ISO 9001:2015

INTERNAL AUDITOR
TRAINING

Purpose of Auditing

Verify conformity
Verify effectiveness
Show opportunity to improve
Meet regulatory requirements

Internal Audits - performed within an

organization to measure its own performance &
determine conformance.

Plan & Be Prepared

Quality Administrator will send out
1. Audit schedule at the beginning of each
year
2. Audit Plan cover sheet at the beginning
of each audit quarter.
3

Plan & Be Prepared

To access information needed for the audit:
Use shortcut - Manufacturing-Distribution Home (Share Point),
or
Access page at:
http://teamsites/supplychain/ManufacturingDistribution/SitePages/Home.aspx

Go to panel on left side of screen & choose department you are

auditing

Actions:
Familiarize*
with list of
documents for
department
being audited.
Print & review
individual forms
(e.g., product
control plans,
work
*Print as preference
instructions)

Actions Contd:
Locate previous audit
report in same file under
Internal Audit
Print copy & review,
especially any identified
issues, before audit

For Production
Departments:

Locate the Process Control Plan by

selecting Engineering on left side of
panel under the control plan section.
Choose the plans pertaining to the
department to be audited.

Production Departments
Contd:
Locate, print, &
use the correct
Internal Audit
Checklist for the
audit.
Choose
Quality on the
left side panel,
under the
forms section

Planning For The Audit

Provide advanced notice (e.g., email) to
associates involved in audit to schedule &
identify required support.
Provides time for them to prepare for the
audit.
Confirms audit date is on their schedule.
Define safety equipment requirements before
the audit.
Be respectful of associate time by completing

Auditor Requirements:
Conduct yourself in a professional manner
Use independent & unbiased judgment during audit.
Ensure no personal or professional involvement
w/associates.

Use effective auditing strategies

Complete walkthrough before interview session.

Confirm priority checklist items during walkthrough.
Follow the product process flow from input to shipping.
Identify any issues for discussion during interview
session.
Ensure you have complete understanding of process &
10
controls by asking for clarification.

Auditor Requirements
Contd:

Completing the interview session

State the purpose & objective of the audit.
Put associate at ease & treat w/respect.
Use checklist as your guide for questions.
Take accurate, precise & legible notes.
Identify important points (e.g., strengths,
weaknesses).

Closing the interview session

Summarize audit findings & needed actions.
Provide overview of audit findings to associates.

End with Thanks for their cooperation &

11

Auditor Guidance:
Practice Art of
Listening
Eliminate
distractions
Listen for content
Suspend judgment
Listening for themes
Seek clarification
Re-direct discussions
as needed to stay
focused

Ask Open-Ended Questions

Open-ended vs Closed-ended Questions

Open-Ended Questions Closed-Ended Questions

How do you record the test

results?

What is the first thing you

do?

What is the standard

procedure for responding to
customer complaints?

What do you do with the

finished product?

Do you record the test results?

Do you set up the machine first?

When a customer calls, do you

have to record the details?

Do you pack the finished product

in the box?

12

Auditor Guidance Contd:

Product Sampling:

Complete random sampling due to limited time

Auditor should select the sample
Examine the sample in detail
Cover relevant period
Look @ control

Verify Records & Documents

Procedures and work instructions should be
current & consistent w/processes
Records should be maintained, accessible, &
sufficient

13

Auditor Guidance Contd:

Validate Findings
Ensure accuracy of information.
Ask for information in different way for collaboration.
Ensure evidence demonstrates activity performed as
described.
Ask several people the same question, as needed.
Observe the activity in question being performed.
Review evidence such as procedures, instructions &
records.

14

Auditor Guidance Contd:

Document Audit Findings
Positive findings/strengths
Opportunities for improvement/observation
Nonconformities- major/minor
Action items to be completed

15

Auditor Guidance Contd:

Nonconformances

Must be well-documented & have 3 parts

1. Requirement
2. Failure
3. Evidence

Major Nonconformance
The absence or total breakdown of a system
Number of minor nonconformities against one
clause

Minor Nonconformance
Failure to meet one requirement of the standard,
or single lapse in following one item of a company

16

Auditor Guidance Contd:

Objective Evidence

Observations

Factual evidence:
Keep observing physical
Differences between procedures,
evidence
audit criteria, & forms
Products
Differences between procedures &
Equipment
working practices
Instruments
Lack of evidence:
Conditions
Supporting implementation
Operations
Supporting continuous
implementation

Auditor Guidance Contd:

Optional Content

Not included in Audit Report

Summary of audit process

Subjective opinions
Identify uncertainties
Deficiencies corrected during
Identify obstacles could affect
audit
results
Specific names of associates
Confirm audit objective
associated with the findings
accomplished

Recommend improvements
Agree on follow up actions

Identify action owners & targeted

closure dates

18

ISO9001:20
15
The Standard
19

ISO 9001:2015
4.0 Context of the Organization (Completely
New Section)
Organizations - required to identify any internal &
external issues that may impact their quality
management systems ability to deliver its intended
results known as Risk.
A tool that helps with identifying risk is called a SWOT
Analysis . It identifies strength, weaknesses,
opportunities & threats of organization & strategic
planning.

20

ISO 9001:2015
4.1 Understanding Organization & its Context
External connections includes: Cultural, social, political,
legal, financial, economic, natural & competitive
environment
Internal connections includes: Corporate culture,
organizational structure, roles & accountabilities,
policies, objectives & strategies, resources, information
flows and decision-making processes
21

ISO 9001:2015
4.2 Understanding Needs & Expectations of
Interested Parties
Interested parties - any people or entities that believe
they affect, are affected, or could be affected by your
organization
Examples - are customers, suppliers, employees, owners,
community, law enforcement, emergency responders &
news media.
Attention - should be focused on those interested parties
that can impact the organizations ability to consistently 22

ISO 9001:2015
4.3 Determining the Scope of the Quality Management
System (Expanded)
Organization - shall determine boundaries & relevance of the QMS
and what must be considered.

4.4 Quality Management System & its Processes (Similar,

but more thorough)
Organizations shall determine:
Inputs required & outputs expected
Measurements & related performance indicators
Responsibilities & authorities
Risks & Opportunities; plan & implement actions

23

ISO 9001:2015
5.0 Leadership (Renamed from Management
Responsibility)
Top management - must manage quality, not delegate it.
Removal - all references to role of management representative.
Quality management system - should be included in routine
business operations.

24

ISO 9001:2015
5.1 Leadership & Commitment
5.1.1 General (Similar with added requirements)
Top management - shall demonstrate leadership &
commitment to QMS by:
Ensuring policy & objectives are compatible with
strategic direction
Ensuring the quality policy is communicated,
understood & applied
Promoting awareness of the process approach
Supporting other relevant management roles to
demonstrate their leadership

25

ISO 9001:2015
5.1.1 General Continued
Top management is also required to ensure that:
Customer requirements are determined & met
Risks & opportunities that can affect conformity are
determined & addressed
Meeting customer & applicable statutory & regulatory
requirements maintained
Focus on enhancing customer satisfaction is maintained
5.1.2 Customer Focus (Equivalent w/addition of risk &
opportunities)
Customer focus is the awareness of
who the customers are,

26

ISO 9001:2015
5.2 Policy (Equivalent with minor additions)
The quality policy shall:
be available as documented information
be communicated within the organization
be available to interested parties, as appropriate

5.3 Organizational Roles, Responsibilities & Authorities

(Equivalent)
Top management - shall assign the responsibility & authority
27

ISO 9001:2015
6.0 Planning (No equivalent)
Risk-based thinking & management
Required elements of successful quality management
system plan
Measurement-based means to continually evaluate &
update plan
Implementing plan based on fulfilling agreed upon
customer requirements, & supporting effort
w/appropriate resources & repeatable processes
Updating the plan based on measuring ongoing
effectiveness & any newly discovered risks or
28

ISO 9001:2015
6.1 Actions to Address Risks & Opportunities
(New)
Will help the organization:
Achieve its intended results
Enhance a result
Prevent a result the organization doesnt want to
occur
Continually improve
29

ISO 9001:2015
6.1 Actions to Address Risks & Opportunities Continued
Actions are to be implemented to evaluate their
effectiveness
Options can include:

Avoiding risk
Eliminating the risk source
Changing the likelihood or consequences
Sharing the risk
Retaining risk by informed decision
30

ISO 9001:2015
6.2 Quality Objectives & Planning to achieve them
(Equivalent w/addition of achieving objectives)
The organization shall establish quality objectives
at appropriate functions, levels and processes
that are measurable & monitored.
The organization shall determine what will be
done, what resources will be required, who will be
responsible, when it will be completed & how the
results will be evaluated.
31

ISO 9001:2015
6.3 Planning of Changes (Equivalent with
additional requirements)
Consider:

The purpose & potential consequences

The integrity of Quality Management System
The availability of resources
Responsibilities and authorities

32

ISO 9001:2015

7.0 Support Processes

7.1 Resources (Equivalent)
For the purpose of establishing, implementing,
maintaining, & continual improving of the Quality
Management System, they are:
People needs
Infrastructure, like buildings, utilities, equipment,
hardware, software,
transport & communication
Process environment-the conditions of the workplace
Monitoring & measuring resources
Organizational knowledge

33

ISO 9001:2015
7.2 Competence (Equivalent)
Determine the necessary competence of person
doing work on the basis of appropriate education,
training, or experience
Take actions to acquire the necessary
competence, & evaluate the effectiveness
Retain appropriate documented information as
evidence of competence
34

ISO 9001:2015
7.3 Awareness (Equivalent with minor
additions)
Persons doing the work should be aware of:
the quality policy
relevant quality objectives
their contribution
implications of not conforming
35

ISO 9001:2015
7.5 Documented Information (Renamed
from documents & records)

Document: Living information that is used

for decision making or performing tasks.
Subject to revision.
Such things as, procedures, policies,
instructions, and blank checklists.
Records: Historical information about
things that have already happened.
Not subject to change.
36

ISO 9001:2015
7.5 Documented Information .continued
Ensure the following are present when creating
& updating documented information:
Identification: titles, document numbers, or
something that represents identity
Format: must be appropriate to the purpose and
users, & the media must be accessible &
understandable.
Review & Approval: signatures, initials, email
approval, electronic signatures, meeting minutes or
click-box approval is acceptable
3

ISO 9001:2015
8.0 Operation
8.1 Operational Planning & Control (Equivalent)

Determine requirements
Establish the processes & acceptance criteria
Determine resources needed
Implement control
Retain documented information

Plan Output in a suitable form

Plan for expected & unexpected changes
Control of outsourcing

38

ISO 9001:2015

8.2 Requirements for products and services

(Equivalent)
Customer Communication should be effective at
all times
Customer Requirements defined
Customer Requirements how to meet them &
reviewing them
39

ISO 9001:2015
8.3 Design & Development of products &
services (Equivalent)
The organization shall:
Establish, Implement & Maintain
Plan by determining the stages & controls
Determine Inputs
Document Outputs
Identify, review & control (verify & validate)
Changes
40

ISO 9001:2015
8.4 Control of externally provided processes,
products & services (Equivalent)
This is basically concerning Purchasing which include:
Raw Materials
Products that a supplier provides directly to your customer
Processes provided by subcontractors

41

ISO 9001:2015
8.5 Production & Service Provision (providing)
Control
Availability of specifications
Availability & use of verification equipment
Implementation of monitoring & measurement
Effective infrastructure & environment
Selection of competent people
Validation of processes when outcomes cannot be verified
Actions to remove human error
Release, delivery & post-delivery activities
42

ISO 9001:2015
8.5 Production & Service Provisioncontinued
Identification & Traceability- most common types are
labels, stickers, tickets, bar codes, tags, serial
numbers, travelers & work orders & location
identification
Must control the processes that produce your goods
& services
Property belonging to customers & external providers
43

ISO 9001:2015
8.5 Production & Service Provision.continued
Post-delivery activities covering
associated risks(potential problems),
statutory & regulatory requirements,
application & lifecycle,
customer requirements & customer feedback
Control of changes includes,
results of reviewing the changes,
who authorized the change and
any necessary action from the review- go back to
the old way or establish the change as the new
benchmark

44

ISO 9001:2015
8.6 Release of Products & Services (Equivalent)
Before releasing something: test, inspect, review,
patrol, examine or assess.

8.7 Control of nonconforming outputs

(Equivalent)

Identification of nonconforming product or service

Controlling nonconforming outputs
Nonconforming outputs detected after delivery or use
Dealing with nonconforming outputs
Re-verifying after correction
Retained documented information

45

ISO 9001:2015
9.0 Performance Evaluation
9.1 Monitoring, measurement, analysis and evaluation
(Equivalent)

What needs to be monitored & measured?

What method will be used?
When will it be performed?
When will results be analyzed & evaluated?
Evaluate the performance & effectiveness of the QMS
Retain documented information
Customer satisfaction
Analysis and evaluation of data

46

ISO 9001:2015
9.2 Internal Audit
The organization shall conduct internal audits at
planned intervals to provide information on
whether the quality management system:
Conforms to the organizations own
requirements for its quality management
system
The requirements of this international standard
are effectively implemented and maintained.

ISO 9001:2015
9.2 Internal Audit.continued
The organization shall:
Plan, establish, implement and maintain an audit program
including frequency, methods, responsibilities, planning
requirements and reporting, which shall take into
consideration the importance of the processes concerned,
changes affecting the organization, and the results of
previous audits
Define the audit criteria and scope for each audit
Select auditors and conduct audits to ensure objectivity
48
and the impartiality of the audit process

ISO 9001:2015
9.2 Internal Audit.continued
Ensure that the results of the audits are reported to
relevant management
Take appropriate correction and corrective actions
without undue delay
Retain documented information as evidence of the
implementation of the audit program and the audit
results
4
9

ISO 9001:2015
9.3 Management Review
Requirements
External & internal issues relevant to QMS & strategic
direction
Information on the quality performance, including trends &
indicators for:
Monitoring & measurement results
Issues concerning external providers and other relevant
interested parties
Adequacy of resources
5

ISO 9001:2015
10 Improvement

General
Implement actions to meet customer
requirements and enhance customer
satisfaction, by:
Improving processes to prevent
nonconformities
Improving products and services to meet
known and predicted requirements
Improving quality manage system results
May include breakthrough improvements,
innovation, transformation etc.

51

ISO 9001:2015

10 Improvement..continued

Nonconformity and corrective action

When a nonconformity occurs, the organization shall:
React to the nonconformity, and as appropriate
Take action to control and correct it and
Deal with the consequences
Evaluate the need for action to eliminate the causes
of the nonconformity, in order that it does not reoccur
or occur elsewhere, by:
Reviewing the nonconformity
Determining the causes of the nonconformity and
Determining if similar nonconformances exist, or
could potentially occur
52

ISO 9001:2015
10 Improvement..continued
implement any action needed
review the effectiveness of any corrective
action taken, and
make changes to the quality management
system, if necessary
Consider outputs of analysis and evaluation, and
outputs from management review, to identify
areas of underperformance or opportunities for
improvement
Select and utilize appropriate tools and methods
for investigation of the causes of
underperformance and for supporting continual
improvement

53