A good audit tool consists of checklists that are accurate and reliable so that competent auditors using the tool and working independently would reach similar audit finding from evaluating the same audit evidence.
A good audit tool should preferably have a quantitative or qualitative measurement of the audit results.
Following are the quick ISO 9001 2015 Systematic Audit Methodology used by professional auditors.
1. Pre-Audit (preparations)
Pre-audit deals with preparations prior to the audit on-site. The work include:
Communicating with the site personnel on the audit.
Obtain background information about the site
Defining the scope and intent of the audit.
Determining the type of audit.
Selecting audit team members.
Preparing the necessary equipment – audit checklists, personal protective equipment and other audit tools.
Making preparations on the logistic, accommodation and transportation if needed, and
Sending a letter of notification to the site to confirm the audit on-site.
2. On-Site Audit (main bulk)
This is the main bulk of the audit, and is done in the ‘auditee’. Auditee is defined as the organisation being audited. This phase comprises five events in sequence, they are:
(i) Opening Meeting
This is the first formal event at the site, and should be attended by audit team and the management of the auditee. Usually the top management will address the audience first, and the audit team leader will then inform the management on the agenda and the methodology of the audit.
(ii) Familiarization Tour
The audit team members are accompanied by key personnel of the auditee to visit the site briefly in order to be familiar with the nature of operations and the environmental concerns. It should be noted that this is not site inspection. This event is not needed of the audit team members are familiar with the site.
(iii) Interviewing the Knowledgable Persons
This is essence of the on-site audit, whereby key personnel are interviewed to obtain facts in response to the audit questions. Figure shows the importance sequence of events for this on-site audit technique.
The facts obtained from the knowldegable persons are verified. There are three techniques of verification:
(1) Document Review – this exercise examines the manual, procedures, work instructions, records and supporting documents.
(2) Verification Interviews – involves interviewing employees randomly to check the implementationof systems in place.
(3) Site Inspection – all physical installations at the site are checked against the standards and good environment practices.
A combination of any three verification techniques can be used, with the main intent of confirming evidence of the facts obtained.
(v) Closing Meeting
Audit findings and conclusions are presented by the audit team leader to highlight “Northworthy Efforts” (conformities) and “Area for Improvement” (non-conformities). Recommendations should be provide by the audit team, though they are not binding.
3. Post Audit (report writing and follow up)
This is mainly reporting writing and follow up after the submission of report. The report is confidential, and should be factual with key findings from the audit, notably with sections on Noteworthy Efforts and Areas for Improvement. Recommendations for improvement should be included, unless specially requested to be excluded by the client.
A good audit report should contain the following sections:
Executive Summary and Score Sheet
Findings from Site Inspection
Summary of Verification Interviews
Conclusion and Suggestions for Action
Depending on the contractual requirements, usually two copies of the reports are submitted to the client, with a copy extended to the auditee. The client may pose questions after reading the audit report, and the audit team leader must be prepared to meet the client and the auditee’s representatives to make presentations of the findings and to answer specific questions.