Performance Based Internal Quality Audit Guide

INTERNAL QUALITY AUDIT (IQA) GUIDANCE

1111 INTRODUCTIONINTRODUCTIONINTRODUCTIONINTRODUCTION

2222 AUDIT PREPARATIONAUDIT PREPARATIONAUDIT PREPARATIONAUDIT PREPARATION

3333 CONDUCTING THE AUDITCONDUCTING THE AUDITCONDUCTING THE AUDITCONDUCTING THE AUDIT

4444 REPORT MAKINGREPORT MAKINGREPORT MAKINGREPORT MAKING

5555 REQUIREMENT AREA OF APPLICABILITY LISTREQUIREMENT AREA OF APPLICABILITY LISTREQUIREMENT AREA OF APPLICABILITY LISTREQUIREMENT AREA OF APPLICABILITY LIST

2

INTRODUCTIONINTRODUCTION

AUDITsystematic, independent and documented process for obtaining audit evidence (3.3) and evaluating it objectively to determine the extent to which the audit criteria (3.2) are fulfilled

NOTE 1 Internal audits, sometimes called first-party audits, are conducted by, or on behalf of, the organization itself for management review and other internal purposes, and may form the basis for an organization’s self-declaration of conformity. In many cases, particularly in smaller organizations, independence can be demonstrated by the freedom from responsibility for the activity being audited.

AUDIT CRITERIAset of policies, procedures or requirements

NOTE Audit criteria are used as a reference against which audit evidence (3.3) is compared.

AUDIT FINDINGresults of the evaluation of the collected audit evidence (3.3) against audit criteria (3.2)

NOTE Audit findings can indicate either conformity or nonconformity with audit criteria or opportunities forimprovement.

I. TERM & DEFINTION

3


II. AUDIT FINDING CRITERIA

NC – Non Compliance:

OBS – Observation:

CP – Compliance:

1. Documentation & practice comply with ISO requirement with some weakness(es) identified regarding auditor experience or practice in others area.

2. Any practice which could become best practice for others area .

1. The absence, or failure to implement & maintain 1 or more of quality management system requirement (ISO 9001) , or

2. Deviation between practice or actual with procedure, or 3. Condition which rise doubt base on evidence about the quality or process performance such as; Un

tolerable nonprime product frequently (> 2 cases / 3 month) pass to customer, > 3 last consecutive of KPI achievement failure, etc.

Comply with ISO requirement or document

4


a) interviews with employees and other persons;

b) observations of activities and the surrounding work environmental and conditions;

c) documents, such as policy, objectives, plans, procedures, standards, instruction, licenses and

permits specifications, drawings, contracts and orders;

d) records, such as inspection records, minutes of meeting, audit reports, records of monitoring

programs and the results of measurements;

e) data summaries, analyses and performance indicators;

f) information on the auditee's sampling programs and on procedures for the control of sampling and

measurement processes;

g) reports from other sources, for example, customer feedback, other relevant information from

external parties and supplier ratings;

h) computerized databases and web sites.

III. SOURCE OF INFORMATION

The option of source of information to find out and collect evidence for evaluating compliance degree, include;

5


IV. AUDIT TRIANGLE

REQUIREMENTSREQUIREMENTSREQUIREMENTSREQUIREMENTS

IMPLEMENTATIONIMPLEMENTATIONIMPLEMENTATIONIMPLEMENTATIONDOCUMENTDOCUMENT

COMLIANCE

ADEQUACY

The finding could be major for

external audit

Lower severity

6

AUDIT PREPARATIONAUDIT PREPARATION

1. Understanding source of information2. Knowing the applicable KPI of area being audited3. Knowing the achievement or issue/failure of KPIs4. Knowing the activities and understanding applicable document regarding the

issue or failure

Step Should Be Done:1. Contact commercial teams or VP/manager of area being audited2. Learning the applicable documents / conduct document review3. Identify document weaknesses if possible4. Identify critical point of document

I. UNDERSTANDING PROCESS OF AREA BEING AUDITED

7


Applicable form; FRM.QAS.06

1. Availability of applicable KPI2. Availability of action plan and its progress monitoring and further action follow up3. Availability of KPIs achievement monitoring data, Identify KPIs failure or negative

trends if any4. Availability of problem data affecting KPIs achievement, especially the failure or

negative trend. 5. Availability of cause analysis, Action selection and its result evaluation (CARR/PAR

implementation) of significant problem.6. Availability applicable document related to KPI failure or negative trend, or its related

improvement action (for confirmation only)7. Check the compliance of DR process of applicable document if any changes

II. CHECKLIST MAKING - GENERAL

Part 1 – Off site / KPI Related / Process Owner Audit

Item to be included as point check are consisted of 2 but as integral part, and made based on previous process understanding :

Note:For HR please see different checklist guidance

8


II. CHECKLIST MAKING – GENERAL (Continued)

Part 2 – On Site / Implementation Check 8. Critical point of applicable/related document (please write down all critical point of

the document/procedure as point check)9. Check the training record or DR understanding of the users if any deviation10. Actual condition for non human jobs, such as: Process spec, Tools type, tools

condition, etc11. Record of working result or process parameter monitoring12. Availability of cause analysis and or action for any deviation

9


1. Availability of position competence criteria2. Availability of competence record of all employees 3. Availability of competence evaluation record, especially for new hired, mutation, or

promotion process4. Availability of training/action plan & record as applicable for any deviation from

competence criteria5. Availability of training/action effectiveness evaluation record.6. Training management and hiring procedure as any problem in previous point (please

write down the critical point of the these procedure.

II. CHECKLIST MAKING – HR only

Note:Sampling approaches, New person/position or record of employees which identified lack of competence during audit at others area.

10


1. Availability of method to identify/determine customer needs/requirement2. Availability of record regarding the monitoring of perception of customer satisfaction,

(please identify the most critical concern and inform related area auditors to check its achievement)

3. Availability of record regarding the review of customer needs / concern4. Availability of system or action plan for ensuring the fulfillment of critical customer

needs/concern5. Availability of action plan progress monitoring and its required action

II. CHECKLIST MAKING – Customer Satisfaction Related Processes (additional)

Note:Could integrated with other process, and so the checklist are integrated

11


1. Availability of audit plan and management review schedule2. Availability of record of audit result and management review result3. Availability of monitoring system of finding and management review action4. Timely of closing the finding (internal and external) and management review action,

and it required action or others note5. Critical point of internal audit or management review procedure6. Critical point of document control procedure

II. CHECKLIST MAKING – QMS Only

Note: the item to be covered should be determined based on audit scope or objective, for example: if the focus of audit is:1. management review in checklist only state the management review

matter, and so other ways2. Document control, in checklist only state critical point of document

control procedure.

12

CONDUCTING THE AUDITCONDUCTING THE AUDIT

a) introduction to auditee and explain purposes of your coming;

b) Confirm his/her role, ask the persons you intended for as required

c) Reemphasize the improvement opportunity identification aim of audit ;

I. Greeting / Opening the Audit

This is essentials for ensuring the validity of evidence by interviewing the wrong person

(auditee), and making auditee feel free and open to talk. Bellow are the minimum step prior

detail interview with auditee.

II. Conducting Audit / Gathering Audit Evidence

Please follow the point check in the checklist by considering the source of information to

determine audit method, which might include:

a) Interview or activity observation (For interview: Please see interview guidance & Questioning Guidance)

b) Process parameter observation

c) Data or Record review

13

1. Introduce & explain the purpose of your coming as required

2. Request to auditee to explain their KPI/Business plan goal

3. Request to auditee to explain the method & tools of monitoring KPI achievement

4. Ask the evidence of monitoring result

5. Identify un achieved or negative trend KPI, if none ask auditee to explain;

a. The problems considered critical / have significant impact, then go to #6

b. The improvement considered having significant contribution, than go to #7

6. Ask auditee to explain its cause, improvement action, Its result & further action as

required

7. As report or evidence, identify the needs for document revision/creation, such as:

Changes of working method, Specification, equipment that lead working method

changes, etc.

8. Identify the possibility of become best practice or having weaknesses, challenge

auditee for clarification.

9. Ask auditee to show the document, write down its number or changes to check the

implementation.

III. Guidance of Auditing Process Owner / Desk Audit

Note: Italic text might lead to finding whether NC, negative observation, or positive observation


14


2. ask auditee to explain his/her area responsibilities,

3. Select the activity you intended for check refer to checklist or result of previous audit

with manager, ask auditee to explain how to perform

4. Compare with required by standard/document/checklist as applicable

5. Ask auditee to explain why doing that if any deviation, please do not mention the

deviation

6. Ask question about which document is applicable to the jobs, and ask to show

7. Let he/she to know the deviation, explain the losses experienced or contact his/her

supervisor to explain.

8. Notify auditor for HR area or document control as applicable, for further verification.

IV. Guidance of Implementation / Field Auditing

Note: Italic text might lead to NC


15


2. Explain about competence issue

3. Ask auditee to show the competence record of employee having competence issue.

Verify the intended issue

4. If lack of intended competency, ask auditee to show the competence evaluation of

the employee to fill his/her position.

5. If not available ask more sample of employee evaluation result.

6. Ask auditee to show the record of action plan to address evaluation result and its

result evaluation.

7. If no action plan, ask auditee to show general employee development plan and its

implementation status & monitoring

V. Guidance of HR Auditing

If any competence issue from other area audit, then use trace backward audit

Note: - Italic text might lead to NC, especially #5 & # 7 might become major- If no trigger issue the audit just follow the check list by asking record sample to

auditee take up to 3 new hired / new posted employee (trace forward)


16


2. Explain about awareness issue

3. Ask auditee to show the record of understanding related to intended document

4. If not available, ask auditee to show ask more sample of other document

understanding record.

VI. Guidance of Auditing Document Controller

If any lack awareness issue during other area audit

Note: - Italic text might lead to NC, especially #4 might become major

If no issue, the audit just follow critical point check in checklist by verifying record sample sample


17

VII. Guidance of Probing The Problem

When find any problem, please try to probe deeper to find the real problem for ensuring the determination of right PIC, area responsible, and effectiveness of action. Since the first problem might only symptom. Such the bellow case:

Employee setting the temperature deviate from spec

Bellow are the list of possible real problem:a. Ineffective training managementb. Ineffective equipment maintenance which caused setting difficultyc. Lack of management commitment about resource provisiond. Ineffective document control systeme. Ineffective communication system, since the problem not forwarded to

responsible areaf. etc


18

VIII. Guidance of Find a Potential Finding

a. Try to probe refer to probing guidanceb. Take copy of evidence or write the data of evidencec. Find out related losses/benefits of the finding, might from previous experience

by asking employee supervisor, asking process customer external or internal as required.

In order make value added finding, knowing the real problem and having evidence between finding and losses or benefits is essentials. Bellow are the step after identify potential finding.

Give marker / identification to the potential finding notes in audit note for easier report making.


19

a) interviews should be held with persons from appropriate levels and functions

performing activities or task within the scope of that audit;

b) interviews should be conducted during the normal working hours and, where

practical, at the normal workplace of the person being interviewed;

c) every attempt should be made to put the person being interviewed at ease prior to

and during the interview;

d) the reason for the interview and any note taking should be explained;

e) interviews can be initiated by asking the persons to describe their work;

f) questions that bias the answers (i.e. leading questions) should be avoided;

g) the results from the interview should be summarized and reviewed with the

interviewed person;

h) the interviewed persons should be thanked for their participation and cooperation.

IX. GUIDANCE – CONDUCTING INTERVIEW

Interviews are one of the important means of collecting information and should be carried out

in a manner adapted to the situation and the person interviewed. However, the auditor

should consider the following:


20

REPORT MAKINGREPORT MAKING

I. GUIDANCE – COMPILING AUDIT RESULT

Audite not should be compiled in appropriate manner to make report which understandable

by auditee and traceable for the future follow up process, bellow are the step:

1. Sort identified potential finding its associate evidence2. Evaluate with applicable audit criteria, try to closest ISO requirement as possible for

NC.3. Determine the finding category 4. Update the criteria of applicable point check in checklist, write the problem into note/

Comment column5. Contact MR for any issue

Problem &its evidence

Audit Criteria

Finding Finding CategoryCategory

21


II. GUIDANCE – FINDING STATEMENT WRITING(REPORT MAKING)

In order to make report which understandable by auditee and traceable for the future follow

up process, finding statement should consist the component bellow :

Problem – Statement of the problem encountered, suggested the statement of

weakness against ISO requirement section, eg:

Ineffectiveness of training management…Lack of evidence for ensuring the competence of employee…Unable to convince the provision of competence employee….

Location – Statement of area where the evidence observed, eg: MCL entry…Warehouse team…CPL lab….

Objectives evidence – Statement of evidences founded, eg: Operator A have no competence evaluation report an, and not well understand how to set temperature X…

Reference – Statement of the audit criteria not fulfilled, eg: This not comply with ISO 9001 requirement clause 6.2

Note:The sequence can be randomized, such as POLR, RPOL, RPLO, etc.

22


II. GUIDANCE – FINDING STATEMENT WRITING(REPORT MAKING)

continuedSample of correct statement:

It is observed that training management not effective as it founded at MCL entry area 3 operator (a,b,c) unable to set the temperature station x correctly, and they have no competency evaluation record. It’s not comply with ISO 9001 requirement clause 6.2

Incomplete Statement

Training management not effective at MCL entry area. It’s not comply with ISO 9001 requirement clause 6.2 (no objective evidence, debatable by auditee, & difficult to address the right employee)

MCL entry operator unable to set the temperature station x correctly, and they have no competency evaluation record. (no problem statement uneasy to catch bigger issue, No clear evidence, no reference to judge the NC)

23

REQUIREMENT AREA OF APPLICABILITY LISTREQUIREMENT AREA OF APPLICABILITY LIST

No. Requirement No. Applicable Area

1 4 General

2 5 General

3 6.1 General

4 6.2 HR

5 6.3 Maintenance, MFG, IT

6 6.4 MFG, Maintenance, W/H

7 7.1 General

8 7.2 Sales, MO, PPIC, Finance

9. 7.3 Product Development

10. 7.4 Purchasing

11. 7.5.1 General

No. Requirement No. Applicable Area

12. 7.5.2 MFG

13. 7.5.3 MFG, W/H

14. 7.5.4 Exclude

15. 7.5.5 W/H, MFG

16. 7.6 Maintenance, MFG

17. 8.2.1 CS

18. 8.2.2 General

19. 8.2.3 General

20. 8.3 MFG, W/H

21 8.4 General

22 8.5 General

Performance Based Internal Quality Audit Guide

Technology

Transcript of Performance Based Internal Quality Audit Guide