<<Company Name>>

Internal Audit Checklist

Last Updated on: DD-MMM-YYYY
Dept: Auditees: Auditors:

Document References (Doc No and

S.No Processes/ Procedures to be audited Persons to be Audited Date/ Duration
Current Rev or Version)
Department Specific Processes to be Checked:
1
2
3
4

Common Elements of QMS to be chekced:

Quality Policy and Objectives
1 Deployment including training on the
same
2 Training on PDCA, Risk, RCA and CA
Risks identified, Controls Implemented
3 and their Effectiveness
4 Trends in Key Metrics
5 Change Management
6 Knowledge Management
7 Improvement to Risk Based Approach
8 Continual Improvement

S.No Check Point Observation IAR Ref.

1 Previous Audit Findings and MRM Actions

2 Status of Previous Internal Audit Findings

Check the Status of MRM Actions

3 decided for the department
A. Policy and Objectives Deployment

Verify display of quality policy and

process objectives through various
A1 means such as wall papers/ screen savers
on desktops, posters, table tops, etc

Ask personnel what they understand

from quality policy and how they relate it
to their activities. (Expectation:
A2 Associates should be able to explain the
points in Quality Policy which are
applicable to them and how they
contribute to the adherence to the same)

Verify the plans to achieve the Objectives

in terms of management programs,
A3 plans, improvement projects or any other
special initiatives.

Ask Line Leaders/ Supervisors and other

personnel about objectives and their
plans to achieve the same. (Expectation:
All are expected to know the objectives
A4 applicable to them and they should be
able to explain plans and demonstrate
what actions are imlemented by them to
achieve the same)

Review the risks determined against the

objectives and how the mitigation
A5 actions are included in management
programs or plans

Page 1 | 5
<<Company Name>>
Internal Audit Checklist
Last Updated on: DD-MMM-YYYY
Dept: Auditees: Auditors:

Ask the auditee to understand if ther are

any specific focused initiatives planned to
achieve the Objectives.
A6 Alternately they should have metrics
being tracked on a periodical basis as
planned,

Verify with the Section Incharges/ HODs

the current status of achievement of
A7 objectives and follow up actions on the
same.

A8 Verify tracking and reporting of objectives

Verify the department level reviews of

A9 objectives and plans to improve the
performance

B. Training on PDCA, Risk, RCA and Corrective Actions

Check if the personnel in the department

are trained on concepts of PDCA (Plan-
Do-Check-Act), risks, RCA (Root Cause
B1 Analysis techniques such as Five Why
Analysis or Fishbone Diagram) and CA
(Corrective Actions) including Preventive
Action and Risk Management

On a sample basis, ask people to

describe the meaning of PDCA, Risk, RCA
and CA.
B2 Expectation: All personnel should able to
define the above terms in the correct
manner

Ask personnel whether they have

implemented these steps in their day-to-
day working.
If yes, then ask them how they applied
B3 these concepts.
If no, discuss with the concerned
incharge about the opportunities to
apply these concepts at their level and
possible actions for the same

C. Risks identified and Effectiveness of Mitigation Actions

Verify the Process Risk Assessment or

Quality Risk Assessment Reports and
C1 understand the risks identified and
mitigation actions (further recommended
actions in case of medium or high risks)

Verify the evidences of the actions

C2 implemented and their effectiveness in
terms of improved results

Capture the before and after scenarios

and verify the results achieved.
Expectation: The failures identified
C3 should not be repeating and there should
be improvement trend in the
performance

D. Trends in Key Metrics

Page 2 | 5
<<Company Name>>
Internal Audit Checklist
Last Updated on: DD-MMM-YYYY
Dept: Auditees: Auditors:

Check whether all the metrics or key

D1 performance indicators are linked/
aligned to objectives.

Check if the operational definitions of

the metrics or key performance
D2 indicators are interpreted in the same
manner by all respective associates.

Check for the monitoring of the

performance indicators and the data
D3 captured on the same, see if the same is
being used for analysis and decision to
improve the process

Effectiveness (Measure of Actual Performance Vs Desired or Planned or Expected Performance)

Check the results achieved Vs desired

outcomes, delays in process, rejection/
rework rates, lost orders, complaints,
D4 etc., repetitive problems in the process
even after training, etc and improvement
actions initiated.

Efficiency (Measure of Actual Performance Vs Resources Used)

Check for the month on month
improvements in efficiencies in terms of
D4 Capacity utilization and productivity, cost
reduction, etc

Verify the trend in process performance

See if there are any actions initiated to
D6 improve the process Capability in order
to achieve consistent performance.

Check the actual performance against

the objectives and assess the deviations
D7 from the objectives and do a drill down
exercise to identify the systemic causes
for the deviations

Verify how the employee perception is

captured in terms of their satisfaction,
complaints, critical remarks,
D8 proactiveness and ownership feeling, etc.
Expectation: Collation of the above and
determining improvement actions

E. Change Management
Ask for the major changes in operations
E1 and check how the same has been
implemented

In changes made, check the details of

changes, identification of risks in change
E2 implementation, review and approval of
changes, implementation of changes and
post implementation review

Ask if there is any roll back in case the

E3 changes are not found to be effective in
terms of giving the desired results

F. Knowledge Management
See how best practices across projects
F1 are captured, shared between the teams
and institutionalized

Page 3 | 5
<<Company Name>>
Internal Audit Checklist
Last Updated on: DD-MMM-YYYY
Dept: Auditees: Auditors:

Check for lessons learned in few of the

F2 projects and verify the adoptation in
other projects

Use of IT
Verify whether all the features in the IT
tools (Internet, Mobile Apps, etc) used
G1 effectively on a routine basis as needed
for employee engagement.

By way of auditing the processes, identify

process elements which may be
G2 automated to achieve consistency and
improved performance in the processes

Use of licensed SWs available and to

G3 what extent they are used.
H. Data Analysis - Use of Statistics (Note: this should be based on the overall audit experience of the auditor and the following check points
need not be specifically asked by the auditor)
List of out various statistical measures/
H1 tools used by the auditee
Verify whether the right statistical
measure/ tool is used in right manner by
H2 validating the inference made from the
use.
I. Improvement Activities implemented by the Auditee

Ask the auditees for various Kaizens

implemented and improvements
I1 achieved in the processes since last
audit. Capture the same as positive/ note
worthy observations in the audit report.

J. Improvement Opportunities
List the improvements which may be
J1 initiated based on the audit conversation
in consensus with auditee
K. Effectiveness of Corrective Actions and Closure of Audit Findings and other Process Deviations/ Errors in Deliverables

Randomly identify the CA implemented

( 3 to 6 months older). Samples picked
should include 1 or 2 Internal/ External
Audit Findings, 1 or 2 Process Deviations
and 1 or 2 Instances of missing targets.
K1 Check the implementation and verify
whether there are any same/ similar
deviations, problems, etc to assess
effectiveness of CA. This should be
expected from Heads.

At individual Operator/ Employee, pick a

random sample of associate and verify
K2 their understanding of Root Cause and
CA. Also verify the RCA and CA
implemented at their individual level.

L. Inference Points
Note that the following issues should get checked randomly during the audit process.
Document Control effectiveness. See if
the documents are retrieved from the
L1 QMS Repository/ Specified Folder (in
case of soft form) or Controlled Copies
issued.

Page 4 | 5
<<Company Name>>
Internal Audit Checklist
Last Updated on: DD-MMM-YYYY
Dept: Auditees: Auditors:

Verify whether the document identity

and revisions are latest as per the Master
Document List. (Note: Prior to auditing,
L2 please don't forget to note down the
latest versions of the documents from
MR, especially those revised since last
internal audit)

Verify the interlinkages and consistencies

between various document. Report if any
L3
inconsistencies are found. Else, this may
be left blank.

See if the retrieval of records is done in

20 to 30 Seconds. Else, identify the
L4 improvement opportunity in the storage/
filing methods.
Improvements in Risk Based Approach

M. Any Additional Points

M1

Page 5 | 5