Professional Documents
Culture Documents
INTERNAL AUDITOR
TRAINING
Purpose of Auditing
Verify conformity
Verify effectiveness
Show opportunity to improve
Meet regulatory requirements
Actions:
Familiarize*
with list of
documents for
department
being audited.
Print & review
individual forms
(e.g., product
control plans,
work
*Print as preference
instructions)
Actions Contd:
Locate previous audit
report in same file under
Internal Audit
Print copy & review,
especially any identified
issues, before audit
For Production
Departments:
Production Departments
Contd:
Locate, print, &
use the correct
Internal Audit
Checklist for the
audit.
Choose
Quality on the
left side panel,
under the
forms section
Auditor Requirements:
Conduct yourself in a professional manner
Use independent & unbiased judgment during audit.
Ensure no personal or professional involvement
w/associates.
Auditor Requirements
Contd:
11
Auditor Guidance:
Practice Art of
Listening
Eliminate
distractions
Listen for content
Suspend judgment
Listening for themes
Seek clarification
Re-direct discussions
as needed to stay
focused
12
13
14
15
Major Nonconformance
The absence or total breakdown of a system
Number of minor nonconformities against one
clause
Minor Nonconformance
Failure to meet one requirement of the standard,
or single lapse in following one item of a company
16
Observations
Factual evidence:
Keep observing physical
Differences between procedures,
evidence
audit criteria, & forms
Products
Differences between procedures &
Equipment
working practices
Instruments
Lack of evidence:
Conditions
Supporting implementation
Operations
Supporting continuous
implementation
Subjective opinions
Identify uncertainties
Deficiencies corrected during
Identify obstacles could affect
audit
results
Specific names of associates
Confirm audit objective
associated with the findings
accomplished
Recommend improvements
Agree on follow up actions
18
ISO9001:20
15
The Standard
19
ISO 9001:2015
4.0 Context of the Organization (Completely
New Section)
Organizations - required to identify any internal &
external issues that may impact their quality
management systems ability to deliver its intended
results known as Risk.
A tool that helps with identifying risk is called a SWOT
Analysis . It identifies strength, weaknesses,
opportunities & threats of organization & strategic
planning.
20
ISO 9001:2015
4.1 Understanding Organization & its Context
External connections includes: Cultural, social, political,
legal, financial, economic, natural & competitive
environment
Internal connections includes: Corporate culture,
organizational structure, roles & accountabilities,
policies, objectives & strategies, resources, information
flows and decision-making processes
21
ISO 9001:2015
4.2 Understanding Needs & Expectations of
Interested Parties
Interested parties - any people or entities that believe
they affect, are affected, or could be affected by your
organization
Examples - are customers, suppliers, employees, owners,
community, law enforcement, emergency responders &
news media.
Attention - should be focused on those interested parties
that can impact the organizations ability to consistently 22
ISO 9001:2015
4.3 Determining the Scope of the Quality Management
System (Expanded)
Organization - shall determine boundaries & relevance of the QMS
and what must be considered.
23
ISO 9001:2015
5.0 Leadership (Renamed from Management
Responsibility)
Top management - must manage quality, not delegate it.
Removal - all references to role of management representative.
Quality management system - should be included in routine
business operations.
24
ISO 9001:2015
5.1 Leadership & Commitment
5.1.1 General (Similar with added requirements)
Top management - shall demonstrate leadership &
commitment to QMS by:
Ensuring policy & objectives are compatible with
strategic direction
Ensuring the quality policy is communicated,
understood & applied
Promoting awareness of the process approach
Supporting other relevant management roles to
demonstrate their leadership
25
ISO 9001:2015
5.1.1 General Continued
Top management is also required to ensure that:
Customer requirements are determined & met
Risks & opportunities that can affect conformity are
determined & addressed
Meeting customer & applicable statutory & regulatory
requirements maintained
Focus on enhancing customer satisfaction is maintained
5.1.2 Customer Focus (Equivalent w/addition of risk &
opportunities)
Customer focus is the awareness of
who the customers are,
26
ISO 9001:2015
5.2 Policy (Equivalent with minor additions)
The quality policy shall:
be available as documented information
be communicated within the organization
be available to interested parties, as appropriate
ISO 9001:2015
6.0 Planning (No equivalent)
Risk-based thinking & management
Required elements of successful quality management
system plan
Measurement-based means to continually evaluate &
update plan
Implementing plan based on fulfilling agreed upon
customer requirements, & supporting effort
w/appropriate resources & repeatable processes
Updating the plan based on measuring ongoing
effectiveness & any newly discovered risks or
28
ISO 9001:2015
6.1 Actions to Address Risks & Opportunities
(New)
Will help the organization:
Achieve its intended results
Enhance a result
Prevent a result the organization doesnt want to
occur
Continually improve
29
ISO 9001:2015
6.1 Actions to Address Risks & Opportunities Continued
Actions are to be implemented to evaluate their
effectiveness
Options can include:
Avoiding risk
Eliminating the risk source
Changing the likelihood or consequences
Sharing the risk
Retaining risk by informed decision
30
ISO 9001:2015
6.2 Quality Objectives & Planning to achieve them
(Equivalent w/addition of achieving objectives)
The organization shall establish quality objectives
at appropriate functions, levels and processes
that are measurable & monitored.
The organization shall determine what will be
done, what resources will be required, who will be
responsible, when it will be completed & how the
results will be evaluated.
31
ISO 9001:2015
6.3 Planning of Changes (Equivalent with
additional requirements)
Consider:
32
ISO 9001:2015
33
ISO 9001:2015
7.2 Competence (Equivalent)
Determine the necessary competence of person
doing work on the basis of appropriate education,
training, or experience
Take actions to acquire the necessary
competence, & evaluate the effectiveness
Retain appropriate documented information as
evidence of competence
34
ISO 9001:2015
7.3 Awareness (Equivalent with minor
additions)
Persons doing the work should be aware of:
the quality policy
relevant quality objectives
their contribution
implications of not conforming
35
ISO 9001:2015
7.5 Documented Information (Renamed
from documents & records)
ISO 9001:2015
7.5 Documented Information .continued
Ensure the following are present when creating
& updating documented information:
Identification: titles, document numbers, or
something that represents identity
Format: must be appropriate to the purpose and
users, & the media must be accessible &
understandable.
Review & Approval: signatures, initials, email
approval, electronic signatures, meeting minutes or
click-box approval is acceptable
3
ISO 9001:2015
8.0 Operation
8.1 Operational Planning & Control (Equivalent)
Determine requirements
Establish the processes & acceptance criteria
Determine resources needed
Implement control
Retain documented information
38
ISO 9001:2015
ISO 9001:2015
8.3 Design & Development of products &
services (Equivalent)
The organization shall:
Establish, Implement & Maintain
Plan by determining the stages & controls
Determine Inputs
Document Outputs
Identify, review & control (verify & validate)
Changes
40
ISO 9001:2015
8.4 Control of externally provided processes,
products & services (Equivalent)
This is basically concerning Purchasing which include:
Raw Materials
Products that a supplier provides directly to your customer
Processes provided by subcontractors
41
ISO 9001:2015
8.5 Production & Service Provision (providing)
Control
Availability of specifications
Availability & use of verification equipment
Implementation of monitoring & measurement
Effective infrastructure & environment
Selection of competent people
Validation of processes when outcomes cannot be verified
Actions to remove human error
Release, delivery & post-delivery activities
42
ISO 9001:2015
8.5 Production & Service Provisioncontinued
Identification & Traceability- most common types are
labels, stickers, tickets, bar codes, tags, serial
numbers, travelers & work orders & location
identification
Must control the processes that produce your goods
& services
Property belonging to customers & external providers
43
ISO 9001:2015
8.5 Production & Service Provision.continued
Post-delivery activities covering
associated risks(potential problems),
statutory & regulatory requirements,
application & lifecycle,
customer requirements & customer feedback
Control of changes includes,
results of reviewing the changes,
who authorized the change and
any necessary action from the review- go back to
the old way or establish the change as the new
benchmark
44
ISO 9001:2015
8.6 Release of Products & Services (Equivalent)
Before releasing something: test, inspect, review,
patrol, examine or assess.
45
ISO 9001:2015
9.0 Performance Evaluation
9.1 Monitoring, measurement, analysis and evaluation
(Equivalent)
46
ISO 9001:2015
9.2 Internal Audit
The organization shall conduct internal audits at
planned intervals to provide information on
whether the quality management system:
Conforms to the organizations own
requirements for its quality management
system
The requirements of this international standard
are effectively implemented and maintained.
ISO 9001:2015
9.2 Internal Audit.continued
The organization shall:
Plan, establish, implement and maintain an audit program
including frequency, methods, responsibilities, planning
requirements and reporting, which shall take into
consideration the importance of the processes concerned,
changes affecting the organization, and the results of
previous audits
Define the audit criteria and scope for each audit
Select auditors and conduct audits to ensure objectivity
48
and the impartiality of the audit process
ISO 9001:2015
9.2 Internal Audit.continued
Ensure that the results of the audits are reported to
relevant management
Take appropriate correction and corrective actions
without undue delay
Retain documented information as evidence of the
implementation of the audit program and the audit
results
4
9
ISO 9001:2015
9.3 Management Review
Requirements
External & internal issues relevant to QMS & strategic
direction
Information on the quality performance, including trends &
indicators for:
Monitoring & measurement results
Issues concerning external providers and other relevant
interested parties
Adequacy of resources
5
ISO 9001:2015
10 Improvement
General
Implement actions to meet customer
requirements and enhance customer
satisfaction, by:
Improving processes to prevent
nonconformities
Improving products and services to meet
known and predicted requirements
Improving quality manage system results
May include breakthrough improvements,
innovation, transformation etc.
51
ISO 9001:2015
10 Improvement..continued
ISO 9001:2015
10 Improvement..continued
implement any action needed
review the effectiveness of any corrective
action taken, and
make changes to the quality management
system, if necessary
Consider outputs of analysis and evaluation, and
outputs from management review, to identify
areas of underperformance or opportunities for
improvement
Select and utilize appropriate tools and methods
for investigation of the causes of
underperformance and for supporting continual
improvement
53