Audits and Assessments

Outline
What is an audit ?
Types of Audits
How to meet standard requirements
Effective auditing
Preparing for an audit
Conducting an audit
Internal Audits Required:
By ISO 9000
clause 4.17

By ISO/IEC 17025
clause 4.13 (management requirements)
What is an Audit ?
Systematic and independent examination of
the quality management system (QMS)
What are you doing?
Does it comply with the standard you have
chosen to follow?
Can be by someone within the organisation
or from someone outside

The Audit Process
Scheduled Audits
programme managed by Quality Manager or
auditors
examine documents, results, processes
identify problems
improve
Unscheduled Audits
investigate problem
improve



Why Audit?
Is QMS implemented exactly as intended ?
To investigate a problem
why did it occur ?
how can it be resolved ?
how can it be prevented in future ?
Identify opportunities to improve
To see if the QMS meets the requirements of
standards ?


Types of Audits
Horizontal
all departments audited against one
element of standard or procedure
Vertical
one department audited against all
elements of standard or procedure
Internal and External
Standard Requirements:
ISO 9001 and 17025
Audit program
Documented procedures
Auditors independent of activity
Audit results documented and reported
to management
Prompt action after problems identified
Follow up activities
Managements Responsibility
Define [internal] auditing policy
Assign responsibility of internal
audit program
Quality Manager
Must be advised of internal audit
outcomes
discussed at management review


Quality Managers
Responsibility
Establish & maintain internal audit
system
Develop schedule
Coordinate audits
Manage corrective action system
Advise management audit
outcomes
Who Audits ?
Trained & qualified auditors
Quality Manager selects and trains
internal auditors
observer on Quality Managers audits
fist audit under supervision of qualified
auditor
Person independent of the activity
to be audited
Audit Schedule

Annual
Address all elements of the quality
system
not all departments
Frequency ?
critical areas
Documents used in Auditing
Checklists
Corrective action request forms
Audit report forms
Documenting the Audit Program (1)
Quality Manual
quality policy on internal auditing
responsibility for internal audits

Documenting the Audit
Program (2)
Internal audit procedure(s)
selection and training of auditors
scheduling audits
responsibilities of auditors
preparation, conducting and reporting on
audits
identifying, resolving and following up
corrective actions
reporting audit results to management
Effective Auditing (1)

Gather evidence about
compliance with quality
system or standard
Effective Auditing (2)
Gather information about:
process, operating procedures
staff, equipment, test methods
environment, handling of samples
quality control, verification activities
recording and reporting practices.
Compare with documented system
Identify breakdown in system or
departure from procedures

What to Audit
Systems audit
adherence to documented procedures
Technical audit
Technical correctness
adherence to documented
procedures/test methods
auditor must have technical knowledge of
test
Combination
vertical audit

What to Audit - Technical Audit
Staff
Methods
Equipment
Testing Environment
Samples and Test Items
Quality Control
Computers
Records and Reports

Audit Preparation
Quality Manager determines
audit team
lead auditor
audit details
scope of audit
time, date, duration
Contact auditee
date, time, type & duration
1. Audit Plan
4. Gather Evidence
3. Opening Meeting
5. Record Results
2. Develop Checklists
6. Closing Meeting
7. Audit Report
1. Audit Plan
Objectives & scope
Collect documents
standard, procedure, work instructions,
forms
desk top review
History

2. Developing Checklists
Guidelines
Review documents
identify important aspects of the activity
list in logical order
set of questions
Audit Follow-up Activities

It may be necessary for a follow-up audit to be
performed to verify the effectiveness of any
corrective action carried out. Corrective action, and
subsequent follow-up audits, should be completed
within a time period agreed to by the auditee, in
consultation with the auditor.
The Quality Manager should schedule the follow-up
audit and enter details on the Audit Schedule and the
Audit Status Log.

3. Opening Meeting
Who ?
auditor/audit team
auditee
any staff from area to be audited that may
be interviewed
What ?
Scope
expected duration
4.1 Gather Evidence about Compliance
Interviews
ask questions about system and its
implementation
who, what, when, how, where, why ?
other questions
direct
hypothetical
clarifying
4.2 Gather Evidence about Compliance
Examine documents
procedures, work instructions, forms,
quality manual
copies controlled ?
available ?
correct issue status ?
used in manner intended ?
Quality Records
stored correctly ?
used as objective evidence
many forms



4.3 Gather Evidence about Compliance
Observe activities
what is said or written may not reflect practice
show me

Examine facilities
as travel through laboratory/offices
examine:
equipment
standard of housekeeping
size and layout of working area
environment eg. temperature in lab


5. Recording Results

Record on checklists
activities which do not adhere to quality
system
may be classified
major non-conformance
minor non-conformance
areas for improvement
6. Closing Meeting(s)

Audit team meeting
discuss audit results
Closing meeting
discuss corrective actions
determine resolution dates
Identify corrective actions
use corrective action forms

7. Audit Report
Audit details
Summary of findings
corrective actions
numbered
objective evidence
reference the document
observations
Distribute



Corrective and Preventive Action
Outline
What is a corrective action ?
What is a preventive action ?
Corrective and preventive action
program
Corrective and preventive action
process
Corrective & Preventive Action Required:
By ISO 9000
clause 4.14

By ISO/IEC 17025
clause 4.10 corrective action
clause 4.11 preventive action
Corrective Action
An action taken to correct a
problem
incorrect result
departure from procedure

Preventive Action
A proactive process to identify
improvement opportunities
potential sources of non-
conformance

Corrective & Preventive Action Program
Corrective and preventive action
managed by one programme
Closely linked to the internal audit
programme
Managed by the Quality Manager
Process managed using corrective
action form
1.CAR
Raised
2.CAR
logged
3.Investigate root
cause of problem
and identify CA
Management
Review
Major
change ?
5.CA
effective?
4.Implement
CA, Update
documentation
End
Problem
Solving Team
Corrective and
Preventive
Action Process
No Yes
1. Raising a Corrective or Preventive
Action
Audits (internal and external)
Observations by staff
Management review
Client feedback

2. Recording the CAR
Initiate CAR form
Record corrective or preventive
action
categorise
Quality Manager to
log in CAR
allocate unique CAR identification
number





3.1 Investigating the Corrective Action
Investigate root cause of the
problem
why did the problem occur ?
Potential causes:
samples
methods and procedures
staff skills and training
equipment and calibration
Record CAR
3.2 Identify Possible Corrective Action
Identify potential corrective action
what would prevent the problem from
happening again ?
Problem solving team
if many staff or departments affected
if major non-conformance
Record on CAR
4. Implement Corrective Action

Implement the action/s
make changes to the system
Record
Update documentation
5. Was Corrective Action Effective ?
Verify and record effectiveness
has it prevented the problem from
occurring again ?
follow up
additional audits