ISO 9001 - 2015 - Internal Audit Criteria With Examples
ISO 9001 - 2015 - Internal Audit Criteria With Examples
ISO 9001 - 2015 - Internal Audit Criteria With Examples
ISO Certification
—
An experienced ISO 9001, 27001, 14001, 45001
Consultant & Auditor in Malta
This page is dedicated to helping you learn the art & science of internal
auditing. It is by no means a comprehensive list but it gives you the basis of
ISO 9001:2015 – Internal Audit Criteria with examples.
Section one of five ISO 9001:2015 – Internal Audit Criteria with examples
contains five questions worth two marks each.
Assertive: being respectful of the client who is disagreeing with you, while
standing behind the point that you are making (which is backed-up by a
specific clause from the standard). This is without emotion, just stating facts.
Customer Satisfaction
Customer surveys
Market-share analysis
Verification Activities
Modelling/simulation
Experiments/tests
Two ways in which an auditor can verify that agreed corrective actions
have been effectively implemented.
Check whether changes are made to the management systems and talk with
the people involved to ensure that they know/implement the change
Update risks and opportunities during planning, and ensure that the right
actions are taken and implemented to mitigate risks and seize
opportunities for effective risk based management as per ISO
9001:2015
Go on site, to confirm that the changes has been implemented.
This means that decisions are taken based facts on objective analysis of data
and information, rather than hunches. This means that data is collected, and
effectively analysed to come up with factual information regarding a situation
– and subsequently evidence-based decision making can be done.
The following are examples of ISO 9001:2015 – Internal Audit Criteria for
evidence-based decision making.
Evaluation of Leadership
b) Give three examples of audit evidence you would gather as part of your
evaluation of Top Management leadership and commitment. (3 marks)
Traits of an auditor
b) Describe briefly the effect that not being diplomatic could have on an audit.
(2 marks)
Case Study
2.4 At the opening meeting of an external audit, you are informed that a
recent internal audit has found many nonconformities relating to the in-house
purchasing department. Corrective action has already been planned. It is
therefore suggested that to audit this department again would add no value
and asks if you could delete this department from the audit plan and spend
more time in the production area.
Outline five issues you would include in the response you would give to this
request. (5 marks)
1. The external audit has to cover all the processes that have been defined
within the audit programme
2. The results of the internal audit could be used as inputs for the
improvement of the QMS and therefore cannot be excluded
3. Since many non-conformities were already found, it would be wise to audit
the process again, as the external auditor might also provide additional
insight on how the improvement should be tackled – further improving the
corrective action that has already been planned
4. By having the external auditor reviewing the current purchasing process,
employees will further understand the importance of their role within the
company – internal and external auditors are reviewing their work to
ensure that it is done in a way that benefits all relevant stakeholders
5. The duration of the audit on the production area is adequate to the needs of
the company, and no additional person-hours are required
Audit Trail 1
3.1 During a routine surveillance visit, the organisation you are auditing
informs you that they no longer carry out any design and development
work. This activity is now outsourced to an external provider
(supplier/contractor).
Give four examples of audit trails/audit evidence you would look for to
determine the conformance of the current system with ISO 9001:2015, given
the information you have just received.
AND
For each of your examples, identify the clause(s) of ISO 9001:2015 that
relate to this situation. (10 marks)
Interview R&D
How does the company communicate the
Interview with 8.4.3
needs with the external provider
purchasing
Audit Trail 2
Step Responsibility
Close NC Auditor
Step Responsibility
NC raised Auditor
Correction Auditee
CA proposal Auditee
Accepted Auditor
Implement CA Auditor
Effectiveness of CA Auditor/auditee
Audit Trail 3
Note: 1 mark will be awarded per audit checkpoint, with 0.5 mark for the
supporting evidence and 0.5 mark for the appropriate ISO 9001:2015
reference. (10 marks)
Evidence
Audit Trail Purpose
sought
Interview with
How were the checking characteristics defined 8.5.1a1
QA
Is there a
How are the testing samples being processed?
procedure on 8.5.2
Is there a quarantine area?
this?
Interview with
How was this process included within the QMS? 4.4.1
QA
Interview with
Are the relevant people aware of how their job
people doing 7.3
affects the QMS?
the work
Segregated quarantine
Control of nonconforming outputs 8.7.1b
areas
Temperature, humidity
Physical env or lab measurement and related 7.1.4
data
Questions in this section are designed to test your ability to analyse audit
situations, evaluate audit evidence and apply knowledge of the audit criteria
correctly.
OR
· Your reason(s) for thinking there is not yet sufficient evidence to report your
findings as a nonconformity (2 marks)
Note: If you complete the audit investigation template for a situation where
there is evidence that a nonconformity exists, a maximum of 7 marks may be
awarded as follows:
In the final inspection and despatch area you are examining the inspection
and despatch records for order number 1234. This relates to product XYZ that
is due to be sent out to a customer.
You note that in the final inspection section of the records the word ‘OK’ is
written with the initials JW alongside it. The Despatch Supervisor tells you
that JW is one of the junior inspectors. You ask the supervisor: ‘Who has
authorised the release of the product?’ The supervisor replies that
authorisation is not necessary for this type of routine product and it is clear
from the records that the inspection was satisfactory. He says: ‘If there has
been any problem we get a signature from David Manvers, the Chief
Inspector, but only if they had to do some rework to the product.’
You check the organisation’s documented information for the product release
process and find it states that the Chief Inspector is responsible for
authorising the final release of all products.
NONCONFORMITY REPORT
You are auditing the design and development process in an organisation that
designs and manufactures industrial equipment. They are currently dealing
with a serious customer complaint relating to faulty safety mechanisms. They
have sent engineers to this customer to repair some equipment they designed,
manufactured and supplied two years earlier for contract number A123.
You find a recent note on file that states that the engineers are currently
having difficulty in repairing the equipment. They have been issued with the
latest drawings for the equipment (serial number X134, revision 3). The
drawings do not contain a modification to the safety mechanism that was
made prior to delivery and installation of the equipment.
You confirm with the Design Manager that revision 3 is the current version of
the drawings and that revision 3 does not include the change to the safety
mechanism. You ask the Design Manager why the modification to safety
mechanism was not made to the drawing and he replies that the change was
reviewed and considered to be minor with no impact on the equipment and it
didn’t affect the customer’s contract specification.
Or
Clause
The questions that the auditor will ask Interview/document
Number
Documented
Risks relating to the on-site repair process 6.1
information
Interview
Competence of engineers to fix problem Documented info – 7.2
competence
Interview
Competence of design manager to ensure
Documented info –
no impact on the equipment and it didn’t
competence 7.2
affect the customer’s contract
Documented info –
specification
customer contract
completed
You ask the Training Manager how they evaluated the training and are told
“We ask every person who attends a training course to complete a
questionnaire on whether they enjoyed the course, how useful they found the
training and how good the tutor was. This information helps us decide
whether to send other staff on the course”.
You examine the questionnaires completed by the three people who attended
the customer care course. All three awarded high marks on how enjoyable they
found the course and the usefulness of the course. All three also awarded a
satisfactory score for the tutor. If you think there is sufficient evidence to
report your findings as a nonconformity:
Or
Clause
The questions that the auditor will ask Interview/document
Number
Interview top
Risks relating to customer care within management
6.1.1
claims department Documented
information
We sincerely hope you have enjoyed this post about ISO 9001:2015 – Internal
Audit Criteria with examples. We have shared this information with a deep
commitment to help you grow your ISO 9001 Certification knowledge. The
more companies get ISO 9001 Certified, the better the value-chain will be
across the board.
If you are now interested in getting further help and you’d like to know the
cost for ISO 9001 Certification, we’d love to help.
If you are seeing the help of an ISO 9001 Consultant in Malta or anywhere
in the world, we can help. Alternatively, you might want to consider this ISO
9001 Software that will guide you towards ISO Certification at your own
pace.
Pingback:
Pingback:
Pingback:
Pingback:
Pingback:
Pingback:
ISO Certification,
Proudly powered by WordPress. Privacy Policy ISO Certification Cost – Get
Quote
About Luke Desira