Internal Auditor Training

INTERNAL AUDITOR TRAINING
Issue: TUVME /QM 002 Date:13.01.09
Internal Auditor Training
30.11.2008
WELCOME
Management System Auditing
Issue: TUVME /QM001/02 Date:07.01.09 Issue: TUVME/QM 002 Date:13.01.09
ISO 9001:2008 Internal Auditor Training Awareness Training
30.11.2008
PURPOSE
Purpose of Internal Audit To determine the conformity To determine the effectiveness To provide an opportunity for improvement Confidence to management Purpose of training Auditor competence
Issue: TUVME /QM001/02 Date:07.01.09 TUVME/QM 002 Date:13.01.09
30.11.2008
Definition & Terminologies
Audit: Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled The word audit means a systematic and detailed assessment, carried out in order to check for conformance against something Audit Criteria: Set of policies, procedures, instructions etc. Audit Evidence: Records, statements of fact or other information, which are relevant to the audit criteria and verifiable
30.11.2008
Audit Conclusion: Outcome of an audit, provided by the audit team after consideration of the audit objectives and all audit findings Audit Client: Organization or person requesting an audit, the audit client may be the auditee or any other organization which has the regulatory or contractual right to request an audit Auditee: Organization being audited Auditor: Person with the competence to conduct an audit Audit Team: One or more auditors conducting an audit, supported if needed by technical experts
30.11.2008
Technical Expert: Person who provides specific knowledge or expertise to the audit team Audit Programme: Set of one or more audits planned for a specific time frame and directed towards a specific purpose Audit Plan: Description of the activities and arrangements for an audit Audit Scope: Extent and boundaries of an audit Competence: Demonstrated personal attributes and demonstrated ability to apply knowledge and skills
30.11.2008
Principals Of Auditing Ethical conduct: the foundation of professionalism Trust, integrity, confidentiality and discretion are essential to auditing Fair presentation: the obligation to report truthfully and accurately Due professional care: the application of diligence and judgment in auditing Independence: the basis for the impartiality of the audit and objectivity of the audit conclusions Evidence-based approach: the rational method for reaching reliable and reproducible audit conclusions in a systematic audit process
30.11.2008
Categories Of Audit
Process Audit: Audit of a process against process norms / parameters. Particular process experts are required to audit the process..
Input
Activity
Output
30.11.2008
Categories Of Audit System Audit: Audit of system against a specified standard / requirement. To check whether the organization comply with the standard.
30.11.2008
Categories Of Audit Product Audit: Audit of a product against specified requirements. This is an assessment of the final product or service
INCOMING INSPECTION / TEST STAGE IN-PROCESS INSPECTION / TEST STAGE FINAL PRODUCT INSPECTION / TEST STAGE
PRODUCT AUDIT POINTS

Issue: TUVME /QM001/02 Date:07.01.09 TUVME/QM 002 Date:13.01.09 ISO 9001:2008 Internal Auditor Training Awareness Training
30.11.2008
10
Types Of Audit
First party audit (internal audit) Second party audit (external audit) Third party audit (external audit)
30.11.2008
11
Types Of Audit
Internal audits, sometimes called first-party audits, are conducted by, or on behalf of, the organization itself. External audits include those generally termed secondand third-party audits. Second-party audits are conducted by parties having an interest in the organization, such as customers, or by other persons on their behalf. Third-party audits are conducted by external, independent auditing organizations, such as those providing registration or certification of conformity to the requirements.
30.11.2008
12
Audit Management
Audit Management Steps are: Authority for Audit Programme Establishing the Audit Programme Implementing the Audit Programme Monitoring & Reviewing the Audit Programme Improving the Audit Programme
30.11.2008
13
Authority for Audit Programme
Top management should grant the authority for managing: Establishment, implementation, monitoring, reviewing, and improvement Identification and provision of resources
Authority for Audit Program (5.1)
30.11.2008
14
Establishing the Audit Programme
Management requirement Commercial intentions System requirement Legal & other requirement Needs of interested parties etc
Scope Frequency Complexity Previous audit results Concern of interested parties Changes in organization
To run the entire audit process successfully
Should consider: Planning Auditor selection Conduct Follow-up Records Reporting etc
Financial Techniques Auditors Experts etc
30.11.2008
15
Implementing the Audit Programme
30.11.2008
16
Monitoring & Reviewing the Audit Programme
30.11.2008
17
Improving the Audit Programme
30.11.2008
18
Audit Activities
Initiating the Audit Conducting Document Review Audit Preparation Conducting of Onsite Audit Audit Reporting Audit Follow Up
30.11.2008
19
Initiating the Audit
Appointing team leader Defining objective, scope and criteria Determining feasibility of audit Selecting the audit team Establishing initial contact
Discuss each point in detail
30.11.2008
20
Conducting Document Review
This is to see the conformity of documented management system with audit criteria.
30.11.2008
21
Preparation
This consist of: Audit plan Assigning work to team Preparing work documents
30.11.2008
22
Preparation
Audit plan: Process & System Understanding Plan of Action
30.11.2008
23
Process & System Understanding
What is a Process? Activity that transforms input into output
Input Resources: People Facilities/Equipment Material Methods

Activity
Output Results: Products Services Performance
30.11.2008
24
Process & System Understanding
30.11.2008
25
Audit Plan Audit Entry & Exit Meetings

20 mins
TOTAL AUDIT TIME 120 mins

5+ 15 mins
30 mins
20 mins
Audit of Interface with another Area 20 mins 10 mins
30.11.2008
26
Preparation
Assigning work to team Preparing work documents: Checklists Formats
30.11.2008
27
Preparation
Checklist
GUIDE CHECK LISTS REMIND US OF THE AUDIT SAMPLE
AIDE MEMOIRE
CONTINUITY
30.11.2008
28
Preparation
Checklists: High Level & Low Level Do you have supplier evaluation mechanism? (HL) If so please explain the supplier evaluation mechanism? (LL) Do you have mechanism for control of documents? (HL) How you control the issue of new documents? (LL)
30.11.2008
29
Preparation
Use auditor friends to generate checklist: What Why When Where Who How
30.11.2008
30
10
Preparation
Use: Closed Questions Open Questions Clarifying Questions
30.11.2008
31
Preparation Prepare High-level Checklist
30.11.2008
32
Conducting Of Onsite Audit
Consist of: Opening Meeting Communication During the Audit Guide Collecting & Verifying Information Generating Audit Findings Preparing Audit Conclusion Conducting Closing Meeting
30.11.2008
33
11
Opening Meeting
INTRODUCTIONS OBJECTIVES AND SCOPE AUDIT SCHEDULE LIMITATIONS AUDIT TEAM REQUIREMENTS METHOD OF REPORTING FINDINGS ARRANGEMENTS FOR EXIT MEETING QUESTIONS
30.11.2008
34
Communication During the Audit: Within the audit team With auditee
30.11.2008
35
Guide
GUIDE & INTRODUCE WITNESS TO FACTS FOUND INTERPRETER SHOULD NOT ANSWER FOR AUDITEE SHOULD NOT ACT AS AUDITOR QUALIFICATIONS REASONABLE SENIORITY COMPANY AUDITORS UNDERSTANDING OF AUDIT PROCESS AND AUDITORS NEEDS NOT NORMALLY REQUIRED FOR INTERNAL AUDITS
SAFETY OF AUDITORS COMPANY CONFIDENTIALITY
30.11.2008
36
12
Conducting Of Onsite Audit Collecting & Verifying Information
CONDUCTING INTERVIEWS EXAMINATION OF DOCUMENTS/PRODUCTS OBSERVATION OF ACTIVITIES OBSERVATION OF CONDITIONS/HOUSEKEEPING
30.11.2008
37
For records always take samples: No time to check all; Select representative sample; Cover relevant period; Representation of action;
30.11.2008
38
Time management: Time is always short; Plan well; Do not allow audit to get side-tracked; Do not dig too much; and Decide the size of sample and stick to it.
30.11.2008
39
13
Gathering information
Interviewing Body Language Document Review Observation
30.11.2008
40
Conducting Of Onsite Audit What do we check
DOCUMENTATION TOOLS MATERIALS PEOPLE PRODUCTS
30.11.2008
41
Types of audit flow
Forward Backward
30.11.2008
42
14
Objective Evidence
AUDITOR NEEDS "OBJECTIVE EVIDENCE" EVIDENCE THAT EXISTS AND IS VERIFIABLE
FACTUAL EVIDENCE OBSERVATION DOCUMENTED
NOT AUDITORS OPINION
30.11.2008
43
Generating Audit Findings Conformity Non Conformity (grading major & minor) Improvement Potentials
30.11.2008
44
Taking Notes RECORD THE IMPORTANT FACTS FOR FUTURE REFERENCE WHERE THE AUDITOR HAS VISITED WHO WAS MET & SPOKEN TO RECORD OF WHAT WAS SEEN & HEARD AUDITORS NEED TO LEARN THE ART OF GOOD NOTE TAKING
30.11.2008
45
15
Conducting Of Onsite Audit Nonconformity
MANAGEMENT NEED THE FACTS ! WHAT WAS FOUND WHERE WAS IT FOUND WHY IS IT A NON-CONFORMITY NON(WHO WAS PRESENT)
30.11.2008
46
Conducting Of Onsite Audit Nonconformity
FACTUAL EVIDENCE OF A CONDITION NOT IN ACCORDANCE WITH A SPECIFIED REQUIREMENT
30.11.2008
47
Conducting Of Onsite Audit Major Nonconformity
A SIGNIFICANT NON-COMPLIANCE WITH A QUALITY NONSYSTEM REQUIREMENT OR A FAILURE OF, OR COMPLETE OMISSION OF A QUALITY SYSTEM REQUIREMENT
OR
A SIGNIFICANT NUMBER OF MINOR NON-CONFORMITIES NONCONCERNING THE SAME QUALITY SYSTEM REQUIREMENT
30.11.2008
48
16
Minor Nonconformity
AN ISOLATED INCIDENT OF A FAILURE TO COMPLY WITH A PROCEDURE OR QUALITY SYSTEM REQUIREMENT
30.11.2008
49
NON CONFORMANCE REPORT Ref.: Department: Type of NCR: Major / Minor / NCR No.: Date: Section: Observation
NCR against which clause: Non conformance:
Cause of nonconformance:
Corrective / preventive action:
Review:
30.11.2008
50
Preparing Audit Conclusion: Outcome Follow-up
30.11.2008
51
17
Conducting Of Onsite Audit Conducting Closing Meeting
INTRODUCTIONS THANKS FOR COOPERATION ETC. OBJECTIVES AND SCOPE OF AUDIT LIMITATIONS OF THE AUDIT SUMMARY FINDINGS CONCLUSIONS SUBMISSION OF FORMAL REPORT CORRECTIVE ACTIONS QUESTIONS
30.11.2008
52
Audit Reporting
IT IS A PRIME RESPONSIBILITY OF THE AUDITOR(S) TO COMPLETE THE AUDIT PROCESS AND PROVIDE AUDITEE MANAGEMENT WITH DETAILS OF THE FINDINGS
MANAGEMENT ARE RESPONSIBLE FOR DETERMINATION & IMPLEMENTATION OF CORRECTIVE ACTIONS
30.11.2008
53
Audit Reporting
IDENTIFICATION IDENTIFICATION CONFIDENTIALITY CONFIDENTIALITY AUDIT OBJECTIVE & SCOPE AUDIT OBJECTIVE & SCOPE SCHEDULE //DATES //AUDITORS SCHEDULE DATES AUDITORS REFERENCE DOCUMENTS REFERENCE DOCUMENTS SUMMARY OF FINDINGS SUMMARY OF FINDINGS NON-CONFORMITIES NON-CONFORMITIES RECOMMENDATIONS RECOMMENDATIONS FOLLOW UP FOLLOW UP
30.11.2008
54
18
Audit Reporting
REMEMBER WHO IS THE RECIPIENT REMEMBER WHAT THE RECIPIENT NEEDS SUMMARISE FINDINGS PROVIDE THE DETAILS THINK BEFORE WRITING AND WRITE CLEARLY & CONCISELY DRAW CONCLUSIONS
30.11.2008
55
Audit Reporting Audit Report
AUDITS ARE OFTEN SEEN AS NEGATIVE AUDITEES WOULD LIKE TO KNOW ABOUT:
POSITIVE FINDINGS OPPORTUNITIES FOR IMPROVEMENT RECOMMENDATIONS
30.11.2008
56
Audit Follow Up
NON-CONFORMITY RAISED UNDERSTAND
CORRECTIVE ACTION & AUDIT CLOSE OUT
ANALYSE ROOT CAUSE DETERMINATION CORRECTIVE ACTION PROPOSAL IMPLEMENT
AUDITING ORGANISATION
FOLLOW UP AUDIT
VERIFICATION
ONGOING SURVEILLANCE
Issue: TUVME /QM001/02 Date:07.01.09 TUVME/QM 002 Date:13.01.09 ISO 9001:2008 Internal Auditor Training Awareness Training
30.11.2008
57
19
Auditors
30.11.2008
58
Auditors
Personnel Attributes:
Ethical, i.e. fair, truthful, sincere, honest and discreet; Open-minded, i.e. willing to consider alternative ideas or points of view; Diplomatic, i.e. tactful in dealing with people; Observant, i.e. actively aware of physical surroundings and activities; Perceptive, i.e. instinctively aware of and able to understand situations;
30.11.2008
59
Auditors
Personnel Attributes: Versatile, i.e. adjusts readily to different situations; Tenacious, i.e. persistent, focused on achieving objectives; Decisive, i.e. reaches timely conclusions based on logical reasoning and analysis; and Self-reliant, i.e. acts and functions independently while interacting effectively with others.
30.11.2008
60
20
Auditors
Knowledge & Skills:
Management system knowledge Team leader / auditor Specific knowledge
30.11.2008
61
Auditors
Education, Work Experience, Training & Experience:
Auditors Team leader
30.11.2008
62
Auditors
Maintenance & Improvement of Competence: Continual Professional Development
30.11.2008
63
21
THANK YOU
30.11.2008
64
22

Internal Auditor Training

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Internal Auditor Training

Hochgeladen von

Copyright:

Verfügbare Formate

INTERNAL AUDITOR TRAINING

Issue: TUVME /QM 002 Date:13.01.09