Conducting QMS audits. WRC reception for publication in ebs spbget "leti". Issuance of library cards

Send your good work in the knowledge base is simple. Use the form below

Students, graduate students, young scientists who use the knowledge base in their studies and work will be very grateful to you.

Posted on http://www.allbest.ru/

Tasks

1. Give an interpretation of the concept of "audit" in relation to quality management systems. Name the types of audits. Disclose the essence of audits by the first, second and third parties. Explain the concept of "audit criteria", "audit evidence". Give relevant examples

2. Explain the concept of "Audit Program". Describe the stages of preparing and conducting an audit of the QMS

3. Describe the international standard governing the audit of the QMS. Describe the sections of this document and explain its purpose

Audit of the Quality Management System (QMS) is an independent, systematic and documented process of generating evidence and their competent and independent evaluation, the purpose of which is to establish the level of fulfillment of established criteria (ISO 19011:2002 "Guidelines for a quality management system and environmental management systems" ).

First of all, the audit of the QMS is a systematic process, therefore it should be carried out in the organization with a specific frequency noted in the plan. The periods of its implementation will be in direct proportion to what type the QMS audit belongs to - external or internal. In internal audit, an organization examines its own system, procedures and activities. This audit provides management with information about the performance of the system, regardless of policy compliance and regardless of the need for change. All quality systems must respond effectively to change, internal and external, and a well-executed internal quality audit can ensure this response. The periods for conducting such an audit are established by the organization itself. An audit that is required in addition to scheduled audits is called an unscheduled audit. Internal audit refers to audits by the first party, is carried out by the organization, serves as the basis for finding and eliminating the causes of detected nonconformities, making decisions on adjusting processes and improving the organization's quality system.

A second party audit is carried out by an organization for its own purposes in another organization. This includes audits conducted by customers in supplier organizations, both existing and potential. The main purpose of auditing a supplier organization is to obtain sufficient information about the supplier's quality system to ensure that the customer organization's own requirements for the supplier are and will continue to be fulfilled. It is important that the audit is conducted in a professional manner and accurately reflects the effectiveness of the supplier's quality system.

Third party audits are carried out by external, independent organizations.

When performing an external audit (by a second or third party), the QMS audit periods are set by the customer or according to the rules of the certification body. External audit can be certification, supervisory and diagnostic. During the certification audit, the certification body assesses the compliance of the quality system with the certification criteria and determines the possibility of issuing a quality system certificate to the organization.

Surveillance audits are carried out at regular intervals to determine whether the organization's quality system can maintain the status of a certified system. As a rule, this audit selectively considers elements of the system.

A repeat diagnostic audit is performed before the issued certificate expires. The results of the audit show whether further renewal of the certification is possible. Most certification bodies are planning to conduct such audits. takes into account information obtained from surveillance audits and limits the audit to checking a number of selected elements of the system.

The term "independent" in the definition of the QMS audit implies that the special employees who conduct the audit should not be interested in the results of the work they are checking. This independence is provided in various ways. In the case of internal audit of the QMS, independence lies in the choice of auditors among various organizational units. And in the case of an external audit, it is that the selected auditors are not involved in the development and implementation of the quality system in the organization that they will audit. External level auditors cannot act as consultants in the implementation of the QMS for the audited organization.

QMS audit is a documented process. Absolutely all stages, methods and methods of its implementation, requirements and final results of the audit must be documented. Documents, facts of work performance or records can be used as evidence.

It should also be noted that the audit of the quality management system should be carried out according to the established specified criteria. Established audit criteria refers to documented requirements (internal standards - schemes of work, procedures, regulations and other or external standards, for example, ISO 9001:2008). From this it follows that the role of criteria can be any documents of legal regulation that represent the requirements for the audit. The consistency of audit criteria is achieved by the acceptance of these criteria by the parties involved in the audit. For example, an enterprise, for its part, assumes the obligation to comply with the requirements specified in ISO 9001:2008, and the certification body, for its part, assumes the obligation to audit its quality system for compliance with the requirements that are directly specified in ISO 9001:2008.

In the process of auditing, it is established at what level the quality system has been introduced in the organization, whether it is functioning, and whether the quality system is beneficial in the task of achieving positive final results for the main activities of the enterprise. The audit should provide information about the effectiveness of the audit - that is, the audit should show whether the quality system is functioning or whether only certain elements work here.

2. Explain the concept of "Audit Program". Describe the stepsdevelopment and audit of the QMS

The standard for auditing quality management systems and / or environmental management systems, like the entire system of international quality standards, is guided by the Deming-Shewhart cycle: plan - do - check (study) - act. Therefore, the stages of preparing and conducting an audit of the QMS are regulated by the famous PDCA cycle and can be represented as follows:

audit international quality standard

To successfully guide the audit preparation process, the following factors must be present:

the importance of audit management;

different stages of the audit and their functions;

· the importance of effective planning and preparation for an audit, including the need to accurately determine the scope of the audit;

the purpose and usefulness of contacts prior to the audit and their possible forms;

· a systematic approach to audit and, in particular, the importance of the structure of the quality management system, its processes, their sequence and interaction for planning an effective audit;

· the concept of system mapping and the benefits of this approach in preparing for an effective audit of the quality management system;

· the principles and importance of selecting a competent and independent team;

· the purpose and importance of meetings during the audit.

audit program. The internal audit program is one of the main measures that ensure the effectiveness of the system and is a source of information for the management of the organization. For an internal audit program to be effective, it must be planned and managed. Internal audit programs can be drawn up in different ways. An audit may be scheduled as a series of horizontal or vertical audits, or as a combination of the two. It is worth mentioning that conducting internal audits in an organization in this way is usually less efficient in terms of the use of available time and resources, and will also annoy the auditee, since the same department may be visited more than once during the same cycle. In addition, in the case of internal audits, it is unlikely that a single auditor will be able to assess whether all interactions between processes are defined and whether they are adequately and properly managed. Therefore, the audit program manager should be responsible for ensuring that all of these interactions and the effectiveness of their management are fully evaluated, which may require results from multiple auditors. The audit program manager should consider this at the planning stage of the audit program. The goal is to ensure that the collective outcome of the individual audits allows an assessment of the effectiveness of the system in meeting objectives and identifying potential for improvement. When planning an audit program, one such approach might be to graphically represent the interacting processes in the form of diagrams, where boxes represent individual processes (system map). When planning an audit program, the organization should consider:

The importance of the activity or site. Consideration should be given to the impact that the activity or site has on the conformity of the product and on the achievement of quality objectives.

· Activity status.

· Results of previous audits.

In addition, there are other considerations:

The readiness of employees.

· Staff readiness for audits.

· Signs of problems.

· The need to analyze the site in terms of improvement.

· The need to evaluate the implementation of quality improvement programs.

When planning an audit program, it is important to ensure that the associated costs and concerns are minimized while maximizing benefits.

Audit stages. Inspection activities are costly in terms of time and human factors: they require planning, execution and reporting. In addition, follow-up actions may require the involvement of the auditor and the auditee. The inspection itself can interfere with the production process, as the auditor distracts workers with their questions, and introductory and closing meetings take up valuable time for management. Therefore, it is very important to carry out the check properly from start to finish. There is a golden rule: audits are never taken by surprise. Dates should be mutually convenient and agreed in advance. There is no benefit to a sudden audit, which can only have negative consequences. Indeed, an unannounced audit can interrupt or impede operations at a critical moment, resulting in significant financial losses. Arriving for the purpose of an audit without prior notification and approval will be interpreted simply and clearly: "We came here to catch you in the act!". There are a number of specific steps that need to be completed:

1. Collection of information.

2. Planning and preparation.

3. Introductory meeting.

5. Closing meeting.

6. Follow up.

To understand how critical preparation is for an audit, it is worth mentioning that preparations typically require approximately 40% of the audit time. This stage includes steps 1 and 2. This includes actions taken by management and administrators of the audit program, as well as time spent by auditors gathering information, reviewing documents, planning, and preparing. The second stage (doing the audit) covers steps 3, 4 and 5 and typically takes about 40% of the time. Reporting (continuous during the audit) and follow-up require 10% of the time each. The audit may be carried out by a single auditor or by a group of auditors, but the lead auditor will always bear all responsibility. The lead auditor receives instructions from the audit program manager and the client's procedures must be followed.

Collection of information. Before proceeding to collect all the necessary information required for the audit, the auditor should obtain the following fundamental information from the audit program manager:

1. Reason for the audit.

2. Scope of the audit.

Once the above is established, the auditor can begin gathering the information required to ensure the effectiveness of the audit. The scope of the audit determines the boundaries of the audit, taking into account:

· Areas to be checked.

· Parts of the organization to be audited.

After receiving brief information from the audit program manager to plan and prepare the audit, the auditor or team leader should establish the following information about the area to be audited:

1. Types of activity.

2. Complexity of operations.

3. Size of subdivision/plot.

All of the above can be clarified prior to the audit by phone, letter, questionnaire, study visit or any other means of communication. It is possible to combine several methods at once. Auditors preparing an audit are strongly encouraged to consider arranging a pre-audit visit. Such a visit provides an opportunity to collect much more information and allows the auditor to physically assess the size and complexity of the unit. This provides an opportunity to liaise with site management, explain everything about the audit, and eliminate natural concerns by explaining how audits are performed and reports are prepared. The pre-audit visit also provides an excellent opportunity to avoid many of the problems that may arise during the audit, which is resolved in an open discussion of such problems with and in cooperation with the site manager. Such a preliminary visit in the case of internal audits is almost always possible and recommended, even if the auditee and the auditor already know each other.

Planning and preparation. After collecting all the necessary information, the lead auditor is responsible for preparing for the audit. The following processes must be carried out:

1. Determine the amount of work and time that will be required. This will affect the scope and complexity of the audit. But keep in mind that audits cost money, so the audit should be brief.

2. Set dates that are acceptable to auditees and auditors and notify them well in advance. (Dates are often agreed upon by audit program management.)

3. Determine the approach.

4. Prepare an audit plan by assigning individual tasks to team members. A rigid schedule should also be avoided. It is recommended to make a schedule for the time before and after noon. When planning an audit, the team leader must remember to cover all shifts, if any.

5. Prepare working papers:

o Checklists.

o Standards.

o Guidelines, etc.

6. Notify the auditee by sending:

o Audit plan.

o Matrix plan.

o Checklists.

o It is very good practice to provide the auditee with as much information as possible prior to the audit. This helps to eliminate any possible concerns and creates an atmosphere of mutual cooperation. Some auditors fear that sending checklists to the auditee prior to the audit will allow them to "prepare" for the audit. So what? Any improvements made will benefit the system.

7. If a group of auditors will be working, make sure that the group is fully prepared.

8. Obtain all necessary documentation for analysis.

9. Inform the auditee of the need for an introductory meeting.

Meetings during the audit. During the course of an audit, the lead auditor should hold many meetings to ensure that the audit is going according to plan. They will include:

· Introductory meeting.

· Closing meeting.

· Meetings within the group.

The team leader, who acts as chairman, should manage all of these meetings. The lead auditor must prepare for these meetings, determine an acceptable seating plan, take into account the names of those present (and pronounce them correctly). It is good practice to have a prepared agenda for meetings. Introductory meeting. The main purpose of the opening meeting is to introduce the group and set ground rules. The lead auditor has a lot to cover and the habit of preparing the agenda will show that this very formal meeting will go well with everything planned. Lead Auditor:

1. Represents a group.

2. Confirms the reason for the audit and its scope.

3. Confirms the criteria (standard or otherwise) used as the basis for the audit.

4. Details: who, what and when will perform. An audit plan will be provided in advance, but a brief review is necessary to check if last-minute changes are required.

5. Explains that the audit will be selective.

6. Guarantees the confidentiality of all information obtained during the audit to the auditees.

7. Explains how the results of the audit will be reported.

8. Provides an explanation of nonconformities, how they are reported and classified (major, minor, and so on).

9. Agree on the status of the quality system documentation to be used in the audit process.

10. Checks the awareness of the audited personnel about the audit.

11. Discusses any security requirements to be followed and any security measures required by the auditors.

12. Explains the need for a final meeting, its details, date and purpose.

13. Answers questions regarding the audit.

Note:

· The group leader chairs the meeting and must manage it. This must be done politely, tactfully and diplomatically.

· In large (particularly international) organizations with many branches or sites, internal auditors, like external auditors, may need to be accompanied.

Group interaction meetings. Team engagement meetings should be held to ensure that the scope of the audit is fully covered. These meetings also compare results and discuss inconsistencies. Final meeting. As a rule, the closing meeting is held at the end of the audit. It is usually attended by those who were at the introductory meeting. Prior to the closing meeting, the auditor should ensure that he/they are prepared to report the results to site management. All nonconformity reports must be at least drafted before the closing meeting. A closing meeting is chaired by the team leader to report the results of the audit to the management of the site being audited and to determine any next steps. Auditors should report the results of the audit in full, and not limit the report to nonconformities. All positive observations must also be reported. The meeting agenda should include the following:

1. Gratitude to the auditees for their assistance.

2. Resubmission of the audit team.

3. Brief conclusion on the scope of the audit.

4. Explanation of the reason and purpose of the audit and the method that was used.

5. It should be said here that the audit was selective and therefore not all nonconformities were identified.

6. Reconfirm confidentiality.

7. Request that all questions and discussions be moved to the end of the meeting.

8. Report each member of the group on his area of audit. Only facts.

9. Inviting the auditee to participate in the discussion of any specific issues.

10. Agree on the timing of the completion of corrective actions.

11. Explanation, where applicable, of the next steps.

12. Providing all individual non-compliance reports and a final report. If it is a handwritten version (which may be necessary), then it should be followed by an identical printed copy.

During internal audits, all meetings tend to be rather informal if it is a small organization.

Audit. During the audit, the team leader is responsible for:

1. Ensuring the completeness of the audit.

2. Ensuring that nonconformity reports are based on solid objective evidence and are clearly and concisely worded.

3. Regularity of group meetings.

4. Scheduled audit, including, if necessary, reallocation of resources.

Following actions. After the agreed time has elapsed, the audit team leader should make a “follow-up” visit or review the documented evidence provided to verify that corrective actions have been taken; make sure they have proven effective and will remain so in the future; that they have been properly documented and communicated to all interested parties. The report must then be signed accordingly. No audit can be considered complete, let alone effective, if the specified actions have not been completed with a satisfactory outcome. It is important to agree on appropriate corrective actions during the audit. It is equally important to resolve the issue of a reasonable time frame for the completion of these actions. Upon reaching the deadline for completion of corrective actions, the auditor or his representative should verify that they have been completed, and if this has not happened, he should find out the reason for the non-compliance and take measures to ensure that the matter is expedited. But it is even more important to make sure that the correct action was taken, because in the future at the right time it will be difficult to check this with more accuracy, and, frankly, the personnel who have experienced these corrective actions will know exactly whether their work has become easier or vice versa. as a result of this action and whether this action is necessary at all. Part of the tasks of the audit team leader is to perform "follow-up actions" - after the audit - after the agreed time period has elapsed to verify that corrective actions have been effectively implemented; if for some reason they are not fulfilled, the team leader should draw the attention of senior management to this fact. Until proper follow-up actions are taken and the effectiveness of corrective actions is verified, all audit work can be nothing more than a waste of money and time.

3. Describe the international standard governing the audit of the QMS. Describe sections of this document nta and explain its purpose

The international standard ISO 19011:2002 focuses on the importance of audits as a management tool for monitoring and confirming the effectiveness of the implementation of the organization's quality and environmental policies.

This International Standard provides guidance on the management of audit programmes, the conduct of internal or external audits of quality systems and/or environmental management systems. It also serves as a guide for determining the competence and evaluation of auditors. Designed for use by a wide range of potential users, including auditors; organizations implementing quality management systems and/or environmental management systems; organizations that need to audit their quality management system and/or environmental management system for contractual reasons; as well as organizations involved in certification or training of auditors, certification/registration of management systems, accreditation or standardization in the field of conformity assessment.

Clauses 1, 2 and 3 describe the scope of the standard, normative references, terms and definitions.

Clause 4 describes the principles of auditing that help the user understand the nature of auditing: ethical conduct, impartiality, due diligence, independence, fact-based approach. They are a necessary preface to the sections: paragraph 5 Management of the audit program,

Clause 6 Audit activities,

Clause 7 Competence and evaluation of auditors.

Clause 5 provides guidelines for managing audit programs and covers issues such as assigning responsibility for managing audit programs, defining the objectives of the audit program, coordinating the conduct of audits, and securing the necessary resources, i.e. audit team.

Section 6 provides guidance on auditing quality systems and environmental management systems, including the selection of an audit team. The section includes six stages and seven phases of the audit.

Stage 1: Audit Initiation.

Stage 2: Conducting documentation analysis.

Stage 3: Preparation for the on-site audit.

Stage 4: Conducting an on-site audit.

Phase 1: Pre-meeting.

Phase 2: Communication during the audit.

Phase 3: Roles and responsibilities of escorts and observers.

Phase 4: Collection and verification of information. Sources of information: Interviews with employees and others, Observation of activities, work environment and conditions.

Phase 5: Generate audit observations.

Phase 6: Preparation of conclusions on the results of the audit. Analysis of audit findings in terms of audit objectives. Coordination of the conclusion on the results of the audit. Preparation of recommendations. Discussion of the subsequent audit.

Phase 7: Concluding meeting.

Audit evidence and observations. Evaluation of audit evidence in terms of audit criteria (result: pass, fail, opportunity for improvement). Analysis of audit observations. Registration of discrepancies and evidence confirming them.

Stage 5 audit: Preparation, approval and distribution of the audit report. Stage 6 of the audit: Completion of the audit.

Conducting a follow-up audit.

Section 7 provides guidance on the competencies that auditors should have and describes the process for evaluating auditors. Personal qualities of the auditor. Maintaining and improving competence. Auditor evaluation. Knowledge and skills.

This International Standard provides guidelines only, users may use these guidelines to develop their own auditing requirements.

Literature

1. Lebedinets V.A. Quality management: [textbook for students of the specialties "Technology of perfumes and cosmetics", "Pharmacy", "Quality, standardization and certification", 2nd ed.] / V.A. Lebedinets, S. N. Kovalenko, St. N. Kovalenko. - H. : Publishing House of NFAU, 2011. - 284 p.

2. Yakistyu control systems. Wimogi (ISO 9001:2008, IDT) : DSTU ISO 9001:2009. - [To replace DSTU ISO 9001-2001; Chinniy vid 2009-09-01]. - K.: State Standard of Ukraine, 2009. - 28 p. - (National standard of Ukraine).

3. DSTU ISO 19011:2003 - Setting up an audit of control systems for quality and/or technological control.

Hosted on Allbest.ru

QMS audit - goals and sources of information

Audit of the quality management system (QMS) is a systematic process of obtaining information about the functioning of the QMS and its compliance with the criteria established by the current standards.

QMS audit can be:

external — verification is carried out by employees of third-party specialized organizations;
internal - the audit is carried out by employees of the quality service of the audited enterprise (you will find details about the internal audit service).

The internal audit of the quality management system is carried out in order to:

timely identification of problems and inconsistencies in the QMS functioning at the enterprise;
determining the causes of such inconsistencies and developing methods for their elimination;
verification of the effectiveness of corrective actions taken as a result of previously completed audits;
preparation for an external audit to obtain a certificate of compliance with ISO 9001 and other standards.

Sources of information during such a check can be:

personal conversations with employees of the audited divisions of the enterprise;
the results of independent monitoring by auditors of the activities of employees, the state of their jobs, working conditions, etc.;
information received from consumers through feedback;
internal documents of the division (reports, contracts, instructions, cost estimates, design and technological documentation, etc.);
reports on the conducted audits and the adjustments made as a result of them, compiled earlier.

Principles of conducting an internal audit of the QMS

The principles for conducting internal audits are fixed in GOST R ISO 19011-2012. These include:

impartiality: the auditor must objectively evaluate the information and documents received, form truthful and accurate reports;
confidentiality: the auditor must keep the information received by him secret from third parties;
professional prudence: the auditor must be diligent, apply his professional knowledge in relation to the object of verification;
independence: the auditor must independently make decisions based on the information received by him and not change them due to the third-party influence of interested parties;
evidence-based approach: due to the limited length of time during which the audit must be carried out, the auditor should use samples of certain information in order to obtain information about the functioning of the QMS as a whole;
Integrity: the auditor's activity must comply simultaneously with all of the above principles.

The procedure for conducting an internal audit

The procedure for conducting an internal audit includes several stages, going in the following order:

Issuance of an audit order (it contains information about the audited unit and the composition of the audit team).
Drawing up and approval of the test plan.
Holding a workshop by members of the audit team.
Development of working documentation for the audit.
Notification of the audited unit about the upcoming audit.
Conducting a preliminary meeting with representatives of the audited unit.
Examination.
Final meeting with representatives of the audited unit.
Preparation of reporting documentation and its distribution to interested parties.

Audit Program

An internal audit program is a document containing information about audits that must be carried out at an enterprise within a certain period of time (usually six months or a year). It is developed by a representative of the quality service of the enterprise, who has the authority to conduct inspections in its divisions.

The QMS internal audit program specifies:

audit objectives;
audited processes (types of activity of the unit);
audited units;
audit criteria;
time (as a rule, a month is indicated) of the event;
Full name of the auditor.

The document is approved by the head of the enterprise (general director, chief engineer, etc.). After that, the head of the quality service forms plans and schedules for specific audits and coordinates them with the management of the units in respect of which the audit will be carried out.

Content and example of an internal audit plan for the QMS

The audit team leader should prepare an audit plan and share it with the auditee. This document contains the following information:

the purpose of the audit;
the criteria by which the audit is carried out, as well as the list of documents to be checked;
scope of the audit (subdivision being audited, including the organizational and functional processes taking place in it);
indication of the date and place of the inspection;
roles and responsibilities of the audit team members and accompanying persons.

The document is approved by the head of the enterprise, the divisions of which are subject to verification. During the audit, the plan may be adjusted by the audit team leader. An example of an internal audit plan might look like this:

APPROVE

JSC FTOROPLAST

(signature) /Malchenkov E.A./

01.08.2018

Internal audit plan

Basis for verification: internal audit program of the quality management system for 2018.

Object of verification: resource management for monitoring and measurements, metrological support.

Audited subdivision: tool-preparation shop.

The terms of the audit: 08/09/2018-08/10/2018.

Audit criteria (designation of documents or their sections): clause 7.1.5 of GOST R ISO 9001-2012, STO QMS 7.021-2017.

The purpose of the audit: verification and evaluation of compliance with established requirements.

Date of submission of the report: 08/13/2018.

List of officials to whom copies of the report should be submitted: a representative of the QMS management, the head of the tool and procurement workshop.

Signatures:

(signature) / Yu. N. Evseeva / 01.08.2018

Auditors:

Don't know your rights?

(signature) /E. P. Artemov / 01.08.2018

(signature) /A. S. Klinkova / 01.08.2018

Checklist as the main tool of the auditor

The main working document of the auditor is the control sheet. It is a pre-compiled systematized list of questions, the answers to which will allow the inspector to obtain complete and up-to-date information about the functioning of the QMS in the units.

Existing standards do not contain a specific form of this document, so the auditor can prepare it himself. It is important that the form of the checklist allows you to enter into it the information obtained during the audit and use them in the subsequent analysis.

The purpose of using this document is to remind the auditor of the information that he should receive and the facts that should be examined during the audit. In addition, the use of such a sheet will allow the auditor to assess the amount of work to be done, correctly distribute them in time and complete the audit in accordance with the specified deadlines.

The use of pre-prepared checklists should not affect the conduct of the audit. In the event that the course of the audit changes (for example, if in the course of its implementation the auditor identified facts to be investigated, the verification of which was not planned), appropriate adjustments should be made to the checklists.

Working papers and records should be retained until the end of the audit. If they contain information that has the status of confidential, it is necessary to provide them with an appropriate level of protection against unauthorized access.

Dealing with nonconformities identified as a result of internal audit

All discrepancies identified as a result of the audit must be documented. This procedure provides:

detection, identification and registration of nonconformities;
classification of inconsistencies according to their degree of significance;
drawing up protocols of non-compliances.

The protocol of non-compliance states:

the time and place of its discovery;
the content and significance of the nonconformity;
a reference to a violation of a specific clause of an enterprise standard or GOST, which acts as an audit criterion.

The non-compliance protocol is a source of information for the subsequent development of corrective and preventive actions to eliminate the identified deficiencies.

Examples of inconsistencies in the internal audit of the QMS

The list of inconsistencies that can be identified during the internal audit process is extensive, since the characteristics of any process occurring in the organization may not fully or partially meet the criteria specified by the standard.

Here is a list of the main criteria and the most common inconsistencies with them:

Management Responsibility:

the QMS is not analyzed by the management;
the policy and goals of the enterprise in the field of quality are not brought to the attention of employees;
there is no matrix of distribution of responsibility between employees.

there is no quality manual;
QMS procedures are not documented;
there is no quality planning procedure.

Documentation management:

the documentation management procedure is not implemented;
the list of documentation and data to be managed has not been established;
the procedure for changing documents and data is not performed.

Management of products supplied to consumers:

the procedure for managing products supplied to consumers is not followed;
the absence of such procedures is not motivated.

Management of nonconforming products:

nonconforming products are not managed;
there is no marriage insulator or is in the wrong place;
control of nonconforming products in the isolator is not carried out.

Personnel training:

personnel selection and training procedures are not documented;
there are no plans for advanced training in the working documentation of the personnel department.

Content and example of a QMS internal audit report

After the completion of the internal audit, the head of the audit team draws up a report on the results of the work done.

Drawing up an audit report ensures:

The visibility of the test results.
Ability to summarize and analyze the results of all audits conducted in accordance with the current program.
Simplification of the procedure for preparing and implementing corrective actions.

The form of such a report is not regulated by the current standards, so it may vary depending on the enterprise. In general, the report might look like this:

APPROVE

Representative of the QMS management

JSC FTOROPLAST

(signature) /E. A. Malchenkov/

14.08.2018

Report on the results of the internal audit

Registration number 21 dated 13.08.2018

Name of the process or activity: resource management for monitoring and measurement, metrological support.

Name of the audited unit: tool-preparation shop.

Audit date: 08/09/2018-08/10/2018.

Audit criteria (designation of the document or its sections): clause 7.1.5 of GOST R ISO 9001-2012, STO QMS 7.021-2017.

The purpose of internal audit: verification and evaluation of compliance with established requirements.

Head of the audit team: Evseeva Yu.N.

Auditors: Artemov E.P., Klinkova A.S.

Test Results

Scope of the audit: full.

Number of detected nonconformities: 0

Audit conclusion

The activities of the audited units meet the established requirements. Corrective action is not required.

Audit team leader:

(signature) / Yu. N. Evseeva/)

So, internal audits are one of the main tools for assessing the effectiveness of the functioning of the QMS. Conducting such audits allows management to identify non-compliance with the audit criteria set by existing standards, as well as prepare for passing an external audit conducted as part of the certification of production. The audit is carried out in accordance with the existing audit program based on the audit plan prepared by the head of the audit team. Based on the results of the audit, an audit report is drawn up, which contains information about the identified non-conformities and (if any) recommended corrective actions aimed at eliminating them.

The introduction of management systems at the enterprises of our country, including QMS, EMS, management systems based on the principles of HACCP, integrated management systems and others, is inextricably linked with the need for their internal and external checks (audits).

Based on the results of audits, the need for preventive and corrective measures within the QMS is determined to improve its effectiveness.

Guidelines for auditing a QMS are contained in GOST R ISO 19011-2003 “Guidelines for auditing quality management systems and/or environmental management systems”. The standard is an almost complete identical text of the international standard ISO 19011:2002 with minor changes. It contains guidelines on the principles of auditing, managing audit programs, conducting internal or external audits of the QMS (EMS), as well as on the competence and assessment of auditors (experts) to conduct these audits. The guidelines and recommendations of the standard can be applied to other types of audits, including audits of management systems based on the principles of HACCP and integrated management systems.

Audit— a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which agreed-upon audit criteria have been met.

Audits are being carried out auditors(experts) - persons competent in this field of activity. Audits and certification of the QMS may be involved technical experts- i.e. persons with special knowledge or experience in relation to the object being audited.

Audit scope-- the content and boundaries of the audit. The scope of the audit typically includes the location, structure of the organization, activities and processes at a particular time period.

audit objects are products, processes and QMS. Products and processes, depending on the objectives of the audit, may be subject to inspections even in the absence of a full audit of the QMS, but at the same time they must comply with the requirements contained in GOST R ISO 9001.

Product audit is designed to determine the effectiveness of quality management measures for a particular product (product). An assessment is made of the conformity of product quality to customer requirements, technical and regulatory documentation. At the same time, the efficiency of manufacturing and testing products, the feasibility and interconnectedness of the documents used are considered. Product audit is much broader than the traditional quality control of products carried out by the enterprise. It includes, among other product inspections, the consideration and evaluation of the relevant elements of the QMS used for certification purposes (“Planning the processes of the life cycle of products”, “Determining the requirements related to the product”, “Analysis of the requirements related to the product”, etc.) .

Process audit aims to test specific processes to determine their compliance with established requirements and determine their effectiveness. This evaluates, for example, the compliance of the characteristics of the process with the working and methodological instructions of the process specification, recipes, technical documentation and customer requirements.

When planning internal audits, consideration should be given to the status and significance of the processes being audited, as well as the results of previous audits.

Checked processes can have one of the following statuses:

the process was audited during the reporting period, meets the established requirements and is effective;
the process was audited during the reporting period, meets the established requirements, but is not effective;
the process was audited during the reporting period and found to be inconsistent with the established requirements;
the process was not audited during the reporting period (process with an undetermined level of performance compliance).

The significance of the process is established based on the degree of its influence on the achievement of the organization's goals in the field of quality in the period under review.

QMS audit is designed for a comprehensive verification of its compliance with the requirements of GOST R ISO 9001 and efficiency. It allows you to assess the ability of the organization to produce products of stable quality, improve quality in accordance with specified requirements.

QMS audit can be used for both internal and external purposes. Its goals, objectives and procedures should be harmonized with international practice in this field of activity. The ISO 9000 series emphasizes audit as a management method for monitoring and verifying the effectiveness of the implementation of an enterprise's quality policy. In addition, audits are part of the conformity assessment activities for QMS certification, supplier assessment and inspection control.

QMS audits are carried out by experts (auditors) on the basis of relevant audit programs and plans.

Auditors should be guided by the principles of auditing contained in Sec. 4 GOST R ISO 19011:

ethical behavior is the basis of professionalism;
impartiality - the obligation to present truthful and accurate reports;
professional due diligence and the ability to make the right decisions when conducting an audit;
independence - the basis of impartiality and objectivity of the conclusions based on the results of the audit;
an approach based on evidence that the reasonable basis for reaching reliable and reproducible audit conclusions is through a systematic audit process.

The implementation of these principles makes the audit an effective and reliable method of maintaining management's quality policy.

There are internal audits (first party audits) and external audits (second and third party audits).

Internal audit carried out by the personnel of the organization in which the audit is carried out. The initiator of its implementation is the audited organization itself.

External audits conducted by a second party, are carried out at the initiative of the parties interested in the results of the organization's activities. These may be, for example, consumers who want to check the supplier's QMS with the help of their own auditors, as well as other interested parties.

External audits conducted by a third party, carried out by external independent organizations in order to certify the QMS for compliance with the requirements of GOST R ISO 9001.

Comprehensive audit- audit of the QMS and environmental management, carried out simultaneously.

Joint audit- audit of the audited organization, conducted simultaneously by two or more organizations.

audit program. Based on the objectives of the organization in the field of quality management and the resources used, management decides on the objects of audits and their content. Compiled audit program, involving one or more audits. For example, an organization's audit program may contain several internal QMS audits conducted in the current year, certification (registration) audits, as well as inspection audits conducted by the QMS certification body as a third party. The program should be developed taking into account the status and importance of the processes and other objects to be audited, as well as taking into account the results of previous audits.

When drawing up the program, special attention is paid to the competence of the audit team. The selection of auditors and the conduct of audits should ensure the objectivity and impartiality of the audit process. Auditors should not audit their own work. If the auditors in the audit team do not have the necessary knowledge and experience, then technical experts are included in the team. Technical experts work under the supervision of the auditors and are not members of the audit team.

An annual audit schedule and a plan for each audit are part of the audit program. The annual plan indicates: which unit and when should be checked; the purpose of the audit and its scope; used normative documents; guidance on planning and conducting audits. The audit plan form is shown in Appendix 10.

Each audit includes the following steps:

organization of the audit;
document analysis;
preparing and conducting on-site audits;
preparation, approval and distribution of the audit report (act);
completion of the audit and action on its results.

Conducting an audit. Each of the stages of the audit includes

the actions shown in fig. 9.1. Their content is described in detail in GOST R ISO 19011. In parentheses of each block of fig. 9.1 indicates the paragraph numbers of this standard, containing the requirements for the relevant stages of the audit.

Rice. 9.1.

Attention should be paid to the differences in the concepts of "internal audit" and "self-assessment". Self-assessment is a thorough assessment, usually carried out by the management of the organization, the result of which is an opinion or judgment about the effectiveness and efficiency of the organization and the level of maturity of the QMS. Its results can be used by the organization to compare its performance with the best achievements of external organizations and the highest world achievements in the relevant field. Internal audits are used to obtain objective evidence that an organization's QMS is effective and efficient.

To maintain the effective functioning of the quality management system at the enterprise, it is necessary to organize an audit.

An audit is understood as a systematic, independent documented process of obtaining audit (verification) evidence and its objective evaluation in order to establish the degree to which the agreed audit (verification) criteria are met.

Within the framework of the QMS, the audit is associated with the solution of three main tasks:

o quality related activities must comply with the planned requirements (the basis is the standard);
o requirements must be consistent with the achievement of goals;
o Requirements must actually be met. There are the following types of audit within the QMS:
- 1) system audit;
- 2) methodical audit;
- 3) product audit.

System audit may take the following forms:

o internal audit (the organization itself checks its own QMS for compliance with MC ISO 9000,14000 series);
o external audit by the client (the client audits the supplier's QMS);
o external certification audit (an independent organization carries out an audit for the purpose of QMS certification).

The significance of a system audit lies in the fact that through internal audits, at regular intervals, all parts of the enterprise are checked for their compliance with quality management measures. This is done in order to determine the optimal level of purposeful and active action to prevent nonconformities.

Internal system audit - a tool for monitoring the QMS; it is carried out in the following areas:

o the purposefulness, conformity and effectiveness of all quality management activities of the entire system are checked;
o checks halfway of documenting quality management activities;
o Compliance with the requirements of ISO 9000, 14000 standards is being investigated.

At the same time, proposals are put forward on measures to correct and improve the quality of products, processes and systems.

Methodical audit (audit of processes) conducted to check processes, including production or their methods. This is especially true for methods in which the quality of the product cannot be determined during the processes themselves, for example, during welding, soldering, casting, hardening, galvanization.

Methodical audit is carried out:

o to confirm the direct or indirect parameters of the quality management process and to identify opportunities for improving the quality of this method;
o ensuring the necessary registration of signs of process quality;
o systematic improvement of process control during production.

A methodical audit refers to methodological recommendations related to this, work instructions, as well as documentation for its control.

Product audit serves to check the compliance of the product performance with certain requirements (at certain stages of production). To do this, the quality of the constituent elements of the final result groups is carried out in conjunction with tests, for example, manufacturing documents, the manufacturing process, including the equipment and controls used. Product audit is carried out:

o for additional independent verification of the quality level;
o additionally ensuring the fulfillment of certain quality requirements, identifying opportunities for improving the quality of the product, determining the quality level of the units provided for testing;
o determining the capacity of the testing laboratory;
o determining the feasibility of testing.

For enterprises, an internal audit plays a special role, the purpose of which is to assess the enterprise's QMS for compliance with the requirements of ISO 9000. In this regard, it is necessary to determine: whether the quality management elements meet certain requirements; Are quality objectives being achieved? whether the legal regulations are being followed. At the same time, it is equally important to obtain confirmation of both compliance and non-compliance of the QMS with the requirements of the standard.

Internal audit at the enterprise is permanent and systematic. For its implementation, an internal audit group of the QMS is created at the enterprise. The head of internal audit is responsible: for the formation and implementation of the audit plan; providing a report on its results to the management of the enterprise.

Auditors should:

o have documents confirming the completion of the general and special training programs;
o have at least four years of work experience, of which at least two years must be in quality management;
o have experience in conducting audits;
o work for at least 20 days in a group of auditors;
o participate in quality management system document reviews;
o take part in audits and reporting on their results.

In addition, auditors must also have certain personal qualities (be able to realistically evaluate facts; be objective; be able to communicate with people; be able to draw conclusions, etc.).

The audit team leader must be an experienced auditor, have experience in conducting at least four audits and have organizational skills.

The audit plan (audit plan) must be drawn up by the head of the audit team and approved by the management of the enterprise.

For all departments involved in the audit, the need for time to pass the audit is determined. On fig. 9.3 presents the process of conducting a quality audit at the enterprise.

Rice. 93.

When conducting an audit, it is recommended to develop questionnaires on the basis of which it is necessary to conduct a survey and evaluate the results. The audit questionnaire should be drawn up on the basis of the requirements or recommendations of the applicable international standard (ISO 9000,14000). Approximately 200 audit questions are sufficient to evaluate the quality management system. When developing a questionnaire, you can use the scheme shown in Fig. 9.4.

Rice. 9.4.

Don't think of it on purpose

During the audit of the quality management system of the enterprise, the auditor asked a question that caused the original answer:

Where is your quality guide?
- There is.
- Can I see him?
- No, he comes only at 10:00.

When planning an audit, it is necessary to draw up other working documents or forms, for example: audit protocols for documentation of audit results and deviations, which mainly relate to the list of questions; documentation deviation materials and their significance; audit reports that provide information on the findings and formulate improvement actions.

The audit report should contain:

o a detailed audit plan, the exact details of the staff who conducted the audit and the quality officer of the audited organization, the timing of the audit and the exact name of the audited organization;
o the exact name of the documents on the basis of which the audit was carried out;
o detected inconsistencies and deviations;
o the opinion of the audit team on the extent to which the audited organization complies with the requirements of the applicable quality management standard and related documents;
o the opinion of the audit team on whether the QMS is capable of meeting the quality objectives.

The audit report is a confidential document and is transferred to the head of the enterprise, as well as to the responsible persons of the audited departments, therefore, a list of persons allowed to work with the audit report must be compiled. The storage of the audit report is carried out, as a rule, in accordance with the procedure for storing documents in the enterprise.

Based on the results of the audit, corrective measures are taken to improve the functioning of the QMS.

3. Regulatory references

ISO 9000:2005 - “Quality management systems. Fundamentals and vocabulary.

ISO 9001:2008 - “Quality management system. Requirements".

ISO 19011:2002 - "Guidelines for the verification of quality management systems and (or) environmental protection."

4. Terms, abbreviations and symbols

Terms and Definitions:

Audit (verification) - a systematic, independent and documented process of obtaining audit evidence and their objective evaluation in order to establish the degree of implementation of agreed criteria (ISO 9000:2005).

Auditor - a person who has demonstrated the personal qualities and competence necessary to conduct an audit (ISO 9000:2005).

Group of auditors - one or more auditors conducting the audit with the involvement (if necessary) of technical specialists.

Applied abbreviations:

DP - documented procedure

QMS - quality management system

Legend:

Branching/Merging Process Operations

5. Description of the process

5.1 General provisions

QMS audit at KPMS is carried out in order to:

determine the level of QMS compliance with the requirements of ISO 9001:2008;
determine the level of compliance of the QMS with the requirements of internal regulatory documents.

The audit can be carried out as scheduled (based on the annual audit plan) and unscheduled (based on the order of the General Director).

The frequency of a scheduled audit should be at least once every six months.

The authorized person for quality is responsible for organizing audits.

The lead auditor is responsible for conducting audits.

The annual internal audit plan is developed and approved no later than December 20. The annual plan of internal audits is developed by the Quality Commissioner. When planning internal audits of the QMS, a mandatory check of each of the departments, each of the processes and each of the requirements of ISO 9001:2008 is provided.

Before each audit, an audit schedule is developed. The schedule is developed one week before the date of the audit.

To conduct internal audits, a lead auditor, auditors and technical specialists are appointed from among the company's employees. Candidates for the lead auditor and auditors are determined by the Quality Commissioner. The appointment of the lead auditor and auditors is carried out by order of the general director for personnel. The order may indicate the date of appointment. If the term is not specified, then the lead auditor (auditors) is considered to be appointed indefinitely and loses its status as an auditor only on the basis of the order of the general director on the appointment of a new lead auditor (auditor) or upon dismissal from the company.

Technical specialists are appointed (if necessary) for each audit on the proposal of the lead auditor. The appointment of technical specialists is carried out in the order for the organization to conduct an internal audit.

When scheduling the audit, the distribution of auditors and technicians to the objects of audit should exclude the possibility of them checking the departments in which the auditors and technicians work.