Diseases. Diagnostics. Treatment and prevention. ethnoscience
Internal audit of QMS at an enterprise example. Reception of the conference for publication in the EBS of the St. Petersburg State University "Leti". Stages of conducting an internal audit

Internal audit of QMS at an enterprise example. Reception of the conference for publication in the EBS of the St. Petersburg State University "Leti". Stages of conducting an internal audit

14.02.2022 Operations

Internal audit of the management system is one of the key processes of the management system. According to Western experts, if such management system processes as

Management Responsibility;

Corrective and preventive actions;

Internal audits (inspections);

Data analysis;

Continuous improvement

are debugged and implemented in accordance with the requirements of the standard, then all other processes of the quality management system and/or environmental management system will not only work, but also be constantly improved.

During an internal audit, the compliance of activities in the organization's management system with the requirements of certain documents is checked. Moreover, during the preparation of the management system for certification, internal audit is carried out for compliance with the requirements of the standard (for example, ISO 9001, ISO 14001) and other ISO standards (for example, ISO 19011). However, from the moment of certification of the management system, internal audit is carried out for compliance with the approved documents of the management system (Quality Policy and Objectives, Quality Manual, documented procedures and lower-level documents).

Internal audit of the management system allows you to solve the following tasks:

Confirmation of compliance of activities and their results in the management system with established requirements;

Analysis and elimination of the causes of identified inconsistencies;

Preventing the occurrence of quality problems;

Confirmation of implementation of corrective actions;

Assessing the effectiveness of the functioning management system;

Establishing the degree of understanding by staff of the goals, objectives and requirements established by the management system documents;

Determining ways to further improve the quality management system and/or environmental management system as a whole and in its individual processes.

1.6.1. Advantages and disadvantages of internal audit compared to external audit

The advantages of internal audits compared to external ones include the following:

Internal auditors’ knowledge of the specifics of their enterprise;

The absence of a prejudiced attitude of employees of audited departments towards internal auditors, who are not perceived as outsiders to the enterprise;

Knowledge by internal auditors of specific communication channels operating in the enterprise;

Internal auditors' knowledge of informal leaders whose information may be most useful in the audit;

Possibility of using confidential information in audit reports;

Absence of time pressure during internal audit, limiting the possibility of a more detailed study of the audited object;

Independence of the work of internal auditors from the work schedule of employees of the audited unit;

Possibility of using internal auditors also as experts;

Relatively low costs for conducting an internal audit. The disadvantages of internal audits compared to external audits include the following:

A less high level of objectivity of conclusions than with an external audit due to the possible bias of internal auditors towards some employees of the enterprise;

Less high intensity of work of internal auditors than during external audit, due to less strict time frames;

Criticism from internal auditors is perceived more painfully;

The level of qualification of internal auditors is usually lower than the level of training of external auditors;

The results of the internal audit can be considered as less objective information about the efficiency and effectiveness of the enterprise's management system compared to an external audit;

The results of the internal audit cannot be used to advertise the enterprise;

The costs of internal audit are determined less precisely than those of external audit.

Organizational principles of internal audit of the management system

The organization of internal audit of the management system should be based on the following seven principles:

1. The principle of uniformity: each specific audit is carried out according to a single procedure officially established by the management of the enterprise, which ensures its orderliness, unambiguity and comparability;

2. Systematic principle: planning and conducting specific audits of various processes (functions, works) of the management system should be carried out taking into account their established structural relationship;

3. Documentation principle: each audit is documented in a certain way in order to ensure the safety and comparability of information about the actual state of the audited object;

4. The principle of precaution: each audit is planned, and the personnel of the audited unit are notified in advance of the purpose, scope, time and methods of conducting the audit, in order to enable the most complete preparation for the audit and to eliminate the possibility of personnel evading the provision and demonstration of all required data;

5. The principle of regularity: audits are carried out at certain intervals so that all processes of the management system and all divisions of the enterprise are the subject of constant analysis and evaluation by the management of the enterprise;

6. The principle of independence: persons conducting the audit should not bear direct responsibility for the work being audited and depend on the head of the audited unit in order to eliminate the possibility of biased audit results;

7. Principle of openness: the results of each audit must be open.

1.6.3. Conducting an internal audit of the quality management system and/or environmental management system

Let's consider a typical procedure for conducting an internal audit of a quality management system, which is presented in the form of a flow diagram (block diagram) in Fig. 1.4.

Shown in Fig. 1.4 in the form of block 2, the process of “carrying out an audit”, in turn, can be depicted in the form of a block diagram (flow diagram), presented in Fig. 1.5.

When conducting a survey, the auditor must obtain primary information about the audited object in the form of answers to questions. The survey can be conducted through a questionnaire or during a conversation (interview) with employees of the audited unit. In this case, the auditor is recommended to use the following thirteen recommendations for the organization and technique of conversation:

1. The choice of interlocutor should be made from among those who directly carry out the audited activity.

holding an introductory meeting; performing an audit; holding a closing meeting; preparation of an audit report; submission of the report for approval; finalization of the report;

distribution of the report to interested parties; recording audit results; development of corrective actions; eliminating the causes of nonconformities; inspection control; registration of corrective actions; informing stakeholders about the elimination of non-compliance;

Rice. 1.4. Flowchart (flowchart) of internal audit.

2. When planning a conversation, it is necessary that it concerns:

One employee (his duties and powers, level of education and professional training);

The activity performed by the employee (its documentation, compliance with work practice);

Employee's work equipment (equipment, office equipment, their compliance with the requirements of documented procedures or work instructions);

Materials used in the employee’s work (their compliance with technical requirements, acceptable control and testing status).

Rice. 1.5. Flow diagram (block diagram) of the audit process on site (in an organization, service, workshop, department).

3. The topic and order of the conversation must be communicated to the employee in advance.

4. Sufficient time should be allocated for the conversation, and during the conversation the auditor and the interlocutor should be protected, if possible, from outside interference.

5. During the conversation, the auditor can stop the interlocutor, but only if he is clearly distracted from the topic. However, this must be done in such a way that he does not get the impression that the information he is given is insignificant.

6. If a conversation is conducted by two (or more) auditors at once, then questions should be asked primarily by one of them, and the other should take notes (precisely during the conversation, and not after it).

For conversation techniques, the correct choice of how to formulate a question is of great importance. In table 1.4 provides types of questions that may arise in the auditor’s practice, and examples of their formulation (the choice of one or another type of question depends on the specific purpose of the conversation and the situation in which it is conducted);

58_SV. Ponomarev, SV. Mishchenko, V.Ya. Belobragin et al. “Product Quality Management”

Table 1.4

The main types of questions that may arise in the practice of internal audit Question type Definition and examples Closed Question, the answer to which is expected only in the form of “yes” or “no” (“Do you use this document (method) in your work?”) Open Question , the answer to which requires not only monosyllabic “yes” or “no” (“What other methods (control means) do you use in your work?”) Explanatory Question requiring clarification, confirmation (“Could you please explain what do you mean?”) Leading (return) Question leading to an answer or containing a ready answer (“Don’t you think that is so? You obviously do regular analysis, don’t you?”) Alternative Question, answer to which there may be one of two opposite options (“Is the reason for this discrepancy this or that?”) An affirmative Question containing a statement (“Could it have been different in this case?”) A communication-difficulty Question that creates a barrier in communication (“Could it be otherwise?” Weren't you warned not to do this? Didn’t I tell you that this is exactly what will be found here?”) Personalizing Question, the answer to which involves an assessment of the activities of individuals (persons) (“Who is to blame, in your opinion, for this discrepancy?”) Attention!

The auditor's preferred types of questions are open-ended and explanatory. Questions that are not recommended are: closed, leading, alternative, affirming and complicating communication. A personalizing type of question is unacceptable.

Attention!

An example of an incorrect question: “Does the department have the necessary control and measuring equipment?”

An example of good questions: “How is the need for instrumentation determined? What is the procedure for determining the required accuracy of equipment? Who is responsible for observing the procedure for timely calibration (verification) of equipment?”

7. During the conversation, the auditor should remember that the interlocutor's evidence can be considered objective if it is supported by relevant facts. Otherwise, they are subjective in nature and therefore cannot be used by the auditor for analysis and evaluation.

8. During the conversation, you should ask direct questions starting with the words “what”, “who”, “where”, “when”, “how” and “why”. To obtain evidence of compliance, the auditor may also ask: “Could you show me...?”

Chapter 1_Checks of quality management systems 59

9. During a conversation, you should not use terminology that is unclear to the interlocutor.

10. A conversation held at the workplace (“in the field”) should not be too long so as not to cause nervousness in the interlocutor. It is advisable to conduct more detailed conversations in places (offices) where nothing would distract attention from the subject of the conversation.

11. Inconsistencies identified during the conversation should be recorded by the auditor in the audit sheet or notebook with an indispensable reference to the non-complied clause (section) of the regulatory document.

12. At the end of the conversation, the auditor must summarize the information received, formulate the main (positive and negative) impressions and supporting points. It is acceptable to allow the interviewee to read the auditor's comments on the audit report.

13. Information obtained during the conversation should be analyzed by comparing it with information on this topic obtained from conversations with other employees and the auditor’s personal observations.

1.6.5. Psychology of auditor behavior

Regardless of the nature of the relationship with the personnel of the audited unit as a whole and its individual employees, as well as his feelings, the auditor must conduct behavior with them in such a way that this ensures the success of the audit. The auditor must be prepared for the fact that any internal problems existing in the audited unit may cause a negative attitude towards the audit. In the process of work, the auditor may encounter both an obviously hostile attitude towards himself and the destructive behavior of the auditee. He must not only be ready for this, but also possess methods and techniques that allow him to change such a situation in his favor.

In connection with the above, internal auditors can be given the following recommendations on the psychology of his behavior during the audit:

1. Initially, the auditor must be committed to a positive audit result. Each time starting an audit, the auditor must proceed from the assumption that the object of his examination is organized and functioning in accordance with the requirements placed on it. This is similar to the presumption of innocence, which in criminal law practice refers to the recognition of the fact that the suspect is considered innocent until proven otherwise.

2. By all his behavior, the auditor must demonstrate to the employees of the audited unit that he sees the main task in collecting convincing evidence and in presenting an objective conclusion about the state of the audited object, and not in detecting inconsistencies.

This position helps to increase confidence in the work of the auditor on the part of the personnel of the audited unit and ensures greater openness when presenting information about the state of the audited object to him.

3. The auditor must be able to convince the employees of the audited unit that conducting an audit is beneficial for the unit. The auditor must prove that eliminating the causes of each nonconformity discovered during the audit will help improve the performance of the audited unit. The more successfully the auditor solves this problem, the more effective his interaction with the employees of the audited unit will be.

4. The subject of the audit is the activities in the quality management system, and not the employees performing them. The auditor looks for facts, not for inconsistencies and their culprits. He analyzes and evaluates facts, not the personal strengths and weaknesses of employees. In accordance with this, the auditor should not enter into a discussion of the behavior of certain employees of the enterprise and determine the degree of their culpability in the detected inconsistencies.

5. The auditor must be a good listener. This is one of his most important skills, because it is not without reason that Eastern wisdom says: “The truth lies not in the mouth of the speaker, but in the ears of the listener.” By listening carefully to the interlocutor, the auditor not only receives the information he needs, but also inspires confidence in the interlocutor, winning him over. In this case, the auditor, as it were, “reveals” the interlocutor and receives the most important information.

6. During communication, the auditor should fully concentrate on the statements of the interlocutor. It is advisable to summarize lengthy or particularly important statements of the interlocutor in order to obtain his confirmation of the correctness of understanding. This avoids misunderstandings due to misunderstandings by the interlocutor and demonstrates that what he said is of interest to the auditor. The auditor must express support to the interlocutor both verbally (using, for example, encouraging expressions like: “Yes, I understand you”) and through facial expressions and gestures.

The auditor should not be afraid of the silence of the interlocutor. It is advisable to give the interlocutor time to think and use the resulting pause to emphasize interest in his information and the need to learn more.

7. The auditor must direct the conversation (survey) in the right direction according to a pre-thought-out plan. You should not allow a situation that can confuse you. To do this, it is better to conduct the conversation specifically, without being distracted by extraneous topics, and avoid general phrases. From time to time it is advisable to take short breaks during which you can talk about unrelated things.

8. When communicating with employees of the audited unit, the auditor should not allow any emotional outbursts. In any situation, you should remain calm and business-like, without giving in to emotions. You must tolerate excuses or the impatience of your interlocutor. And even more so, you should avoid aggressiveness on your part.

You cannot enter into an open and rude argument with your interlocutor, even if he is clearly wrong and continues to insist on his point of view: psychologists testify that an emotional argument does not convince anyone, but only irritates the disputants and leads their communication to a dead end.

9. The auditor should not focus the attention of the auditee’s employees

divisions only on the negative aspects discovered during the audit. It is advisable to note positive aspects so as not to deprive those being tested of incentives to improve their work.

10. When assessing the significance of detected inconsistencies, the auditor should listen to the opinions of professionals. The main thing is to detect the discrepancy, not to determine its significance. In a doubtful case, the detected discrepancy should be noted without determining its significance.

11. When communicating with audited personnel, the auditor should create an atmosphere of goodwill and cooperation. You should never demonstrate your independence in relation to staff, which can cause alienation and ill will. On the contrary, it is necessary to promote in every possible way the emergence and deepening of common professional interests between oneself and the staff. It is advisable to mentally put yourself in the shoes of the auditee and remember that few people like to be in this role.

12. The auditor should not deliberately demonstrate his erudition or examine (check the competence) of the interlocutor. It is unacceptable to evaluate the interlocutor’s statements, such as: “This is obvious stupidity,” or make such categorical statements as: “Everyone knows this,” “No, the situation is completely different.”

This manner of behavior can “suppress” the interlocutor and make him “closed” to the auditor “obtaining” the necessary information.

A milder reaction from the auditor to the interlocutor’s erroneous judgments is preferable, for example: “I believe that your understanding of the problem is not entirely correct” or “Let’s look at the problem in the following way.”

Quality management system audits

13.The auditor should encourage his interlocutors to find the right solutions. This is achieved by explaining the mistakes made. Thus, the auditor not only increases his authority in their eyes, but also confirms the thesis that the audit is beneficial to the audited unit. If the auditor cannot avoid a dispute, he should remain calm and demonstrate professional knowledge and evidence of his judgments.

14The auditor must recognize and approve everything that is credible. Suspicion and doubts should not prevail over the objectivity of the auditor’s assessments. In all cases where, for example, the auditor has determined the effectiveness of informal procedures, they should be approved and recommended for proper documentation. In this case, it is advisable for the auditor’s positive assessment to be made publicly, for example, at the final meeting. The auditor should not be stingy with praise.

15. The auditor should avoid a harsh tone of comments and assessments. Preferable comments like: “I carefully studied all the design documents you submitted, but did not find a document in them that would reflect the criteria for assessing the quality of the project. I request that these criteria be developed and documented.” Wording that complicates the conversation should be avoided. For example, instead of “I think...” it is advisable to ask: “Don’t you think that...” or instead of “Now I will finally prove to you...” it is better to say: “Now you can be convinced that... »

16.5 When communicating with employees of the audited unit, the auditor must avoid critical comments and advice, the implementation of which may entail serious changes in the work of the unit. Such comments and advice can be discussed with the department head at the final meeting.

17. The auditor must be prepared for various tricks of the personnel of the audited unit, leading to loss of time and distraction from solving the tasks facing the auditor. This may be expressed in attempts to involve the auditor in conversations on abstract topics, force the auditor to wait for employees to arrive for a conversation or presentation necessary documents, embellish the state of affairs before the start of the audit, etc.

18. If there is open opposition or personal hostility towards the auditor on the part of employees of the audited unit, the auditor must inform the chief auditor or the head of the quality service about this.

Having received such information, the chief auditor (the head of the quality service) must take measures to ensure that the audit is completed, at least by another auditor.

First of all, you need to understand what a QMS is and why it is needed. QMS (quality management system) is a system created in an organization to implement policies and achieve set goals in the field of quality. QMS is a set of measures aimed at managing the quality of a product (product or service) produced by an enterprise, taking into account the needs and expectations of consumers and increasing their satisfaction. Each company implementing a quality management system pursues its own goals: for example, ensuring the declared quality of products, efficient distribution of its resources, responsibilities and powers of personnel, optimization of the management system, improving process transparency and possible reduction of resource costs, etc.

Leave a request for a free consultation

Submit your application

QMS audit– a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which agreed audit criteria are met (ISO 19011).

Auditor- a person competent to conduct an audit.

Audit Group- one or more auditors conducting the audit, supported by technical experts if necessary.

The result audit should be to identify the reasons why inconsistencies arose in the QMS, processes at the enterprise or goods (services) produced by the organization. The main goal of the audit is to collect objective evidence that will indicate errors in the organization and its business processes, systemic problems in the enterprise.

Based on the main purpose of the audit, its tasks:

  • during the audit it is necessary to determine how QMS implemented at the enterprise, how efficiently it works;
  • the audit should identify key areas for system improvement;
  • the results of a series of QMS audits should help senior management in making strategic decisions related to the company's business processes.

Audits There are first party, second party and third party.

First party audit- audit of its own quality system and its documentation, performed by the organization itself, or on behalf of the organization. Goal: to ensure support, development and improvement of the quality system.

Second party audit- audits of suppliers and subcontractors performed by the organization or on behalf of the organization. Purpose: determine the suitability of suppliers, evaluate the performance of suppliers / subcontractors.

Third Party Audit- an audit conducted by a competent authority that is neither financially nor contractually independent of the organization, its suppliers and clients. Purpose: to determine whether the quality system of a given organization is documented and whether it is implemented in accordance with a specific standard.

Combined audit- audit of several management systems, performed simultaneously according to several standards and criteria.

Joint audit- audit of one organization performed on behalf of several organizations.

For an audit to be effective, it is necessary:

  • specific goals and support from management;
  • trained auditors;
  • timely access to facilities, documents and personnel;
  • access to all levels of management;
  • approved procedures for conducting audits.

Based on the main goal, the audit tasks are determined:

  • The audit shall determine the operation and effectiveness of the quality management system. Those. During the audit, it is determined to what extent the quality system has been implemented in the organization, whether it works, and whether the quality system helps achieve results in the organization’s core activities.
  • The audit should provide information about the effectiveness of the quality system - i.e. the audit should show whether the quality system works exactly as a system, or whether only individual elements of this system work, and all other requirements are fulfilled only formally, or are not fulfilled at all.
  • It is necessary to determine the level of compliance with QMS standards and procedures - i.e. An audit shows how close to the rules established in the quality system procedures the work in the organization is carried out and whether there are differences between the actual work and what is established in the quality system documentation.
  • The next task will be to check the quality of the work - i.e. During the audit, the compliance of the work results with the requirements established in contracts or technical specifications can be verified.
  • The audit should make it possible to assess the impact of changes in the organization on the quality management system - the organization never stands still, any changes occur in any organization. These changes, to varying degrees, may affect the quality system. An audit of the quality system can show how these changes affected the quality system, whether changes are occurring in the quality system that are adequate to the changes in the organization.

The main result that an audit should lead to is the identification of opportunities for improvement in the organization's performance. Therefore, in any audit, objective evidence that auditors discover during the audit is essential. Such evidence can only be obtained if the audit criteria and rules for assessing nonconformities are clear and do not allow for different interpretations.

Audit participants

An audit is a process that always involves many participants. Depending on what tasks are solved by the participants in this process, several main roles can be distinguished.

As a rule, regardless of whether it is an external or internal audit, the following roles of audit participants exist:

  • Audit Client – ​​ISO 19011:2011 defines an audit client as the organization or person commissioning the audit. The audit client is the party most interested in conducting it and obtaining audit results. The audit customer is usually the management of the organization being audited. In the case when an internal audit is carried out, the management of the organization is interested in the auditors objectively and accurately assessing the performance of the quality system and providing data on all inconsistencies in the work and opportunities to optimize the work. In the case when an external audit is carried out, the management of the organization is interested in ensuring that the quality system is recognized as meeting the requirements and this is confirmed by documents (by issuing a certificate - in the case of a certification audit, or concluding a contract - in the case of an inspection by a potential customer of products, works or services of the organization).
  • Auditors are persons competent to conduct an audit (ISO 19011:2011). The quality and effectiveness of the audit largely depends on the qualifications and training of auditors. In this regard, special attention is paid to the qualifications of auditors. General requirements for the qualifications of auditors are presented in the ISO 19011:2011 standard. They generally apply to professional auditors working for certification bodies. The organization can set the requirements for the qualifications of internal auditors itself, but this does not mean that any employee of the organization can be appointed as an auditor. In order for an employee of an organization to effectively and efficiently conduct internal audits, he must be trained in the methods and techniques of conducting audits, know the requirements of the quality system, know how the organization’s quality system works and have a good understanding of the subject area of ​​activity that he will audit.
  • Technical Experts are persons who provide auditors with specialized knowledge or experience. During the audit, issues may arise for which the knowledge and qualifications of auditors are not sufficient. In such cases, technical experts may be involved in the audit. The involvement of technical experts is possible both during internal and external audits. In the case of internal audit, technical experts can be employees of departments who perform work similar to the one being audited, but they do not have to review their own work or the work of their department. For example, if an organization has two design departments, then a specialist from one department can act as a technical expert in the audit of the second department and vice versa. In the case of external audit, technical experts are engaged by external auditors from third parties.
  • Inspected party. The audited party is the employees of the audited organization. In the case of both internal and external audit, the audited party can be any employee of the organization, including the management of the organization and internal auditors.

Quality management systems audit status

An audit of quality management systems refers to types of audits that are not regulated by federal or international legislation. Accordingly, there are no mandatory legislative provisions to determine the procedure and rules for auditing quality systems, determining requirements for auditors and required reporting. This is due to the fact that certification of quality systems belongs to the voluntary field of certification and all work related to the construction and implementation of a quality system is a voluntary initiative of the organization. Accordingly, for organizations engaged in auditing quality systems there is no need to obtain licenses or other permits to conduct this activity. To conduct internal audits, such documents are especially not required.

Internal audit of the QMS is carried out at enterprises whose activities are carried out in accordance with the rules of the quality management system implemented in them. In this article you will find information about the order in which such audits are carried out, and also familiarize yourself with the list of working documentation used by the auditor during the audit.

QMS audit - goals and sources of information

A quality management system (QMS) audit is a systematic process of obtaining information about the functioning of the QMS and its compliance with the criteria established by current standards.

A QMS audit can be:

  • external - the inspection is carried out by employees of third-party specialized organizations;
  • internal - the audit is carried out by employees of the quality service of the audited enterprise (you will find details about the internal audit service).

Internal audit of the quality management system is carried out with the aim of:

  • timely identification of problems and inconsistencies in the QMS operating at the enterprise;
  • determining the causes of such inconsistencies and developing methods for their elimination;
  • checking the effectiveness of corrective actions carried out based on the results of previously completed audits;
  • preparation for external audit to obtain a certificate of compliance with ISO 9001 and other standards.

Sources of information during such a check may be:

  • personal conversations with employees of the audited divisions of the enterprise;
  • results of independent observation of auditors over the activities of employees, the state of their workplaces, working conditions, etc.;
  • information received from consumers via feedback;
  • internal documents of the department (reports, contracts, instructions, calculations, design and technological documentation, etc.);
  • reports on audits conducted and adjustments made based on their results, compiled earlier.

Principles of conducting internal audit of the QMS

The principles of conducting internal audits are set out in GOST R ISO 19011-2012. These include:

  • impartiality: the auditor must objectively evaluate the information and documents received, generate truthful and accurate reports;
  • confidentiality: the auditor must keep the information he receives secret from third parties;
  • professional diligence: the auditor must be diligent, apply his existing professional knowledge in relation to the object of audit;
  • independence: the auditor must independently make decisions based on the information he receives and not change them due to outside influence of interested parties;
  • evidence-based approach: due to the limited duration of time during which the audit must be carried out, the auditor must use samples of specific information in order to obtain information about the functioning of the QMS as a whole;
  • integrity: the auditor’s activities must simultaneously comply with all the principles listed above.

Procedure for conducting internal audit

The internal audit procedure includes several stages in the following order:

  1. Issuance of an order to perform an audit (it indicates information about the unit being audited and the composition of the audit team).
  2. Drawing up and approval of an inspection plan.
  3. Conducting a workshop by members of the audit team.
  4. Development of working documentation for the audit.
  5. Notification of the inspected unit about the upcoming inspection.
  6. Conducting a preliminary meeting with representatives of the audited unit.
  7. Examination.
  8. Final meeting with representatives of the audited unit.
  9. Drawing up reporting documentation and distributing it to interested parties.

Audit program

An internal audit program is a document containing information about audits that must be carried out at an enterprise over a certain period of time (usually six months or a year). Its development is carried out by a representative of the enterprise’s quality service, who has the authority to conduct inspections in its departments.

The QMS internal audit program specifies:

  • audit objectives;
  • processes being audited (types of activity of the unit);
  • audited units;
  • audit criteria;
  • time (usually the month is indicated) of the event;
  • Full name of the auditor.

The document is approved by the head of the enterprise (general director, chief engineer, etc.). After this, the head of the quality service creates schedules for specific audits and coordinates them with the management of the departments that will be audited.

Contents and example of a QMS internal audit plan

The audit team leader must prepare an audit plan and share it with the audited unit. This document contains the following information:

  • the purpose of the inspection;
  • the criteria by which the audit is carried out, as well as the list of documents to be checked;
  • audit area (the unit being audited, including the organizational and functional processes occurring in it);
  • indication of the date and place of the inspection;
  • roles and responsibilities of audit team members and their accompanying persons.

The document is approved by the head of the enterprise whose divisions are being inspected. During the audit, the plan can be adjusted by the head of the audit team. An example of an internal audit plan might look like this:

I APPROVED

JSC "FTOROPLAST"

(signature) /Malchenkov E. A./

01.08.2018

Internal audit plan

Reason for inspection: internal audit program of the quality management system for 2018.

Object of inspection: resource management for monitoring and measurements, metrological support.

Audited division: tool and procurement shop.

Timing of the inspection: 08/09/2018-08/10/2018.

Audit criteria (designation of documents or their sections): clause 7.1.5 GOST R ISO 9001-2012, STO SMK 7.021-2017.

Purpose of the audit: checking and assessing compliance with established requirements.

Report submission date: 08/13/2018.

List of officials to whom copies of the report should be submitted: QMS management representative, head of the tooling and procurement shop.

Signatures:

(signature) /Yu. N. Evseeva / 08/01/2018

Auditors:

Don't know your rights?

(signature) /E. P. Artemov / 08/01/2018

(signature) /A. S. Klinkova / 08/01/2018

Checklist as the main auditor tool

The auditor's main working document is the checklist. It is a pre-compiled systematic list of questions, the answers to which will allow the inspector to obtain a complete and up-to-date information on the functioning of the QMS in departments.

Existing standards do not contain a specific form for this document, so the auditor can prepare it independently. It is important that the form of the checklist allows information obtained during the audit to be entered into it and used in the subsequent analysis.

Purpose of use of this document- Reminding the auditor of the information that he must obtain and the facts that must be examined during the audit. In addition, the use of such a sheet will allow the auditor to assess the volume of upcoming work, correctly distribute it over time and complete the audit in accordance with the given deadlines.

The use of pre-prepared checklists should not affect the conduct of the audit. In the event that the progress of the audit changes (for example, if during its implementation the auditor identified facts to be investigated, the verification of which was not planned), appropriate adjustments must be made to the checklists.

Working papers and notes should be retained until the end of the audit. If they contain information that is confidential, it is necessary to provide them with an appropriate level of protection from unauthorized access.

Dealing with inconsistencies identified as a result of the internal audit

All nonconformities identified as a result of the inspection must be documented. This procedure includes:

  • detection, identification and recording of non-conformities;
  • classification of nonconformities according to their degree of significance;
  • drawing up protocols of non-conformities.

The protocol of non-compliance shall indicate:

  • time and place of its discovery;
  • content and significance of the nonconformity;
  • a reference to a violation of a specific point of an enterprise standard or GOST, which serves as an audit criterion.

The nonconformity protocol is a source of information for the subsequent development of corrective and preventive actions to eliminate identified deficiencies.

Examples of inconsistencies in the internal audit of the QMS

The list of inconsistencies that can be identified during the internal audit process is extensive, since the characteristics of any process occurring in the organization may not fully or partially meet the criteria specified by the standard.

Here is a list of the main criteria and the most common inconsistencies with them:

  1. Management Responsibilities:
  • management does not analyze the QMS;
  • The company's quality policy and goals are not brought to the attention of employees;
  • There is no matrix for the distribution of responsibilities between employees.
  • there is no quality manual;
  • QMS procedures are not documented;
  • the quality planning procedure is not carried out.
  1. Document management:
  • the documentation management procedure is not implemented;
  • the list of documentation and data subject to management has not been established;
  • The procedure for changing documents and data is not performed.
  1. Management of products supplied to consumers:
  • the procedure for managing products supplied to consumers is not followed;
  • the absence of such procedures is not motivated.
  1. Management of non-conforming products:
  • non-conforming products are not managed;
  • the defect insulator is missing or located in the wrong place;
  • non-conforming products located in the isolator are not managed.
  1. Personnel training:
  • procedures for recruiting and training personnel are not documented;
  • There are no plans for advanced training in the working documentation of the HR department.

Contents and example of a QMS internal audit report

After completing the internal audit, the head of the audit team draws up a report on the results of the work done.

The preparation of the audit report ensures:

  1. Visibility of the results of the inspection.
  2. The ability to summarize and analyze the results of all audits conducted in accordance with the current program.
  3. Simplification of the procedure for preparing and implementing corrective actions.

The form of such a report is not regulated by current standards, so it may vary depending on the enterprise. In general, the report may look like this:

I APPROVED

QMS management representative

JSC "FTOROPLAST"

(signature) /E. A. Malchenkov/

14.08.2018

Report on the results of the internal audit

Registration No. 21 dated 08/13/2018

Name of the process or type of activity: resource management for monitoring and measurements, metrological support.

Name of the audited division: tool and procurement shop.

Audit date: 08/09/2018-08/10/2018.

Audit criteria (designation of the document or its sections): clause 7.1.5 GOST R ISO 9001-2012, STO SMK 7.021-2017.

The purpose of internal audit: verification and assessment of compliance with established requirements.

Head of the audit team: Evseeva Yu. N.

Auditors: Artemov E. P., Klinkova A. S.

Test results

Audit scope: full.

Number of discrepancies detected: 0

Conclusion based on the audit results

The activities of the inspected units meet the established requirements. No corrective action is required.

Head of the audit team:

(signature) /Yu. N. Evseeva/)

So, internal audits are one of the main tools for assessing the effectiveness of the QMS. Conducting such audits allows management to identify non-compliance with the audit criteria specified by existing standards, as well as prepare for an external audit carried out as part of production certification. The audit is carried out in accordance with the existing audit program based on the audit plan prepared by the head of the audit team. Based on the results of the inspection, an audit report is drawn up, which contains information about the identified inconsistencies and (if any) recommended corrective measures aimed at eliminating them.

1. Audit of the quality management system. Types of audits. The main stages of conducting a QMS audit. Definitions related to auditing according to STB ISO 9000 – 2006.

Definition of Quality Management Audit

Audit (audit check) - an independent check for the purpose of expressing an opinion on reliability. The word “audit” translated from Latin means “listening” and is used in world practice to mean inspection.

An audit is understood as any verification of any phenomenon or activity performed by an independent expert (there are operational, technical, environmental and other types of audits). Certain types of audit are close in importance to certification.

Quality audit is a systematic, independent and documented process of obtaining audit evidence and evaluating it objectively to determine the extent to which agreed audit criteria have been met (ISO 19011:2002 “Guidelines for auditing quality management systems and/or environmental management systems”). This definition requires a few clarifications:

Firstly, an audit is a systematic process, therefore, it must be carried out in an organization at a certain, planned frequency. The frequency of the audit will depend on the type of audit - internal or external. If an internal audit is carried out (i.e. the organization checks itself), then the organization sets the frequency of such an audit independently. If an external audit is carried out, then the frequency of such an audit is established by the rules of the certification body or the customer.

Secondly, independent means that the auditors do not have to be held accountable for the results of the work they audit. This independence is ensured in different ways. For internal audit, independence is ensured by selecting auditors from different parts of the organization. For an external audit, independence is ensured by the “non-involvement” of auditors in the development and implementation of a quality system in the audited organization. External auditors cannot act as consultants on the implementation of a quality management system for the organization that they will subsequently audit.

Thirdly, an audit is a documented process - all stages of the audit, the procedure for conducting it, requirements for the audit and the results of the audit must be presented in documents. Audit evidence may include records, documents, or evidence of work performed.

Fourth, the audit must be conducted according to agreed audit criteria. Agreed audit criteria refer to the requirements of regulatory documents (external standards, for example ISO 9001:2008 or internal standards - procedures, work plans, regulations, etc.). Thus, any regulatory documents that present the requirements to be verified can serve as audit criteria. Consistency of audit criteria is ensured by the acceptance of these criteria by the audit parties. For example, an organization undertakes to comply with the requirements of the ISO 9001:2008 standard, and a certification body undertakes to audit its quality system for compliance with the requirements of ISO 9001:2008.

Audit goals and objectives

A quality audit is focused on identifying the causes of inconsistencies in the quality system, processes or products (services) of an organization. Hence the main purpose of the audit arises - to collect objective evidence that will identify inconsistencies in processes, products (services) or the quality system.

Based on the main goal, the audit tasks are determined:

The audit shall determine the operation and effectiveness of the quality management system. Those. During the audit, it is determined to what extent the quality system has been implemented in the organization, whether it works, and whether the quality system helps achieve results in the organization’s core activities.

The audit should provide information about the effectiveness of the quality system - i.e. the audit should show whether the quality system works exactly as a system, or whether only individual elements of this system work, and all other requirements are fulfilled only formally, or are not fulfilled at all.

It is necessary to determine the level of compliance with QMS standards and procedures - i.e. An audit shows how close to the rules established in the quality system procedures the work in the organization is carried out and whether there are differences between the actual work and what is established in the quality system documentation.

The next task will be to check the quality of the work - i.e. During the audit, the compliance of the work results with the requirements established in contracts or technical specifications can be verified.

The audit should make it possible to assess the impact of changes in the organization on the quality management system - the organization never stands still, any changes occur in any organization. These changes, to varying degrees, may affect the quality system. An audit of the quality system can show how these changes affected the quality system, whether changes are occurring in the quality system that are adequate to the changes in the organization.

The main result that an audit should lead to is the identification of opportunities for improvement in the organization's performance. Therefore, in any audit, objective evidence that auditors discover during the audit is essential. Such evidence can only be obtained if the audit criteria and rules for assessing nonconformities are clear and do not allow for different interpretations.

Audit participants

An audit is a process that always involves many participants. Depending on what tasks are solved by the participants in this process, several main roles can be distinguished. As a rule, regardless of whether it is an external or internal audit, the following roles of audit participants exist:

Audit Client – ​​ISO 19011:2002 defines the audit client as the organization or person commissioning the audit. The audit client is the party most interested in conducting it and obtaining audit results. The audit customer is usually the management of the organization being audited. In the case when an internal audit is carried out, the management of the organization is interested in the auditors objectively and accurately assessing the performance of the quality system and providing data on all inconsistencies in the work and opportunities to optimize the work. In the case when an external audit is carried out, the management of the organization is interested in ensuring that the quality system is recognized as meeting the requirements and this is confirmed by documents (by issuing a certificate - in the case of a certification audit, or concluding a contract - in the case of an inspection by a potential customer of products, works or services of the organization).

Auditors are persons competent to conduct an audit (ISO 19011:2002). The quality and effectiveness of the audit largely depends on the qualifications and training of auditors. In this regard, special attention is paid to the qualifications of auditors. General requirements for the qualifications of auditors are presented in the ISO 19011:2002 standard. They generally apply to professional auditors working for certification bodies. The organization can set the requirements for the qualifications of internal auditors itself, but this does not mean that any employee of the organization can be appointed as an auditor. In order for an employee of an organization to effectively and efficiently conduct internal audits, he must be trained in the methods and techniques of conducting audits, know the requirements of the quality system, know how the organization’s quality system works and have a good understanding of the subject area of ​​activity that he will audit.

Technical experts are individuals who provide auditors with specialized knowledge or experience. During the audit, issues may arise for which the knowledge and qualifications of auditors are not sufficient. In such cases, technical experts may be involved in the audit. The involvement of technical experts is possible both during internal and external audits. In the case of internal audit, technical experts can be employees of departments who perform work similar to the one being audited, but they do not have to review their own work or the work of their department. For example, if an organization has two design departments, then a specialist from one department can act as a technical expert in the audit of the second department and vice versa. In the case of external audit, technical experts are engaged by external auditors from third parties.

Verified party. The audited party is the employees of the audited organization. In the case of both internal and external audit, the audited party can be any employee of the organization, including the management of the organization and internal auditors.

Quality management systems audit status

An audit of quality management systems refers to types of audits that are not regulated by federal or international legislation. Accordingly, there are no mandatory legislative provisions to determine the procedure and rules for auditing quality systems, determining requirements for auditors and required reporting. This is due to the fact that certification of quality systems belongs to the voluntary field of certification and all work related to the construction and implementation of a quality system is a voluntary initiative of the organization. Accordingly, for organizations engaged in auditing quality systems there is no need to obtain licenses or other permits to conduct this activity. To conduct internal audits, such documents are especially not required.

Read also...

What and how can you make pear jam?

What and how can you make pear jam?

Recipe: Gingerbread Cookies - How to make beautiful colorful gingerbread cookies

Recipe: Gingerbread Cookies - How to make beautiful colorful gingerbread cookies

Step-by-step recipe for making donuts with photos

Step-by-step recipe for making donuts with photos

The best on the site
1

Basic interpretations - what a stranger dreams about
2

History, functions and leadership of the central bank of Russia
3

Insurance at Sberbank for traveling abroad
4

Morozov Nikolay Aleksandrovich Nikolay Morozov Narodnaya Volya
5

You can cook French fries in the microwave How to make your own French fries in the microwave
New
Instant noodles and why are they harmful?

Instant noodles and why are they harmful?
Instrumental methods for X-ray, endoscopic and ultrasound examinations

Instrumental methods for X-ray, endoscopic and ultrasound examinations
Unified State Examination computer science task 18 divisors

Unified State Examination computer science task 18 divisors
A rooster is chasing in a dream. The magic of numbers. Circus Bird - Changes await you

A rooster is chasing in a dream. The magic of numbers. Circus Bird - Changes await you
School supplies All school supplies are in English

School supplies All school supplies are in English
Beta decay, alpha decay: formulas and reactions

Beta decay, alpha decay: formulas and reactions
Yesenia - name meaning, origin, characteristics, horoscope

Yesenia - name meaning, origin, characteristics, horoscope
Annexation of the Baltic states to the USSR (1939-1940)

Annexation of the Baltic states to the USSR (1939-1940)

We recommend reading