| |
Stage 4 - Conducting the on-site activities
An opening meeting should be held with auditee’s management and
process owners for the functions or processes to be audited. The
purpose of an opening meeting is:
a) To confirm the audit plan,
b) To provide a short summary of how the audit activities will be
undertaken,
c) To confirm communication channels,
d) To provide an opportunity for the auditee to ask questions.
An attendance record for the opening meeting should be kept, as well
as a record of topics covered and questions asked and answered.
This is the time for the auditee to get clarification for any aspect
of the audit process. For example, if your audit program classifies
nonconformances as either minor or major and the auditee isn't clear
on the difference, now is the time to discuss it. Don't wait until
the nonconformances have been written and classified, then attempt
to argue the auditor out of his/her decision.
Contrary to what some auditees believe auditors are human and can
become aggravated. And, you don't want to have to deal with an angry
auditor. I'm not saying you shouldn't present your position and
objective evidence for issues the auditor is mistaken about. Gather
your evidence and present it in a professional manner. Hopefully,
the auditor has presented the situation to you before the
nonconformance has been written and any misunderstandings are
avoided.
Opening meetings are not a mandatory internal audit activity and
many companies don't hold them. As long as everyone involved in the
internal audit is clear on the methods and process to be used, an
opening meeting may not be necessary.
Communications during the audit.
Depending upon the scope and complexity of the audit, it can be
necessary to make formal arrangements for communication within the
audit team and with the auditee during the audit. The audit team
should get together occasionally to exchange information, assess
audit progress, and to reassign work between the audit team members
as needed.
During the audit, the audit team leader should periodically
communicate the progress of the audit and any concerns to the
auditee and audit client, as needed. Objective evidence collected
during the audit that shows an immediate and significant risk (e.g.
safety, environmental or quality) should be reported without delay.
Any concern about an issue outside the audit scope should be noted
and reported to the audit team leader, for possible communication to
the audit client and auditee.
Where the available audit evidence indicates that the audit
objectives are unattainable, the audit team leader should report the
reasons to the audit client and the auditee to determine appropriate
action. Such action may include reconfirmation or modification of
the audit plan, changes to the audit objectives or audit scope, or
termination of the audit.
Guides, escorts and observers:
Guides, escorts and observers may accompany the audit team but are
not a part of it. They should not influence or interfere with the
conduct of the audit. However, they must protect their company's
interests and information.
When guides are appointed by the auditee, they should assist the
audit team and act on the request of the audit team leader. Their
responsibilities may include the following:
a) Establishing contacts and timing for interviews,
b) Arranging visits to specific parts of the site or organization,
c) Ensuring that rules concerning site safety and security
procedures are known and respected by the audit team members,
d) Witnessing the audit on behalf of the auditee,
e) Providing clarification or assisting in collecting information.
Collecting and verifying information:
Information and data relevant to the audit including information
relating to interfaces between functions, activities and processes
should be collected by appropriate sampling and interviewing
techniques and must be verified before being recorded. Only
information that is verifiable may be objective evidence. All audit
objective evidence should be recorded.
A question I'm asked "Is verbal/oral evidence considered to be
objective evidence?" Yes, if the person being interviewed is
responsible and accountable for the activity the statement refers
to. However, before you record any information from the exchange,
you must verify that what you heard is what the interviewee said.
The audit evidence is based on samples of the available information.
Therefore, there is always an element of uncertainty in auditing,
and all those involved should be aware of this uncertainty.
Generating audit findings:
Objective evidence should be evaluated against the audit criteria to
generate the audit findings. Audit findings can indicate conformity
or nonconformity with audit criteria. In other words, findings are
just relevant audit information. Findings must be determined as okay
or not. It isn't unusual to hear an auditor that has been auditing
for years to refer to a nonconformity as a finding. Nonconformities
were commonly called findings when the first edition (1987) of the
ISO 9000 standards came into existence.
When specified by the audit objectives, audit findings can identify
an opportunity for improvement (OFI). An example of an OFI might be
when an operation is currently functioning at a minimally acceptable
level but shows signs of deterioration. The audit team should meet
as needed to review audit findings at appropriate stages during the
audit. If more than one auditor finds the same type of an OFI in
different operations the OFI may need to be elevated to a
nonconformity.
Preparing audit conclusions:
The audit team needs to get together prior to the closing meeting
to:
a) Review the audit findings against the audit objectives,
b) Agree on audit conclusions, always taking into account the
uncertainty inherent in the audit process,
c) Prepare recommendations, if specified by the audit objectives,
and
d) Discuss audit follow-up, if included in the audit plan.
Conducting the closing meeting:
Although many companies do not conduct opening meetings in their
internal audits, a closing meeting should be. Always have a list of
attendees and topics presented.
A closing meeting, chaired by the audit team leader, should be held
to present the audit findings and conclusions in such a manner that
they are understood and acknowledged by the auditee, and to agree,
if appropriate, on the timeframe for the auditee to present a
corrective action plan.
The people attending the closing meeting should include the auditee,
and may also include the audit client and other parties. If
necessary, the audit team leader should advise the auditee of
problems from the audit that may effect the reliability of the audit
conclusions. For example, there was minimal audit evidence to reach
a comfortable level of confidence for a conclusion. The evidence
that was available appeared satisfactory but, it's volume was very
small.
In a small company, the closing meeting may consist of just
communicating the audit findings and conclusions.
The links below are excerpts from the our
e-book "Explanations and Definitions
for ISO 19011:2002"
Section 1. ISO 19011 Scope
reference and definitions
Section 2. ISO 19011 Principles of
auditing
Section 3. ISO 19011 Managing an
audit program
Section 4. ISO 19011 Audit program
implementation
Section 5. ISO 19011 Audit
activities
Section 6. ISO 19011 Preparing for
onsite activities
Section 8. ISO 19011 What the
auditor is looking for
Section 9 ISO 19011 Audit
reporting
Section 10. ISO 19011 Audit
techniques
Section 11. ISO 19011 Audit path
Section 12. ISO 19011 Effective
communications
Section 13. ISO 19011 Sampling
Section 14. ISO 19011 Audit
completion and follow-up
Section 15. ISO 19011 Competence
and evaluation of auditors
This represents a summary of the section in ISO 19011:2002. It's
suggested that you obtain an actual copy of the standard to refer to
for auditing program purposes.
EBook
"Explanations and Definitions for ISO 19011:2002"
Online
ISO 9000 Introduction Course
Auditor Training:
Classroom
Online
Auditor Training
Courseware
What
is a Quality Management System?
What is ISO 9000?
What is ISO 9001?
What is ISO 9004? |
|
