Integrated Management System

AND
Internal Auditor Training Course

Purpose Process - Payoff

Purpose:

1.

2.

To give you a basic understanding of Quality,

Environment, Occupation Health and Safety
Management Systems
To provide training for potential auditors and
prepare them for that role

Process:

1. Discuss:
a) History of these standards
b) Basics of ISO9001, ISO14001 & OHSAS18001
c) Integrated Management System
d) How to conduct Internal Audits
2.
Questions

Payoff:

1.
2.
3.

You will be familiar with IMS concept

You will be familiar with your role as Internal Auditor
You will be familiar with your role as Auditee

ISO9001 System Requirements

Quality Manual
Quality Policy
Document and Data Control
Quality Objectives
Management Review
Training, Awareness & Competence
Product Realization
Internal Audits
Corrective & Preventive Actions

The ISO 9001 Closed Loop Model

Continual Improvement of the
Quality Management System
Management
responsibility

Customers

Requirements

Measurement,
analysis,
improvement

Resource
management

Input

Product
realization

Product

Customers

Satisfaction
Output

ISO14001 System Requirements

Environmental Policy
Document and Data Control
Environmental Aspects & Impacts
Legal & Other Requirements
Objectives & Targets
Management Review
Training, Awareness & Competence
Operational Control
Internal Audits
Corrective & Preventive Actions

The ISO 14001 Closed Loop Model

Continual Improvement of the
Environmental Management System
Management
responsibility

Surroundings

Requirements

Measurement,
analysis,
improvement

Resource
management

Input

Aspects, Impacts
Obj. & Targets

Output

Environment

Improved
Environmental
Performance

OHSAS18001 System Requirements

OH&S Policy
Document and Data Control
Hazard Identification and Risk Assessment
Legal & Other Requirements
Objectives & Targets
Management Review
Training, Awareness & Competence
Operational Control
Internal Audits
Corrective & Preventive Actions

The OHSAS18001 Closed Loop

Model
Continual Improvement of the
OH&S Management System
Management
responsibility

Resource
management

Requirements

Input

Measurement,
analysis,
improvement

Hazard Identification
Obj. & Targets

Output

Improved
OH&S
Standards

Integrated Management System

IMS is NOT a standard itself
IMS has NO certification
IMS is NOT something auditable
IMS is SIMPLY the integration of ISO9001,
ISO14001 and OHSAS 18001
documentation

What can be Integrated

S. NO.

ISO9001 Clause

ISO14001 Clause

OHSAS 18001 Clause

1.

Quality Manual

2.

Quality Policy

Environmental Policy

OH&S Policy

3.

Document and Data Control

Document and Data Control

Document and Data Control

4.

Management Review

Management Review

Management Review

5.

Internal Audit

Internal Audit

Internal Audit

6.

Training and Awareness

Training and Awareness

Training and Awareness

7.

Departmental Procedures

Environmental Assessment

Hazard Assessment

8.

Quality Objectives

Environmental Objectives

OH&S Objectives

9.

Corrective and Preventive

Actions

Corrective and Preventive Actions

Corrective and Preventive Actions

INTERNAL AUDIT

Internal Audit Requirements

Conduct periodic internal audit to determine
if IMS:
Conforms to the requirements of the standards
Has been effectively implemented and
maintained
Plan to audit program considering:
Status and importance of the activity
Results of previous audits

Ensuring independence
Timely corrective actions

FIRST PARTY INTERNAL AUDIT

Definition:
An audit by an organization of its own systems
and procedures

Objective:
To ensure maintenance, development and
Improvement of the IMS

SECOND PARTY EXTERNAL AUDIT

Definition:
An audit by organization on suppliers and subcontractors

Objective:
To determine suitability of suppliers/subcontractors
To appraise supplier/sub-contractor
performance

THIRD PARTY EXTERNAL AUDIT

Definition:
An audit by a body which is independent of the
organization, its suppliers and customers

Objective:
To determine whether an organizations
Integrated Management System has been
documented and implemented in accordance
with specified standards

Party Relationship
Third Party Audit
Customer
(First Party Audit)
Second Party Audit
Organization
(First Party Audit)

Third Party Audit

Certification Body
(Third Party Audit)

Second Party Audit

Supplier
(First Party Audit)

Third Party Audit

Internal Audit Cycle

Phases of An Audit
PLANNING
Information Gathering
Annual Schedule
Estimate Resource

PREPARATION
Review Documents
Checklist
Agenda

AUDIT
PERFORMANCE
Opening
Assess
Review Finding
Closing Meeting

REPORT AND
FOLLOWUP
Findings
Required Actions
Verify Effectiveness

PLANNING

Initial Planning

Decide who shall carry out the audit

Identify relevant requirements to be audited
Agree a mutually convenient date
Decide team composition
Prepare program send copy to auditee
Duration of Audit
Audit Team
Facilities required

Audit Itinerary
Date: March 6, 2006
Audit Team A
Mr. A
Mr. B
Mr. C

Audit Team B
Mr. X
Mr. Y
Mr. Z

Audit Itinerary (Cont)

Time (Hrs.)
0900-0930
0930-1300

Team A

Team B

Opening Meeting with Auditee

Quality Assurance Deptt.

Engineering Department

Document and Data Control

Management Review
Provision of Resources

1300-1400
1400-1700

Product Design
Inspection & measurement
Control of Production

Lunch Break
Human Resource Deptt.
Training Need Identification
Hiring of Staff
Training of Magt. Staff

Operations Department
Process Control
In process Inspection
Identification and Traceability

1700-1730

Auditors Meeting

1730-1800

Closing Meeting with Auditee

PREPARATION

Audit Preparation
Review Documents
Prepare Checklist:

WHAT the auditor wants to look at

WHAT the auditor wants to look for
WHOME the auditor wants to speak to
WHAT the auditor wants to speak about

Identify Applicable Clauses to the

organization/department to be audited

AUDIT CONDUCTION

Fundamental Requirements for

Effective Auditing

Support from management

Trained auditors
Independence of audit functions
Timely access to facilities, documents,
personnel
Access to all levels of management
Defined audit procedures

Audit Process
Hold an opening meeting
Conduct the audit
Analyze the Results
Report the findings

Personal Conduct
Auditor
Positive
Professional
Constructive Approach

Auditee
Cooperative
Open
Honest

The Audit
REMEMBER
THE AUDIT TEAM IS ATTEMPTING TO
APPROVE THE SYSTEM BASED UPON AN
UNBIASED ASSESSMENT.
IT IS NOT ATTEMPTING TO FAIL IT!

Observations
Always establish objective evidence when an
apparent noncompliance is found
Where processes are involved the auditor may
examine the process controls and records to
establish conformance with the standard
Throughout the entire audit the evidence collected
in the form of OBSERVATION
This evidence is then to be examined to determine
if there are any noncompliance which need to be
reported

The Auditor Six Friends

When asking questions
Who?
What?
Where?
When?
Why?
How?
and the seventh.

OK Show Me?

REPORTING OF AUDIT OBSERVATIONS

Classification of Audit Corrective Action Request

MAJOR
Total breakdown of a procedure, work instruction or
operation of the System
Total absence of a procedure required by Standard
Number of minor lapses indicating a total breakdown of
system
Immediate hazard to the quality of the product or
service

MINOR
A single observed lapse in a procedure work instruction
or operation of the System

Corrective Action Requests (CARs)

Used to:

Report nonconformance
Classify nonconformance
Record acceptance of nonconformance
Root cause of the nonconformance
Record actions taken to correct those
nonconformance
Record auditor acceptance of corrective action
implementation

Closing Meeting
Thank management for help and cooperation
Explain that sample taken has determined
conclusion reached
Ask management to defer questions until end of
summary presentation to appreciate full picture
Present summary report
Quantify noncompliance
Conclusion
Recommendations

Invite questions for clarification

AUDITOR DESIRABLE
CHARACTERISTICS

Selected Auditors Desirable Traits

Good Listener
Open Minded
Diplomatic
Ethical
Unbiased
Honest
Patient
Self-Disciplined
Observant

Code of Conduct
To act in strictly trustworthy and unbiased
manner

To disclose any relevant relationships

Not accept inducements
Not to disclose findings
Not to act in any way prejudicial to the
organization
In the event of an alleged breach cooperate
fully

Auditors Should

Stay within audit scope

Communicate audit requirements
Collect objective evidence
Document CARs
Report audit findings
Verify effectiveness of corrective actions
Retain and safeguard documents

What An Auditor Should Do

Prepare know the subject material

Learn about the auditee
Remain objective
Control the audit
Assist if there is a misunderstanding
Listen
Obtain objective evidence
Compliment the auditee

What An Auditor Should Not Do

Swear
Discuss company policy or personalities
Be negative
Criticize
Argue
Compare auditee with others

THANKS FOR YOUR ATTENTION