Practical Audit Tools - asq.orgasq.org/audit/2017/10/auditing/practical-audit-tools-session-2... · October 12 - 13, 2017 26th Annual ASQ Audit Division Conference: The Intercontinental

Practical Audit Tools

Session 2:

Auditor Competence, Audit Planning, & Audit Reporting

Jim Lamar

Quality Manager, Saint-Gobain NorPro

12 October 2017

Quality @ Saint Gobain NorPro

October 12 - 13, 2017 26th Annual ASQ Audit Division Conference: The Intercontinental Addison

• Saint-Gobain – very large French conglomerate, founded in 1665 (over 350 years old!)

• NorPro – a very small subsidiary of SG

• Catalytic Products – a business element of NorPro– Located in Bryan, TX

– Producing ceramic carriers for the chemical industry

– When you drink out of a PET water bottle or wear polyester clothing odds are that the Ethylene Oxide that made the MEG that made the PET was made in a reactor using a catalyst made from our carriers.

The tools we’ll look at today are

generalized versions of the ones

used at NorPro.

Today’s Topics

• Process Approach (a Powerpoint picture)

• Audit Conduct (a Word Checklist)

• Audit Planning

• Auditor Competency (an Excel workbook)

• Audit Reporting

3 preformatted tools to help you document your audit

process performance effectively and efficiently


• Process Flowchart and Checklist covered in 1st half of this extended session

• Auditor Competency, Planning, and Reporting covered in 2nd half.

Audit Planning / Reporting Tool


One tool – three provisions:

1. Tracking of auditor qualification &

experience

2. Planning for the audit (who, what, when &

where)

3. Reporting the audit findings

We’ll take a look at each of these pieces separately

Auditor Qualification


ISO 19011:2011 Clause 7 Competence and evaluation of

auditors contains several pages dedicated to this topic!

Here’s a snippet of specific interest:

7.2.4 Achieving auditor competence

Auditor knowledge and skills can be acquired using a combination of the

following:

– formal education/training and experience that contribute to the development of

knowledge and skills in the management system discipline and sector the auditor

intends to audit;

– training programmes that cover generic auditor knowledge and skills;

– experience in a relevant technical, managerial or professional position involving

the exercise of judgement, decision making, problem solving and communication

with managers, professionals, peers, customers and other interested parties;

– audit experience acquired under the supervision of an auditor in the same

discipline.

Our Auditor Competence tab


{Text}

Auditors Tab


• Very simplistic

• Minimal formulas / calculations

• Tracks qualification as well as experience level

• We use the site field to help ensure we include

independent (cross site) auditors on our internal

teams

• We make this information available to the planning

process – our next topic

Audit Planning


• 6.3.2.2 The scale and content of the audit plan may differ,

for example, between initial and subsequent audits, as well

as between internal and external audits. The audit plan

should be sufficiently flexible to permit changes which can

become necessary as the audit activities progress.

• The audit plan should cover or reference the following:

– a) the audit objectives;

– b) the audit scope, including identification of the organizational

and functional units, as well as processes to be audited;

– c) the audit criteria and any reference documents;

– d) the locations, dates, expected time and duration of audit

activities to be conducted, including meetings with the

auditee’s management;

– e) the audit methods to be used, including the extent to which

audit sampling is needed to obtain sufficient audit evidence

and the design of the sampling plan, if applicable;

– f) the roles and responsibilities of the audit team members,

as well as guides and observers;

– g) the allocation of appropriate resources to critical areas of the

audit.

Again, since ISO

9001 does not

provide much help

in how to plan or

report an audit,

we turn to ISO

19011:2011

The Audit Plan


• Lead auditor and client work together to define the plan

• Audit team selection is via drop downs

• Fill in the yellow field at the top for what site and when to conduct

the audit

• Define the scope of the audit by ungrouping the desired processes

(shown on next slide)

Audit Scope


• For each process (e.g. QA Lab) select the assigned auditor for that

process (drop downs in column J)

• Agree on estimated timing (column M) to cover the necessary topics

• Coordinating with the client – select the timing for that section of the

audit (column K)

Tracking our Progress


• Column I is included to help the lead auditor keep track of progress during the course of the audit – say at

lunch time and/or end of the day updates for longer audits

• Put a “Y” in this column and you can use the filter button to display only the remaining (blank) topics

• Don’t need this feature? Hide column I with the Data-Group option at the top of the screen.

Audit Reporting


Once again, ISO 9001

does not provide much

help in how to plan or

report an audit so we

turn to ISO

19011:2011.

Same requirements as

the audit plan with the

addition of the

findings, evidence,

and conclusions

6.5 Preparing and distributing the audit report

6.5.1 Preparing the audit report

The audit team leader should report the audit results in

accordance with the audit programme procedures.

The audit report should provide a complete, accurate,

concise and clear record of the audit, and should include or

refer to the following:a) the audit objectives;

b) the audit scope, particularly identification of the organizational and

functional units or processes audited;

c) identification of the audit client;

d) identification of audit team and auditee’s participants in the audit;

e) the dates and locations where the audit activities were conducted;

f) the audit criteria;

g) the audit findings and related evidence;

h) the audit conclusions;

i) a statement on the degree to which the audit criteria have been fulfilled.

Audit Reporting - Findings


• Nonconformances, Opportunities for Improvement and Noteworthy

observations can be reported on the AUDIT FINDINGS tab• Column B is a drop down selection field.

• Column C is a text entry field with suggested instructions for how to use it.

• Column D is a drop down selection field

• Column E is a text entry field

Audit Reporting – Findings 2


Out in Column G is a field that you may or may not choose to use. It concatenates

the information from columns B, C, D and E into a single field. We post the

contents of this concatenated field into our Corrective Action System as the

description of the issue. We find it useful for the description of the issue to include

the process, the clause, the description and everything all in one spot. If that’s not

a value added feature for you, hide, delete or just ignore that column. It doesn’t

cost any extra . . .

Audit Reporting - Summary


Customize for your organization

Demographic info for this audit

is auto-filled from the planning

tab

Rows 17 and 18 are formatted

to allow the auditor team to

summarize their conclusions.

The date defaults to today

(=now()) but can be changed to

meet your needs

Lead Auditor name is auto-

filled

How We Use These Tools


1. To initiate an audit, we make a copy of the ISO 9001-2015 Audit Plan-Report.xlsx workbook

and rename it to be used for the audit, for example Bryan TX Dec 2017 Audit Plan-

Report.xlsx

2. The client selects a lead auditor and together they develop the audit plan, selecting an

appropriate audit team and defining the scope by expanding the desired processes on the

AUDIT PLAN tab

3. We make a printed copy of the checklist for the audit team.

4. The pages of the checklist that are assigned to each auditor are distributed for the conduct

of the audit.

5. At the end of each day the audit team assembles to review their progress and their

findings.

6. The lead auditor will help with documentation of the findings on the AUDIT FINDINGS tab.

7. At the end of the audit the checklist pages are gathered up and put back in numerical order.

The cover page is completed by the lead auditor then the entire packaged is scanned and

saved as a PDF file, becoming part of the audit record – I mean retained documented

information. . .

8. The findings are reviewed as a team and the lead auditor summarizes the audit on the

REPORT SUMMARY tab. The completed workbook is then stored as part of the audit

record. (dang it – there I go again with old terminology! Old habits are hard to break!)

Developer Notes


• There is a tab on the Excel workbook called

Developer Notes

• Usually hidden (not needed for audit planning

and reporting) – it is visible on the version being

made available to make it easier for you to

customize for your use

• Nothing fancy being done in the background, but

you’ll need to know where data validation fields

come from and that sort of thing

Developer Notes - 2


Color coded by tab, I’ve tried to provide a listing of all

the formulas and data validation ranges used so you

can make this template your own.

Final Guidance


• To be effective:

– You must develop your own

process model. It may look a

lot like the general example

provided, or it may be very

different, but it must be YOUR

process.

– The checklist provided is organized around the process

model provided so once you’ve developed your process

you must then pick and choose which ISO topics apply to

each process step.

– The planning and reporting template is also organized

around the process model, so it too must be customized

to fit your specific site requirements.

End of Session 2


Some thumb drives available with the tools

presented today.

When these run out, leave your business card

and I’ll email the documents.

If questions later, drop me a note:

[email protected]

Best thing about these tools:

Practical Audit Tools - asq.orgasq.org/audit/2017/10/auditing/practical-audit-tools-session-2... · October 12 - 13, 2017 26th Annual ASQ Audit Division Conference: The Intercontinental

Documents