Internal Quality Auditor Course

October 25, 2021

SECTION 1 – COURSE PROGRAM

Copyright © 2014 ProSep. All Rights Reserved.

 ISO 9000 FAMILY OF STANDARDS

What is ISO?
– ISO stands for International Organization for
Standards.
– ISO is a worldwide federation of national standard
bodies (ISO member bodies)
– The work of preparing ISO is normally carried out
through ISO technical committees.
– International organizations, governmental and non-
governmental, in liaison with ISO, also take part in the
work.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 3

 ISO 9000 FAMILY OF STANDARDS

ISO 9000* - Quality

Management Systems
– Fundamental and
Vocabulary

ISO 9004 – Quality

Management ISO 9001 - Quality
Systems – Management
Guidelines for Systems
Performance Requirements
Improvements

ISO 19011 are Guidelines for Quality and / or Environmental Systems Auditing

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 4

 BACKGROUND & DEVELOPMENT OF ISO 9001

Befor
1959 1969 1974 1979
e
1950
Focus to US Military NATO British BS
inspect Spec. MIL- Published Standards published
products Q-9858 Allied first
after Quality published standard
completion Assurance BS 5750
Publications guidance,
(AQAP) BS4891
& BS
5179

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 5

 BACKGROUND & DEVELOPMENT OF ISO 9001

1987 1994 2000 2008 2015

• ISO ISO 9000 • ISO 9000 Minor Focus - less

publishes was significantly changes to process more Risk
set of reviewed revised. Process 2000 rev. Management.
standards and revised Approach (Customer Acceptance stages:
. introduced. Focus) Final draft: July
• ISO 9000 • Focus shifted 2015, International
standard Sept
Series away from
2015.
introduce documentation.
d

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 6

 OTHER ISO STANDARDS

While ISO 9001 is intended to be fully generic to be

applicable for a wide range of industries, many such
industries have developed their own sector based
standards which tailor the generic ISO 9001 standards to
specific industry requirements.
Some examples:
– ISO 27001- Information Security
– API Q1 - Oil Industry
– TS 16949 - Automotive
– ISO 14001 - Environmental
– AS 9100 - Aerospace

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 7

 BENFITS OF QUALITY SYSTEMS

Prevention of mistakes
Profitability increase
Enhance customer satisfaction and reputation
Improve confidence, morale and motivation
Better and more consistent training to align with
business needs

October 25, 2021 Copyright © 2014 ProSep. All Rights Reserved. 8

 BENEFITS OF ISO 9001 CERTIFICATION

QMS is based on a worldwide, proven and

recognized standard
External independent audits
On-going monitoring
Increased marketing opportunities
Improved employee morale

October 25 2021 Copyright © 2014 ProSep. All Rights Reserved. 9

 QUALITY MANAGEMENT PRINCIPLES

1. Customer Focus
2. Leadership
3. Involvement of People
4. Process Approach
5. System Approach to Management
6. Continual Improvement
7. Factual Approach to Decision Making
8. Mutually Beneficial Supplier Relationships

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 10

 QUALITY SYSTEMS BENEFITS

Customer Focus
Organizations depend on their customers and
therefore should understand current and future
customer needs, should meet customer
requirements and strive to exceed customer
expectations.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 11

 QUALITY SYSTEMS BENEFITS

Leadership
Leaders establish unity of purpose and direction of
the organization.
Leaders should create and maintain the internal
environment in which people can become fully
involved in achieving the organization’s objectives.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 12

 QUALITY SYSTEMS BENEFITS

Involvement of People
People at all levels are the essence of the
organization and their full involvement enables
their abilities to be used to the benefit of the
organization.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 13

 QUALITY SYSTEMS BENEFITS

Process Approach
A desired result is achieved more efficiently when
related resources and activities are managed as a
process.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 14

 QUALITY SYSTEMS BENEFITS

Systems Approach to Management

Identifying, understanding and managing
interrelated processes as a system contributes to
the organization’s effectiveness and efficiency to
achieve it objectives.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 15

 QUALITY SYSTEMS BENEFITS

Continual Improvement
Continual improvement of the organization’s
overall performance should be a
permanent objective of the organization.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 16

 QUALITY SYSTEMS BENEFITS

Factual Approach to Decision Making

Effective decisions are based on the analysis of
data, both qualitative and quantitative information.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 17

 QUALITY SYSTEMS BENEFITS

Mutually Beneficial Supplier Relationships

An organization and its suppliers have an
independent but mutually beneficial relationship
that enhances the ability of both to create value by
leveraging each other.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 18

 WORKSHOP 2 – REASONS AND BENEFITS

Break into groups of four.

In your group discuss the following points:
– List at least three benefits to an organization that
implements a QMS.
– List at least 3 quality management principles that
promote continual improvement.

Assign time keeper, Time Limit: 10 minutes

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 19

 ISO 9000 TERMS AND DEFINITIONS

Quality – Degree to which a set of inherent

characteristics fulfils requirements.
Quality Assurance – Part of quality
management, focused on providing confidence
that quality requirements will be fulfilled.
Quality Control – Part of quality management
focused on fulfilling quality requirements.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 20

 ISO 9000 TERMS AND DEFINITIONS

Requirements – Need or expectation that is

stated, generally implied or obligatory.

REQUIREMENTS
standards
Industry

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 21

 ISO 9000 TERMS AND DEFINITIONS

Quality Management – Coordinated activities to

direct and control an organization with regard
to quality.
Please note that direction and control with
regard to quality generally includes
establishment of a quality policy and objectives,
quality planning, quality control, quality
assurance, and quality improvement.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 22

 ISO 9000 TERMS AND DEFINITIONS

Quality Policy – Overall intentions and direction

of an organization related to quality as
formally expressed by top management.
Quality Objectives – Something sought or aimed
for that is related to quality.
Quality Improvement – Part of quality
management, focused on increasing the ability
to fulfill quality requirements.
Continual Improvement – Reoccurring activity to
increase the ability to fulfill requirements.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 23

 ISO 9000 TERMS AND DEFINITIONS

Product – Results from a set process, e.g.:

– Services, Software, Hardware, Processed Materials
Audit – A systematic, independent and
documented process for obtaining audit
evidence and evaluating it objectively to
determine the extent to which audit criteria are
fulfilled. Audit Types:
– Internal and External

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 24

 ISO 9000 TERMS AND DEFINITIONS

Internal Audits – Conducted by, or on behalf of

the organization itself for internal purposes, and
may form the basis for an organization’s
declaration of conformity.
– In smaller organizations, independence can be
demonstrated by the freedom from responsibility for
the activity being audited.
– Reasons:
• To validate that current processes are compliant to
specifications or procedures
• Preventive measures to catch problems before
they occur
February 1, 2017 • Systematically improve the organizations internal
Copyright © 2014 ProSep. All Rights Reserved. 25
 ISO 9000 TERMS AND DEFINITIONS

External Audits –
– Include those generally termed second and third party
audits.
– Second-party audits - Conducted by parties having an
interest in the organization, such as customers or
persons on their behalf.
– Third-party - Conducted by external, independent
auditing organizations, such as those providing
certification/registration.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 26

 ISO 9000 TERMS AND DEFINITIONS

External Audits: Second-party audits, reasons:

– Provides input to selecting, grading and approving
suppliers.
– Provides help to improve the QMS of suppliers
– Increases mutual understanding of QMS
requirements

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 27

 ISO 9000 TERMS AND DEFINITIONS

External Audits: Third-party audits –

– Carried out by competent certification bodies
– Auditors must be independent and not provide advice
or consultancy
– Background
Note:
1950’s and 1970’s: more and more second party audits were being
carried out.
Some companies employed people whose sole responsibility
was to escort visiting auditors during audits.
Certification bodies were created after ISO 9000 was introduced.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 28

 ISO 9000 TERMS AND DEFINITIONS

Nonconformity – Non-fulfillment of a
requirement, specification, or standard.
Corrective Action – Action taken to eliminate the
cause of a detected nonconformity or other
undesirable situation.
Preventive Action – Action taken to eliminate the
cause of a potential nonconformity or other
undesirable potential situation.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 29

 ISO 9000 TERMS AND DEFINITIONS

Procedure – Specified way to carry out an

activity or a process:
– Note 1: Procedures can be documented or not
– Note 2: When a procedure is documented, the term
“written procedure” or “documented procedure” is
frequently used

Inspection – Conformity evaluation by

observation and judgment accompanied
as appropriate by measurement,
testing, or gauging.
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 30
 ISO 9000 TERMS AND DEFINITIONS

Verification – Confirmation through the provision

or objective evidence that specified
requirements have been fulfilled. (e.g.:
measurement)
Validation – Confirmation through the provision
of objective evidence that the requirements
for specific intended use or application have
been fulfilled. (e.g.: Process is working as
intended).
Review – Activity taken to determine the
suitability, adequacy and effectiveness of subject
matter to achieve established objectives.
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 31
 ISO 9000 TERMS AND DEFINITIONS

Specification – A document stating requirements

Auditor – Person with the demonstrated
personal attributes and competence to conduct
and audit
Auditee – Organization being audited.
Outsourced process – Is a process the
organization needs for its QMS and which the
organization chooses to have performed by an
external party. (ref: ISO 9001 standard)

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 32

 THE PROCESS APPROACH

ISO 9000 defines a process as: a set of

interrelated or interacting activities which
transforms inputs into outputs.
– The process approach is one of the most important
concepts of ISO 9001

Inputs Process Outputs

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 33

 ISO 9000 TERMS AND DEFINITIONS

To determine a process, you must determine the

set of inputs required to have the desired
output.
Define the processes to conduct business in the
organization.
Determine the monitoring and measuring
activities.
Determine the sequence and interaction.
– Review some of ProSep’s internal department
processes

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 34

SECTION 2 – ISO 9000 SCOPE

Copyright © 2014 ProSep. All Rights Reserved.

 SECTION 2 - OUTLINE

Scope of ISO 9001:2015

Clause 4: Quality Management System
Workshop 4
Clause 5: Management Responsibility
Clause 6: Resource Management
Workshop 5
Clause 7: Product Realization
Workshop 6
Clause 8: Measurement, Analysis & Improvement
Workshop 7

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 36

 AIMS AND OBJECTIVES

Customer requirements
Demonstrates ability to
consistently provide
product that meets: Compliant to
QMS requirements for statutory/regulator
an organization that y requirements
meets:
Aims to enhance
Effective system
application
customer satisfaction
through:
System continual
improvement

Assurance of Customer requirements

conformity to:

Applicable statutory &

regulatory
requirements

These objectives translate into:

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 37
 SCOPE OF ISO 9001:2015

One of the first tasks an organization must do

when deciding to seek ISO 9001 certification, is
to define the scope of the quality management
system to be implemented.
The scope relates to the areas of the
organization what will actually be affected or will
have to conform to the ISO 9001 standard.
It is important for auditors to be aware of the
scope of the system and the standard.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 38

 SCOPE OF ISO 9001:2015

Statements of scope may start with the following

aspects:

Activity
Design,
Manufacturing,
Repair,
Delivery, etc.

Product or Limitations
Service
Locations/Site,
Chemicals,
Admin. Divisions,
Processing, Geographical area,
etc.
Manufacturing,
etc.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 39

 SCOPE OF ISO 9001:2015

Organizations Activity
Design,
– Can choose not to have all of Manufacturing,
their products covered by their Repair,
Delivery, etc.
quality system (Clause 7).
– They cannot take an option Limitations
out of their responsibilities Exclusions Locations/Site,
ISO 9001, Divisions,
within the quality system when
Clause 7 Geographical
seeking certification or if they area, etc.
have obtained certification.
Product or Service
Chemicals, Admin.
Processing,
Manufacturing, etc.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 40

 SCOPE OF ISO 9001:2015

Clause 4: Quality Management System

General Requirements:
– Section 4.1 requires organizations to document,
implement and maintain quality management system
and continually improve its effectiveness.
– Most of the requirements set forth in this clause are
re-stated in other parts of the standard; however this
section forms the basis for the development of
the whole quality management system.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 41

 SCOPE OF ISO 9001:2015

QMS outline of requirements:

– Determine the processes needed for the quality
management system and their application throughout the
organization.
– Determine their sequence & interaction of these
processes.
– Determine criteria & methods for their effective operation
and control.
– Ensure resources and information are available.
– Monitor, measure, and analyze the processes.
– Implement actions necessary to achieve planned results
and continual improvement.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 42

 ISO 9001:2015

• PDCA is a common
Determine the
processes problem solving method.
(inputs and
desired outputs), • DMAIC: “Define, Measure,
their interaction,
and criteria
Analyze, Improve, &
Control” is the Six Sigma
preferred method for
problem solving.

Implement Ensure proper

actions to Continued resources and
achieve planned
results Improvemen information are
available
t

Monitor,
Measure, and
analyze

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 43

 SCOPE OF ISO 9001:2015

Outsourcing of Processes:
– The standard requires the
organization to ensure
Calibration
control over such
processes.
– The control level must be
Engineering
defined by the organization
in the QMS.
– Ensuring control over Maintenance
outsourced processes does
not absolve the
organization of the
responsibility of conformity
Internal Audits
to all customer. statutory,
and regulatory
requirements.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 44

 SCOPE OF ISO 9001:2015

Documentation Requirements
– Specifies what documents are necessary for any
quality management system and outlines what should
be a part of those documents.

Documented statements of quality policy and objectives

A Quality Manual

Documents procedures and records required by the standard.

Documents including records needed by the organization

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 45

 SCOPE OF ISO 9001:2015

Quality Manual
The organization shall establish and maintain a quality manual that
includes:
– The scope of the quality system including justification for
any inclusions
– If any standards are excluded then these must be
specified including justification for the exclusion claimed
– The documented procedures established for the
quality management system or references to them
– A description of the interaction between the processes of
the QMS

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 46

 SCOPE OF ISO 9001:2015

4.2.3 Control of Documents

Ensure those documents which are necessary for the effective
operation of the QMS are under control.
A documented procedure is required to define the following
controls:
• Approval prior to issue
• Review and updates as necessary
• Identification of changes and revision status
• Availability at points of use
• Legibility and identification
• Documents of external origin are controlled
• Obsolete documents are prevented from unintended
use
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 47
 SCOPE OF ISO 9001:2015

Example of processes addressed by a Control of

Documents procedure:
Title: Document Control

Phase
New Document

Uncontrolled Controlled
Document Creation Review and approval Implementation
Document Documen
t
Documents
Existi ng

Request for change Document change

Documents of
External Origin
Support

Obsolete (Projects or
Document other)
s

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 48

 SCOPE OF ISO 9001:2015

4.2.4 Control of Records

Records are required to be established and
maintained to:
• Provide evidence of product conformity
• Demonstrate effective operation of QMS
• Records must be:
• Legible
• Readily identifiable
• Readily Retrievable (e.g. if it takes too long to
retrieve, then recording system is lacking)

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 49

 COMPLIANCE - ISO 9001
COMPLIANCE

Conformance and Non Conformance

This explains what conformance and non conformance

mean.
• ISO 9001:2015
• Procedure assigned by the instructor
 Using a Green highlighter, mark means compliant areas.
 Using a Red highlighter, mark means not compliant.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 50

 SCOPE OF ISO 9001:2015

Clause 5: Management Responsibility

5.1 Management Commitment
This requirement calls for top management of an organization to be
committed to the development and improvement of the quality
system:
Communicate the importance of meeting customer,
statutory & regulatory requirements.

Establish the Quality Policy and convey to

all levels in organization

Ensure Quality Objectives are

established and convey to
appropriate levels
Conduct
Management
Reviews

Ensure resource
availability
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 51
 SCOPE OF ISO 9001:2015

5.2 Customer Focus

Top management shall ensure that customer requirements
are determined and met with the goal of enhancing
customer satisfaction (ref. 7.2.1 and 8.2.1).

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 52

 SCOPE OF ISO 9001:2015

5.3 Quality Policy

A formally documented policy is required which:
• Is appropriate to the purpose of the organization
• Includes a commitment to comply with requirements
• Includes a commitment to continually improve the quality
management system effectiveness
• Provides a framework for establishing and reviewing
quality objectives
• Is reviewed for continuing suitability

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 53

 SCOPE OF ISO 9001:2015

5.4.1 Quality Objectives

Top management shall ensure that quality objectives
including those needed to meet requirements for product are
established at relevant functions and levels within the
organization.
The quality objectives shall be measureable and is
consistent with the quality policy.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 54

 SCOPE OF ISO 9001:2015

5.4.2 Quality Management System Planning

Top management shall ensure that:
• The planning of the quality management system is carried
out in order to meet the general requirements as well as
the quality objectives.
• When changes to the QMS are planned and implemented
the integrity of the quality management system is
maintained.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 55

 SCOPE OF ISO 9001:2015

1. Responsibility and Authority

Responsibilities and authorities need to be defined and
communicated
within the organization.

2. Management Representative
Top management is required to appoint a member of the organization
who, irrespective or other responsibilities shall have responsibility
and authority that includes:
• Ensuring processes are established, implemented and maintained
• Reporting on the performance of the system
• Reporting on the need for improvements to the system
• Ensuring the promotion of awareness of customer
requirements throughout the organization

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 56

 SCOPE OF ISO 9001:2015

5.5.3 Internal Communication

Top management shall ensure that appropriate
communication processes are established within the
organization and that communication takes place regarding
the effectiveness of the quality management system.
Methods of Communication:
• Presentation
• Company Intranet
• Training
• Bulletin Boards
• Etc.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 57

 SCOPE OF ISO 9001:2015

5.6 Management Reviews

Top management is required to review the suitability,
adequacy, and effectiveness of the QMS at planned
intervals. The review also includes an assessment of
opportunities for improvement of the QMS, Quality Policy
and Objectives.
Review Inputs:
• A definitive set of inputs for the review process is provided by
the standard
Review Outputs:
• The management review meeting needs to yield decisions
and actions

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 58

 SCOPE OF ISO 9001:2015

6.2 Human Resources

People performing work affecting conformity to product
requirements shall be competent on the basis of appropriate
education, training, skills and experience.
6.2.2 Competence, Awareness, & Training
Organization is required to determine:
• Competency requirements
• Identify any competency gaps and provide training or other
actions to fill those gaps
• The effectiveness of any actions taken to fill competency gaps
needs to be evaluated
• People are required to be made aware of the relevance and
importance of their activities and how they contribute to the
achievement of the quality objectives

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 59

 SCOPE OF ISO 9001:2015

6.3 Infrastructure
Organization is required to formally consider what facilities
are needed to support their activities, this includes but is not
limited to work-space, utilities, equipment, hardware,
software, support services, transport, communication, and
information systems.
6.4 Work Environment
The work environment needs to be determined and
managed to achieve conformity to product requirements.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 60

 SCOPE OF ISO 9001:2015

8.2.2 Internal
Audits
Organizations are required to conduct internal audits at
planned intervals to determine whether the quality
management system:
• Conforms to the planned arrangements, to the requirements
of ISO 9001 and to the QMS requirements established by the
organization
• Is effectively implemented and maintained
• Audits are to be planned, taking into consideration the status
and importance of the processes and areas to be audited,
including the previous audit results

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 61

 SCOPE OF ISO 9001:2015

Continued –
• The audit criteria, scope and frequency and methods are
to be defined. A documented procedure is required (see
audit procedure and internal audit schedule).
• Selection of auditors and conduct of audits shall ensure
objectivity and impartiality of the audit process.
• The management responsible for the area being audited
is required to take actions on the results of the audit
without undue delay. Follow-up activities are required
to verify the actions taken.
• Records are required.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 62

 SCOPE OF ISO 9001:2015

8.2.3 Monitoring and Measurement of Processes

The organization will apply suitable methods fro monitoring
and where applicable, measurement of the QMS processes.
These methods are to demonstrate the ability of the
processes to achieve planned results.
When planned results are not achieved, correction and
corrective action shall be taken as appropriate.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 63

 SCOPE OF ISO 9001:2015

Example of monitoring processes:

Inspection

Order
Materials Warehouse
review/proc Production
Planning &
essessing
Shipping

Quote turn Production Production Inventory

around Backlog Cycle time accuracy
time

Internal Audits and Performance Measurements

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 64

 SCOPE OF ISO 9001:2015

8.3 Control of Non-conforming Product

Product that does not conform to requirements must be identified and controlled
to prevent its unintended use or delivery in accordance with a documented
procedure.
Examples of ways to handle nonconforming products:
• By taking action to eliminate the detected nonconformity
• By authorizing its use, release or acceptance under concession by a relevant
authority and, where applicable, by the customer
• By taking action to preclude its original intended use or application
• By taking the appropriate action to handle the effects or potential effects, in
cases where the nonconforming product is detected after product delivery
Any corrected nonconforming product must be re-verified to demonstrate
conformity to requirements.
Records must be maintained for these actions.
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 65
 SCOPE OF ISO 9001:2015

8.5.1 Continual Improvement

The organization shall continually improve the effectiveness
of the quality management system through the use of:
• The Quality Policy
• Quality Objectives
• Audit Results
• Analysis of Data
• Corrective and Preventive actions
• Management Review

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 66

 SCOPE OF ISO 9001:2015

8.5.2 Corrective
TheAction
organization must take action to eliminate the causes of
nonconformities in order to prevent their reoccurrence.
Time frames are given to close out non conformances.
A documented procedure is required to define:
• Reviewing nonconformities (including customer
complaints)
• Determining the causes of nonconformities
• Evaluating the need for action to ensure nonconformities do not
occur
• Determining and implementing actions needed
• Records or actions taken
• Reviewing the effectiveness of the corrective action taken
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 67
 SCOPE OF ISO 9001:2015

8.5.3 Preventive
Action
Similar requirements apply to preventive action as for
corrective action:
• Documents procedure
• Determine cause of potential nonconformities to prevent
occurrence
• Maintain records
• Review effectiveness

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 68

 ISO 9011
PRINCIPLES OF AUDITING

Copyright © 2014 ProSep. All Rights Reserved.

 SCOPE OF ISO 9011 – Principles of Auditing

There are 5 principles of auditing:

1. Ethical conduct – the foundation of professionalism
2. Fair presentation – report truthfully and accurately
3. Due professional care – diligence and judgment
4. Independence – free from bias and conflict of interest
5. Evidence-based approach – rational method for reaching
reliable and reproducible audit conclusions in a
systematic audit process

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 70

 SCOPE OF ISO 9011 – Principles of Auditing

Audit Planning:
Audit Team and Lead Auditor – ensure an audit team has
been selected that has the competence (subject matter
experts) to achieve the audit objectives.

Lead Auditor is the most experienced and will follow formal

auditing protocol covered in the following information.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 71

 SCOPE OF ISO 9011 – Principles of Auditing

Audit Objectives:
1. Determine the conformity of the organization’s
management system utilizing objective audit criteria.
2. Management System capability to ensure compliance
with statutory, regulatory and contractual requirements.
3. Evaluation of the effectiveness of the management
system to meet specified objectives (i.e.: Quality
Objectives & other as specified).
4. Identify areas of potential improvements.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 72

 SCOPE OF ISO 9011 – Principles of Auditing

Audit Scope:
The scope of the audit describes the extent and boundaries
of the audit, e.g. physical location, organizational
units/departments, activities, processes and the designated
audit length.
Audit Criteria:
The audit criteria is used as a reference against which
conformity is determined which may include:
• policies, procedures, standards, laws/regulations,
management system requirements, contractual
requirements.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 73

 SCOPE OF ISO 9011 – Principles of Auditing

Audit Feasibility:
In some cases there may be a lack of information, cooperation,
time or resources where it is more practical to reschedule the
audit.
Establishing Contact with the Auditee:
The Lead Auditor should coordinate the formal contact with the
auditee to establish:
• Point contact communication channels and audit logistics
• Confirm authorization to conduct the audit: Day(s), Time,
proposed schedule & audit team
• Request access to relevant documents and records: e.g.: QMS,
Policies, Objectives, Procedures, records, etc.
• Agree on the audit scope and audit criteria

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 74

 SCOPE OF ISO 9011 – Principles of Auditing

Short Audits or Assessments:

Are designed to focus on specific processes that may stem
from Nonconformance's, customer complaints, etc.
Assessments are not utilized for audit certification process.
Are conducted utilizing the same structure and professional
manner as a formal audit.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 75

 SCOPE OF ISO 9011 – Principles of Auditing

Minimum Documentation Mandatory Documentation

• Quality Policy & Objectives • Internal Audit Reports/ schedule
• Quality Manual • Control of Nonconforming product
• Documented procedures required • Corrective Actions
by ISO 9001 (if the audit is based on
ISO 9001 standard) • Preventive Actions Control of
Documents
• Organizational documents needed
to ensure effective planning, • Control of Records
operation, and control of its
processes

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 76

 SCOPE OF ISO 9011 – Principles of Auditing

Document Styles:
Auditors may observe a wide range of quality documentation
styles. Long and short Quality Manuals being comprised of:
• Which ever style documents should be assessed on their
content and if they meet the requirements of the
standard they reference.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 77

 SCOPE OF ISO 9011 – Principles of Auditing

Quality Manual Review:

The review may be performed by other auditors in the team
but should work under the direction of the Lead Auditor.
The intent of a review is to verify if the documentation
provided is compliant to the requirements of the standard.
• Does the procedures comply with the statements
continued in the quality manual?
• Does the procedures accurately reflect the
actual
practices observed in the audit?
There are several different approaches of reviewing
procedures during an audit.
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 78
 SCOPE OF ISO 9011 – Principles of Auditing

Document Reviewing Approaches:

Documented procedures Undocumented procedures

• Read procedures • Visit area(s), gather facts form

various resources
• Make notes of key control
points • Compare facts, observations
against requirements
• Visit areas, gather data
• Compare results

Or
Visit area, gather facts,
Review procedures
C
o
m
February 1, 2017
p Copyright © 2014 ProSep. All Rights Reserved. 79
 SCOPE OF ISO 9011 – Principles of Auditing

Audit Agenda:
The lead Auditor should prepare the audit plan or agenda to
establish an agreement between the auditee and the
auditor’s company.
The amount of detail provided in the audit agenda should
reflect the scope and audit complexity.
Changes to the audit scope are allowed and may change
while developing the audit agenda.
Topics the audit agenda should cover and potential
confidentiality issues.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 80

 SCOPE OF ISO 9011 – Principles of Auditing

Audit Agenda Topics:

• Date and location
• Roles and Responsibilities of the audit team, the auditee’s
escorts and management
• Audit objectives, criteria and reference documents
• Audit scope and identification of the functions and
processes to be included in the audit
• Expected time and duration of the planned audit
activities

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 81

 SCOPE OF ISO 9011 – Principles of Auditing

• Welcome statement
Introduction • Introduce audit team and auditee introduce managers
• Circulate the kick-off meeting audit plan to record attendance
• Confirm purpose, scope and criteria
Confirm audit plan • Discuss any proposed changes

• Outline dates, times, auditors for each area/interview

Confirm audit schedule • Confirm closing meeting date and time

• Examination, interviews, record review

Explain audit methodology • Sampling base and nonconformity categories (Major and Minor)

Confirm auditor’s working • Designate escorts

facilities • Review escort roles and responsibilities

• Auditor’s office
Confirm communication links • Lunch arrangements
• Safety, emergency and security information
• Records
Confidentiality • Verbal information

Changes • Assess any proposed changes

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 82

 SCOPE OF ISO 9011 – Principles of Auditing

Collecting and verifying information:

Record sampling, relevant information should be collected
by appropriate sampling.
Methods for record collection:
• Interviews
• Activity observations
• Review of documents
Note: only information that is verifiable (objective, not
subjective) may be used for audit evidence records. Be fair
and accurate.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 83

 SCOPE OF ISO 9011 – Principles of Auditing

Interviews:
Interviews are one of the most important means of collecting information.
Consider the following:
• Interview employees from appropriate levels and functions of the
organization
• Conduct interviews during normal working hours at their normal
workstations
• Put the person at ease (tell them what you are doing)
• Pay attention to body language
• Explain the reason for the interview
• Ask open-ended questions
• Listen actively (two way communication, verify what you hear
them say)
• Summarize review results
• Thank them for their cooperation
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 84
 SCOPE OF ISO 9011 – Principles of Auditing

Body Language: Examples (5 minute discussion)

Are these observations subjective or objective?
What are some observations you have experienced?
• Interviewee with hands on hips and chin raised?
• Interviewee with hands along sides and chin down avoids
eye contact?
• Interviewee sitting in chair with legs and arms crossed?
• Interviewee sitting in chair with legs and arms open?

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 85

 SCOPE OF ISO 9011 – Principles of Auditing

Open-ended verses Close-ended Questions:

Open-ended Close-ended
Seek more descriptive information. Allows the auditee to respond with
These types of questions utilize verbs either a “yes” or “no” providing the
e.g.: auditor with limited amount of
What, Why, When, How, Where, and information.
Who?
• How does this machine operate? This method is not effective to
• What happens when an order is extract the required information.
received? E.g.:
• Do you keep a record of
nonconforming product?
• Do you have
procedures?

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 86

 SCOPE OF ISO 9011 – Principles of Auditing

Open-ended example questions:

• What is the purpose of this process?
• What procedures/work instructions are provided on how to
perform this process?
• What is the pass/fail tolerance or criteria of this process?
• What equipment is used in this process?
• How are products examined at the end of the process?
• What happens to nonconforming material or product?

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 87

 SCOPE OF ISO 9011 – Principles of Auditing

Handling Difficult Situations:

• Stay focused on the audit objectives
• Be patient but firm
• Interview another person if the auditee is difficult or results in
slow progress
• Make the best use of your time, move to next step if a
person is
not available, make a note to return later and follow up
• Ask the auditee to hold calls during interview
• Request information to be brought later. Make a note to return
later and follow up
• Do not argue, debate or take sides
• Notify the escort or the appropriate level contact in the
organization if the situation is other than accommodating
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 88
 SCOPE OF ISO 9011 – Principles of Auditing

Diversionary tactic examples:

• Key personnel not available or arriving late
• Accessing documents is a challenge
• Guide involved in trivial conversations
• Guide leaving the auditor and not returning
• Guide frequently excusing themselves or frequent stops
for refreshments
• Guide using long routes when shorter routes are available

If these are suspected diversionary tactics the auditor must

handle with tact and diplomacy by being firm in explaining
the agreed agenda and audit objective.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 89

 SCOPE OF ISO 9011 – Principles of Auditing

Audit Nonconformance's:
Major:
The absence of a system
to meet a standard
requirement.
A number of minor nonconformance's against one
requirements which indicates a total breakdown of
the system as a whole.
Minor:
A lapse during implementation of a system or
procedural requirement.
Does not represent a system breakdown and where
product or services meet requirements.
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 90
 SCOPE OF ISO 9011 – Principles of Auditing

The Closing Meeting:

Preparing Audit Conclusions
Prior to the closing meeting, the audit team should review the information
and notes obtained during the audit, agree on the audit findings.
Discuss when audit follow up time frame.
Conducting the Closing Meeting:
The lead Auditor will chair this closing meeting and present the audit
conclusions based on the audit findings.
• Present the findings so they are clearly understood
• Agree on the time to respond to nonconformities
• If needed, record meeting minutes/summary
• Ensure any differing opinions are discussed and resolved if possible. It is
ok to agree to disagree but record any differing opinions as this issue
may reoccur.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 91

 SCOPE OF ISO 9011 – Principles of Auditing

The Closing Meeting Conduct:

• The Lead Auditor should present and discuss information as
needed
• The team members should only contribute when specifically
requested by the Lead Auditor
• As in any formal meeting, there should be no side-
discussions
• Auditors must be vigilant to the reactions of the audit findings
and be prepared to respond in a professional manner
• Auditors shall not get involved into arguments, even if
provoked
by personal comments
• Usually, if you act professionally, you will be treated
professionally
February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 92
 SCOPE OF ISO 9011 – Principles of Auditing

The Closing Meeting - Detailed items to review:

• Restate the audit purpose, scope and criteria
Introduction • Circulate the kick-off meeting audit plan to record attendance
• Summarize total number of findings
Summary results • Categorize if possible
• Read conformities, nonconformities, opportunities for
Finding details improvement, note worthy information
• Review sampling methodology
• Time period to formally respond to the nonconformities
Corrective Action time period • Review/explain expected responses

• Recommendation as audit findings results

Recommendations • Provide final statement
• Questions or comments
Invite questions • Do not engage in resolving nonconformities the organization will
have to investigate and determine best fit CARs

Confidentiality • State confidentially

• Always thank management for their hospitality and cooperation

Thank Management • Thank the escorts and guides

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 93

 SCOPE OF ISO 9011 – Principles of Auditing

Preparing the Formal Audit Report:

The Lead Auditor is responsible for the preparation and
contents of the formal audit report.
The formal audit report must provide complete, accurate,
concise and clear record of the audit for a documented
history of this event.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 94

 SCOPE OF ISO 9011 – Principles of Auditing

The Quality of the Audit Report:

• Should be written in good language, no jargon or
abbreviations.
• The report should be clear and concise,
unambiguous
• Content is accurate and realistic
• No contradictory statements
• No grammatical or spelling errors

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 95

 SCOPE OF ISO 9011 – Principles of Auditing

Audit Report – additional items:

• Provide a list of auditee interviewees
• Summary of audit processes, including sampling
• Confirm the audit objectives were met
• Areas not covered although within the audit scope
• Unresolved differing opinions
• Recommendations form improvement
• Agreed follow-up action items
• Statement of confidentiality
• Audit report distribution list

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 96

 SCOPE OF ISO 9011 – Principles of Auditing

Distributing the audit report:

Should be issued per the agreed time period, usually 2-3
weeks maximum.
If not possible to distribute the report on time a reasonable
explanation must be provided.
The audit report is the property of the client (who requested
the audit). The audit team must respect and maintain
confidentiality of the report.
The report should be dated, reviewed and approved in
accordance with the audit program procedures.
Once approved it can be distributed accordingly.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 97

 SCOPE OF ISO 9011 – Principles of Auditing

Audit Completion:
The audit is considered completed when all activities described in
the audit plan have been satisfactorily carried out. Assigned NCR
numbers should be referenced in the audit report so they can
easily be cross referenced and follow-up during future audits.
Retain or destroy documents as agreed.
Information obtained during the audit must not be disclosed to
anyone outside the audit team its management and the
organization that was audited.
Review audit team conduct as observed during the audit: review
strengths, weaknesses, training and experience required for
further development.

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 98

 SCOPE OF ISO 9011 – Principles of Auditing

Thank
you

February 1, 2017 Copyright © 2014 ProSep. All Rights Reserved. 99