, after consideration of the audit objectives
and all audit findings
4.11 Management Review: - continual review of the quality management system by
management to make sure the quality management system remains suitable and
effective
4.12 Effectiveness: - the extent to which planned activities are realized and planned results
achieved
4.13 Performance: - measurable result
4.14 Conformity: - fulfilment of a requirement
4.15 Nonconformity: - processes, products, or services that do not meet the specified
requirements
4.16 Competence: - ability to apply knowledge and skills to achieve intended results
4.17 Observation: - areas that could be conforming currently but if left un-addressed would
result in a major or a minor deficiency
3
4.18 Correction: - action to eliminate a detected nonconformity
4.19 Corrective action (CA): - action to eliminate the cause of a nonconformity and to
prevent recurrence
4.20 Preventive action (PA): - action to eliminate the cause of a potential nonconformity or
other potentially undesirable situation
4.21 Risk: - effect of uncertainty
4.22 Process: - set of interrelated activities and resources that transform inputs into outputs
4.23 Documentation: - Systematic, orderly, and understandable description of records,
policies, and procedures affecting the product quality
4.24 SOP: -Standard Operating Procedure
4.25 QA: -Quality Assurance
4.26 HODs: - Heads of Departments
5. Responsibility
5.1 Auditor: - staff member appointed by the QA Manager and trained to conduct the self-
assessment of the company’s quality management system
5.2 Lead auditor (QA manager): -prepare the Audit schedule, compile Audit reports,
and ensure compliance with the procedure
5.3 Audit team: -conduct the audit and prepare audit findings
5.4 Auditee: -department representative being audited
5.5 Auditee Head: -ensure access to the audited department by the audit team and that
corrective actions for the identified nonconformities are taken within a
specified time frame
5.6 Observer: - accompany the audit team but does not act as an auditor
5.7 Guide: - person appointed by the auditee to assist the audit team
5.8 Technical expert: - provides specific knowledge or expertise to the audit team and does
not act as an auditor

4
6. Procedure
6.1 Process Mapping for Internal Audit

5
6.2 Main Steps for Quality Internal Audit
6.2.1 Preparation
6.2.1.1. The QA manager shall prepare an annual audit schedule (audit
programme) considering the importance of the departmental
activities/processes and the results of the previous audits, providing for at
least one audit
6.2.1.2. The schedule shall be forwarded to the CEO for approval. Upon
approval, the QA manager shall prepare an audit plan for a specific audit
that includes the information not limited to:
 objectives for the audit program
 risks and opportunities associated with the audit program and the
actions to address them
 scope
 schedule of the audit
 audit types, such as internal or external
 audit criteria
 audit methods
 criteria for selecting audit team members
 relevant documented information
These audit program objectives shall be based on but not limited to;
 needs and expectations of relevant interested parties, both external
and internal
 characteristics of and requirements for processes, products, services,
and projects
 management system requirements
 level of performance and the occurrence of nonconformities or
incidents or complaints from interested parties
 identified risks and opportunities to the function
 results of previous audits
 sensitivity of the function of the process
 significant changes to the departmental processes
 the occurrence of internal and external events, such as
nonconformities of products or services, information security leaks,
health and safety incidents, etc
6.2.1.3. The QA manager shall determine and prepare the resources required
for the audit. He/she shall appoint members of the audit team and any
technical experts needed for the specific audit, ensuring there is objectivity,
impartiality, and competence
6.2.1.4. He/she shall forward the audit plan to the auditees and auditors for
review and confirmation of their availability in the provided timelines. If
not approved, the QA manager shall revise the plan accordingly
6.2.1.5. The QA manager shall give a notice of two weeks to the management
team, auditors, auditees, and HODs for preparation before holding an

6
 opening meeting and starting the audit. The meeting shall be chaired by the
QA manager
6.2.1.6. The QA manager shall inform all departmental team members about
the expected audit and the objective to be achieved
6.2.2 Documentation Review and Assessment
6.2.2.1. The auditors shall collect and review the information relevant to their
assigned departments and prepare documented information for the audit
such as support questions, audit checklists, and audit sampling details
6.2.3 Audit execution
6.2.3.1. The auditors shall then collect verifiable information relevant to the
audit objectives, scope, and criteria, on a sampling basis and as specified by
the audit plan as to
 determine the conformity of the system with audit criteria
 gather information to support the audit activities
Methods of collecting objective evidence shall include, but are not limited
to:
 interviews
 observations
 review of documented information
6.2.4 Data Collection and Analysis
6.2.4.1. The auditors shall take a record of areas of good practice, non-
conformities, observations, areas of improvement, and any
recommendations to the auditee
6.2.4.2. They shall initiate and provide the auditees with a Nonconformity
Report (NCR)Form (ZI/NCR/01) to establish and undertake correction and
corrective action within the indicated timeframe
6.2.5 Audit Findings and Reporting
6.2.5.1. The auditors shall draft a report comprising the areas of conformity,
positives, areas of improvement, observations, and non-conformities. They
shall hand over a copy of the draft audit report to the QA manager at least
two weeks after the audit and the original draft and the Nonconformity
report forms to the auditees
6.2.5.2. The QA manager shall monitor, review, and improve the audit program
to ensure its objectives have been achieved. He/she shall periodically
communicate the progress, any significant findings, and any concerns to the
auditee
6.2.5.3. The audit team shall meet to review the audit findings prior to the
closing meeting
6.2.5.4. A closing meeting chaired by the QA manager and attended by the
management, HODs, the audit team, the auditees, and those responsible for
the functions or processes that have been audited shall be held to present
the audit findings and conclusions
6.2.6 Communication and Recommendations

7
 6.2.6.1. The QA manager shall present an objective review of the audit results
per the audit program to management, HODs, and auditees, highlighting
any need for corrections, corrective action, and the allocated time frame
6.2.6.2. The QA manager shall compile and distribute the audit report to
relevant interested parties
6.2.6.3. The auditees shall ensure that actions are taken without undue delay to
eliminate detected nonconformities. They shall capture these corrections
and corrective actions in the NCR forms and forward them to the auditors
and QA manager for review
6.2.6.4. The auditor shall review the evidence presented and or undertake a
follow-up audit as scheduled by the QA manager to verify if the closures
are okay
6.2.6.5. The QA manager shall make closing remarks on the NCR forms as
evidence of appropriate action taken. If the closures are not okay, the
auditees shall undertake further correction and corrective action measures
6.2.6.6. The QA manager shall analyze the audit report, identify trends and
common weaknesses within the quality management system, and provide
final remarks to ensure the effectiveness of the process. This analysis shall
feed into the management review meeting (MRM) and trigger changes for
the subsequent audit program as required
6.2.6.7. The QA manager shall maintain an Internal Audit file with all the audit
reports and associated nonconformity report forms
6.3 Responsibility Matrix for Internal Audit
ACTIVITIES 1 2 3 4 GENERATED
DOCUMENTED
INFORMATION

Prepare audit schedule x Audit Schedule (Audit program)

Audit schedule approval x

Prepare audit plan x Audit plan

Approve audit plan x x

Preparation of Audit Material x Audit documents (materials)

Auditing x Draft audit reports and

Follow up Auditing x Final Audit Report

Present finding in MRM x

8
6.3.1 KEY
Auditors….1
QA manager….2
CEO…3
Auditees….4
7. Related Documents
 Management Review Meeting SOP
 CAPA SOP
 Document Control SOP
 Risk Management SOP
8. References
 ISO 19011:2018
 ISO 9001:2015
 ISO 9000:2015
9. Revision History
Version Date Description of Approved By
change
1.0
1.1