Audit Methodology as per ISO

9000:2000

Course Contents
1) Objectives
2) What is Quality?
3) Criteria for Selection of the Suppliers
4) Quality audits

5) Audit methodology
6) Assessment of audit findings Corrective Action
7) Common findings against ISO Clauses

Course Objectives
1. To provide participants with an overview of a
Supplier Audit.

2. To provide participants with the basic knowledge

and awareness of the tasks required of a
Supplier Audit.
3. To provide practical guidance on the proper
conduct of a Supplier Audit.

What is Quality?
What does quality mean to you?
Conformance to specifications
Fitness for purpose
Meeting needs and expectations
Free from defects
Value for money
On-time delivery
Consistency
Safe and reliable
Customer satisfaction
Delighting customers
4

Selection of Suppliers
Criteria for selection of the Supplier
Key Suppliers
Poor Quality Performance
Safety Critical Items
Reliability Critical Items
Special Processes

Quality Audits (ISO 9000:2000 definition)

1. Audit - systematic, independent and documented
process for obtaining audit evidence and
evaluating it objectively to determine the extent
to which audit criteria are fulfilled.
2. Audit evidence - records, statements of fact or
other information which are relevant to the audit
criteria and verifiable.
Note: Audit Recording Sheet

Quality Audits
Types of audits:
1. First Party audit (Internal Quality Audit)
For organisations to evaluate the conformance of
the various activities to the quality programme
and effectiveness of the quality system. Internal
quality audits are carried out to:
a) maintain or improve the efficiency of the
organisations operations;
b) determine how disciplined and effective the
organisations operations are;
c) conform to ISO 9001 standards requirement
(clause 8.2.2).
7

Quality Audits
Types of audits:
2. Second Party audit (Supplier Audit)
Carried out by an organisations auditors to
evaluate the ability of a supplier or potential
supplier to provide a particular product, service
or process.
Generally, supplier audits are based on national
or international standards, depending on the
organisations needs or contract requirements.

Quality Audits
Types of audits:
3. Third Party audit (Certification Audit)
Carried out by independent certification bodies
(e.g. PSB, DNV, ABS, Lloyds, BVI, SGS .) to
evaluate an organisations quality system with
respect to national or international standards so
as to provide registration or certification of
acceptable programme.

Audit Methodology
1.

Initiating the audit

define objectives, scope and criteria

determine feasibility of audit

establish audit team
serve notice of audit to the audittees
Note :The lead auditor has to inform supplier about
two weeks prior to the audit date
The notification shall include the scope of audit
and other information necessary for the
supplier to prepare themselves adequately
10

Audit Methodology
2.

Document review
review the relevant quality system
documents and records and determine their
adequacy

3.

Preparing for the on-site audit activities

planning the on-site activities
audit team work assignment
preparation of work documents

11

Audit Methodology
4.

On-site audit activities

conduct opening meeting
collecting and verifying information
identifying audit findings
communication during the audit
preparation for the closing meeting
conduct closing meeting

12

Audit Methodology
5.

Reporting on the audit

audit report preparation
report approval and distribution
retention of documents
raise corrective action form

Note: Audit Summary Report

Supplier Corrective Action Request

13

Audit Methodology
6.

Follow-up activities
verify adequacy and effectiveness of
corrective/preventive actions
close CAR if corrective action is satisfactory

14

Audit Methodology
Audit Strategies and Techniques
STRATEGIES

TECHNIQUES

Trace Forward

Clarifying

Trace Backward

Interviewing

Task-based

Observing

ISO 9000 elements

Verifying

Process flow

Collecting Objective
Evidence

15

Audit Methodology
1) Horizontal audit
Horizontal audit follows a process from start
to end. This method requires the auditors to
examine many small
samples of activities,
processes, products over a large area.
Because of the small samples used, the
activities and articles examined are not in
great detail, and the audit results will only
give a general overall condition of the quality
system.

16

Audit Methodology
2) Vertical audit
Vertical audit look, in depth, at a particular
function or department. This method require
the auditors to focus on an activity or a
process and to examine in great detail all
documents and records pertaining to the area
of focus. The advantage of the vertical audit
is that it may uncover discrepancies which are
hidden and are unnoticeable in daily activities.
This is very useful, especially if there is a
need to get to the root of a quality problem.

17

Audit Methodology
Selection of sample PO
We should select SCI or RCI PO
Condition of the PO (heat treatment, chemical
coating, material supplied, etc)
Verify the revision of the PO drawings

18

Audit Methodology
Quality section

Verify inspection record (sampling size, GD&T,

missing dimension, measuring mean, correct
specification, etc)

The inspection records including the following:

In-coming inspection report
First off inspection report
In-process inspection report
Out-going inspection report

19

Audit Methodology
Control of measuring and monitoring devices
Calibration master list
Identify the item and serial number, due date for
calibration
Verify the frequency of the calibration
Verify the evidence of review on the calibration
report

20

Audit Methodology
Production section

Verify the process documents (route/travel card,

revision of drawing, etc)
Verify the inspection key point during the
manufacturing processes (first off, in-process,
etc)

21

Audit Methodology
Production section

Verify the parts/material adequately

identified/controlled at all time throughout the
manufacturing process
Ask the machinist to demonstrate the inspection
technique to check their competency

22

Audit Methodology
Special process
Verify the training record
Verify WPS, WQP for the welding
Verify the painter qualification
Verify the heat treatment parameter

Verify the analysis of chemical bath

NDT inspector records
23

Audit Methodology
Control of non-conformance materials
Who is responsible to review and disposition of
nonconforming material
Nonconforming material segregate at all time
Verify the record of action taken (repair, scrap,
concession, etc)

24

Audit Methodology
Purchased product

Verify the evidence of reviewing on COC, mill

certificate, test report, etc
Verify the chemical composition: yield strength
and hardness
Verify the adequate of identification of the raw
material
25

Classification of audit findings

1.

Non-conformance
The non-fulfilment of specified requirements
In an audit, non-conformance may be due to:
system document did not adequately address
the requirements of the applicable quality
system standard or reflect actual system
practices
Practices or implementations did not comply
with established system documents or
requirement(s) of applicable system standard

26

Classification of audit findings

1.

Non-conformance (continue)
Non-conformances identified during an audit
must be factual and not an expression of
auditors personal opinion or preference

27

Classification of audit findings

2. Observation
An observation is not a non-conformance. It is
an area where the auditor or audit team
highlights, so that further investigation can be
looked into to improve the overall effectiveness
of the quality system
3. Area of Improvement
The audit evidence is not sufficient for nonconformance report, but it is an area of concern
to avoid and for improvement
28

Corrective Action
Definitions:
1. Corrective action - action to eliminate the cause
of a detected nonconformity or other undesirable
situation.
Note:

Corrective action is taken to prevent recurrence.

Corrective action as part of an audit cycle occurs
after non-conformances have been identified.
Corrective action are requested from an audittee
by the auditor through the issuing of Corrective
Action Request.
29

Corrective Action
2. Process for Corrective Action

The corrective action process usually requires

the audittee and other responsible persons to:
Investigate and determine the root cause(s)
of non-conformance
Analyse the causes (such as man, machine,
material, method and environment)

30

Corrective Action
2. Process for Corrective Action (continue)

Select and implement appropriate corrective

action to prevent recurrence of nonconformance
Apply control to ensure effectiveness of
corrective action taken
Record corrective action taken and update
affected documents

31

Corrective Action
3. Follow-up verification
This is a post audit activity which is part of the
corrective
action
process.
The
follow-up
verification usually involves the auditor/audit team
verifying the appropriateness and effectiveness of
corrective action(s) taken.

32

Corrective Action
3. Follow-up verification (continue)
The
verification
process
auditor/audit team to verify:

requires

the

that root cause(s) has been identified

that corrective action taken are adequate and
effective

that personnel affected are aware of corrective

action taken or appropriate training provided on
changes made
that corrective action taken are documented
and relevant document amended to reflect
changes
33

Quality requirements of ISO 9001:2000 standard

4.2.3 Control of Documents
Documented Procedure shall be established to
define the controls needed:
To approve for adequacy prior to use
To review, Update and Re-Approve
To identify Current and Current Revision
Status
To ensure availability at Point of Use

34

Quality requirements of ISO 9001:2000 standard

4.2.3 Control of Documents (Continue)
To ensure documents are Legible and Readily
Identifiable
To ensure documents of external origin (e.g.
customer) are identified and controlled
To ensure obsolete documents are
Prevented from unintended use
Identified if retained

35

Common findings against ISO Clauses

Control of documents (4.2.3)

Drawings used for production are not updated

when revised/updated drawings are supplied
Superseded documents filed together with
current documents without proper identification
Document master list does not reflect the latest
documents revision status

36

Quality requirements of ISO 9001:2000 standard

7.5.1

Control of Production and Service Provision

Control conditions include:
Product Characteristics
Work Instructions

Equipment
Monitoring & Measuring Devices
Monitoring & Measurement
Product Release, Delivery and Post
Delivery
37

Common findings against ISO Clauses

Production and service provision (7.5.1)
Wrong specifications stated in the process
documents
Use of non-approved process documents

38

Quality requirements of ISO 9001:2000 standard

8.3 Control of Non-conforming product
Record the nature of non-conformities
Record the subsequent actions taken
Re-evaluate the corrected non-conforming
product
Non-conforming product detected after
delivery

39

Common findings against ISO Clauses

Control of non-conforming product (8.3)
Rejected parts are not properly identified and not
segregated from the acceptable parts

40

Quality requirements of ISO 9001:2000 standard

7.6

Control of Monitoring and Measuring Devices

Determine the needs for monitoring and
measurement
Determine the devices
Perform monitoring and measurement

41

Quality requirements of ISO 9001:2000 standard

7.6

Control of Monitoring and Measuring Devices

(continue)

Ensuring device give valid results:

Calibrated or Verified at specific intervals
Adjusted or re-adjusted as necessary
Identified to enable the calibration status
Safeguard from adjustments

Protected from damage and deterioration

during handling, maintenance and storage
42

Common findings against ISO Clauses

Control of monitoring and measuring devices (7.6)

Use of un-calibrated or expired gauges and

measuring instruments
Use of inappropriate measuring instruments or
gauges
Use of non-approved work instructions for inhouse calibration
Measuring instruments are not calibrated to their
full range
43

Quality requirements of ISO 9001:2000 standard

8.2.4 Monitoring and Measurement of Product
Monitor the product characteristics
Record the evidence of conformity &
authority for product (4.2.4)
Release product and deliver service only
when the monitoring requirements are
satisfactory completed
Waiver with relevant authority approval (and
/ or customer approval where applicable)

44

Common findings against ISO Clauses

Monitoring and measurement of product (8.2.4)

Inspection samples are not taken according to the

sampling plans
Measuring instruments used are not reflected in
the inspection record
The GD&T dimensions are not reflected in the
inspection report
The tolerances are not reflected in the inspection
report
45