Beruflich Dokumente
Kultur Dokumente
30.11.2008
WELCOME
30.11.2008
PURPOSE
Purpose of Internal Audit To determine the conformity To determine the effectiveness To provide an opportunity for improvement Confidence to management Purpose of training Auditor competence
30.11.2008
Audit: Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled The word audit means a systematic and detailed assessment, carried out in order to check for conformance against something Audit Criteria: Set of policies, procedures, instructions etc. Audit Evidence: Records, statements of fact or other information, which are relevant to the audit criteria and verifiable
30.11.2008
Audit Conclusion: Outcome of an audit, provided by the audit team after consideration of the audit objectives and all audit findings Audit Client: Organization or person requesting an audit, the audit client may be the auditee or any other organization which has the regulatory or contractual right to request an audit Auditee: Organization being audited Auditor: Person with the competence to conduct an audit Audit Team: One or more auditors conducting an audit, supported if needed by technical experts
30.11.2008
Technical Expert: Person who provides specific knowledge or expertise to the audit team Audit Programme: Set of one or more audits planned for a specific time frame and directed towards a specific purpose Audit Plan: Description of the activities and arrangements for an audit Audit Scope: Extent and boundaries of an audit Competence: Demonstrated personal attributes and demonstrated ability to apply knowledge and skills
30.11.2008
Principals Of Auditing Ethical conduct: the foundation of professionalism Trust, integrity, confidentiality and discretion are essential to auditing Fair presentation: the obligation to report truthfully and accurately Due professional care: the application of diligence and judgment in auditing Independence: the basis for the impartiality of the audit and objectivity of the audit conclusions Evidence-based approach: the rational method for reaching reliable and reproducible audit conclusions in a systematic audit process
30.11.2008
Categories Of Audit
Process Audit: Audit of a process against process norms / parameters. Particular process experts are required to audit the process..
Input
Activity
Output
30.11.2008
Categories Of Audit System Audit: Audit of system against a specified standard / requirement. To check whether the organization comply with the standard.
30.11.2008
Categories Of Audit Product Audit: Audit of a product against specified requirements. This is an assessment of the final product or service
INCOMING INSPECTION / TEST STAGE IN-PROCESS INSPECTION / TEST STAGE FINAL PRODUCT INSPECTION / TEST STAGE
30.11.2008
10
Types Of Audit
First party audit (internal audit) Second party audit (external audit) Third party audit (external audit)
30.11.2008
11
Types Of Audit
Internal audits, sometimes called first-party audits, are conducted by, or on behalf of, the organization itself. External audits include those generally termed secondand third-party audits. Second-party audits are conducted by parties having an interest in the organization, such as customers, or by other persons on their behalf. Third-party audits are conducted by external, independent auditing organizations, such as those providing registration or certification of conformity to the requirements.
30.11.2008
12
Audit Management
Audit Management Steps are: Authority for Audit Programme Establishing the Audit Programme Implementing the Audit Programme Monitoring & Reviewing the Audit Programme Improving the Audit Programme
30.11.2008
13
Top management should grant the authority for managing: Establishment, implementation, monitoring, reviewing, and improvement Identification and provision of resources
30.11.2008
14
Management requirement Commercial intentions System requirement Legal & other requirement Needs of interested parties etc
Scope Frequency Complexity Previous audit results Concern of interested parties Changes in organization
Should consider: Planning Auditor selection Conduct Follow-up Records Reporting etc
30.11.2008
15
30.11.2008
16
30.11.2008
17
30.11.2008
18
Audit Activities
Initiating the Audit Conducting Document Review Audit Preparation Conducting of Onsite Audit Audit Reporting Audit Follow Up
30.11.2008
19
Appointing team leader Defining objective, scope and criteria Determining feasibility of audit Selecting the audit team Establishing initial contact
30.11.2008
20
This is to see the conformity of documented management system with audit criteria.
30.11.2008
21
Preparation
This consist of: Audit plan Assigning work to team Preparing work documents
30.11.2008
22
Preparation
30.11.2008
23
Activity
30.11.2008
24
30.11.2008
25
30 mins
20 mins
30.11.2008
26
Preparation
30.11.2008
27
Preparation
Checklist
AIDE MEMOIRE
CONTINUITY
30.11.2008
28
Preparation
Checklists: High Level & Low Level Do you have supplier evaluation mechanism? (HL) If so please explain the supplier evaluation mechanism? (LL) Do you have mechanism for control of documents? (HL) How you control the issue of new documents? (LL)
30.11.2008
29
Preparation
Use auditor friends to generate checklist: What Why When Where Who How
30.11.2008
30
10
Preparation
30.11.2008
31
30.11.2008
32
Consist of: Opening Meeting Communication During the Audit Guide Collecting & Verifying Information Generating Audit Findings Preparing Audit Conclusion Conducting Closing Meeting
30.11.2008
33
11
Opening Meeting
INTRODUCTIONS OBJECTIVES AND SCOPE AUDIT SCHEDULE LIMITATIONS AUDIT TEAM REQUIREMENTS METHOD OF REPORTING FINDINGS ARRANGEMENTS FOR EXIT MEETING QUESTIONS
30.11.2008
34
Communication During the Audit: Within the audit team With auditee
30.11.2008
35
Guide
GUIDE & INTRODUCE WITNESS TO FACTS FOUND INTERPRETER SHOULD NOT ANSWER FOR AUDITEE SHOULD NOT ACT AS AUDITOR QUALIFICATIONS REASONABLE SENIORITY COMPANY AUDITORS UNDERSTANDING OF AUDIT PROCESS AND AUDITORS NEEDS NOT NORMALLY REQUIRED FOR INTERNAL AUDITS
30.11.2008
36
12
30.11.2008
37
For records always take samples: No time to check all; Select representative sample; Cover relevant period; Representation of action;
30.11.2008
38
Time management: Time is always short; Plan well; Do not allow audit to get side-tracked; Do not dig too much; and Decide the size of sample and stick to it.
30.11.2008
39
13
Gathering information
30.11.2008
40
30.11.2008
41
Forward Backward
30.11.2008
42
14
Objective Evidence
AUDITOR NEEDS "OBJECTIVE EVIDENCE" EVIDENCE THAT EXISTS AND IS VERIFIABLE
30.11.2008
43
Generating Audit Findings Conformity Non Conformity (grading major & minor) Improvement Potentials
30.11.2008
44
Taking Notes RECORD THE IMPORTANT FACTS FOR FUTURE REFERENCE WHERE THE AUDITOR HAS VISITED WHO WAS MET & SPOKEN TO RECORD OF WHAT WAS SEEN & HEARD AUDITORS NEED TO LEARN THE ART OF GOOD NOTE TAKING
30.11.2008
45
15
MANAGEMENT NEED THE FACTS ! WHAT WAS FOUND WHERE WAS IT FOUND WHY IS IT A NON-CONFORMITY NON(WHO WAS PRESENT)
30.11.2008
46
30.11.2008
47
A SIGNIFICANT NON-COMPLIANCE WITH A QUALITY NONSYSTEM REQUIREMENT OR A FAILURE OF, OR COMPLETE OMISSION OF A QUALITY SYSTEM REQUIREMENT
OR
A SIGNIFICANT NUMBER OF MINOR NON-CONFORMITIES NONCONCERNING THE SAME QUALITY SYSTEM REQUIREMENT
30.11.2008
48
16
Minor Nonconformity
30.11.2008
49
NON CONFORMANCE REPORT Ref.: Department: Type of NCR: Major / Minor / NCR No.: Date: Section: Observation
Cause of nonconformance:
Review:
30.11.2008
50
30.11.2008
51
17
INTRODUCTIONS THANKS FOR COOPERATION ETC. OBJECTIVES AND SCOPE OF AUDIT LIMITATIONS OF THE AUDIT SUMMARY FINDINGS CONCLUSIONS SUBMISSION OF FORMAL REPORT CORRECTIVE ACTIONS QUESTIONS
30.11.2008
52
Audit Reporting
IT IS A PRIME RESPONSIBILITY OF THE AUDITOR(S) TO COMPLETE THE AUDIT PROCESS AND PROVIDE AUDITEE MANAGEMENT WITH DETAILS OF THE FINDINGS
30.11.2008
53
Audit Reporting
IDENTIFICATION IDENTIFICATION CONFIDENTIALITY CONFIDENTIALITY AUDIT OBJECTIVE & SCOPE AUDIT OBJECTIVE & SCOPE SCHEDULE //DATES //AUDITORS SCHEDULE DATES AUDITORS REFERENCE DOCUMENTS REFERENCE DOCUMENTS SUMMARY OF FINDINGS SUMMARY OF FINDINGS NON-CONFORMITIES NON-CONFORMITIES RECOMMENDATIONS RECOMMENDATIONS FOLLOW UP FOLLOW UP
30.11.2008
54
18
Audit Reporting
REMEMBER WHO IS THE RECIPIENT REMEMBER WHAT THE RECIPIENT NEEDS SUMMARISE FINDINGS PROVIDE THE DETAILS THINK BEFORE WRITING AND WRITE CLEARLY & CONCISELY DRAW CONCLUSIONS
30.11.2008
55
AUDITS ARE OFTEN SEEN AS NEGATIVE AUDITEES WOULD LIKE TO KNOW ABOUT:
30.11.2008
56
Audit Follow Up
AUDITING ORGANISATION
FOLLOW UP AUDIT
VERIFICATION
ONGOING SURVEILLANCE
Issue: TUVME /QM001/02 Date:07.01.09 TUVME/QM 002 Date:13.01.09 ISO 9001:2008 Internal Auditor Training Awareness Training
30.11.2008
57
19
Auditors
30.11.2008
58
Auditors
Personnel Attributes:
Ethical, i.e. fair, truthful, sincere, honest and discreet; Open-minded, i.e. willing to consider alternative ideas or points of view; Diplomatic, i.e. tactful in dealing with people; Observant, i.e. actively aware of physical surroundings and activities; Perceptive, i.e. instinctively aware of and able to understand situations;
30.11.2008
59
Auditors
Personnel Attributes: Versatile, i.e. adjusts readily to different situations; Tenacious, i.e. persistent, focused on achieving objectives; Decisive, i.e. reaches timely conclusions based on logical reasoning and analysis; and Self-reliant, i.e. acts and functions independently while interacting effectively with others.
30.11.2008
60
20
Auditors
30.11.2008
61
Auditors
30.11.2008
62
Auditors
30.11.2008
63
21
THANK YOU
30.11.2008
64
22