Questions for Auditing Utilizing a Process Approach

Whether facing a surveillance audit from a certification body or preparing for an internal audit – knowing what you face and being prepared puts you a step ahead.  Review this checklist which covers the majority of the QMS requirements.

1)  Who or what are the:

  • Processes
  • Process Owner
  • Personnel Interviewed
  • Documentation Reviewed
  • Records Sighted

2)  What are the resources needed for the process?

3)  Are these resources appropriate?

4)  Are authorities and responsibilities for required resources defined, documented and known

throughout the organization?

5)  Are these persons competent?

6)  Are competency criteria defined? What are these criteria? How is competency evaluated,

approved and monitored, and by which method(s)?

8)  Are these methods effective? – refer to outputs

9)  Are the resources adequate? Which are they?

10) Are records available and appropriately maintained?

11) What are the inputs to this process?

12) Are these inputs documented and reviewed by competent persons?

13) Is a description of the processes available and documented?

14) Are these descriptions controlled? – Verify the effectiveness of the organization’s

documented information control procedure.

15) Who are the “customers” (internal and external) of the processes?

What are the requirements of these customers?

17) What are the characteristics of the intended results of the process?

18) What are the characteristics of the unintended results of the process?

19) Are correction and corrective action applied as appropriate?

20) What are the criteria for monitoring, measurement and analysis?

21) How are these criteria incorporated into the planning of the processes?

22) Are the business performance issues taken into proper account?

23) What methods are used for data gathering?

24) What records are kept and how these are maintained?

25) What are the communication channels?

26) How is external and internal information about the process provided?

What are the outputs of the process? – Identify outputs.

28) Do these outputs provide evidence of effective implementation of the process?

29) How is process performance monitored?

30) Are appropriate controls defined?

31) What measurements are applied?

32) How is the gathered information analyzed?

33) How are the results of the analysis taken into account?

34) How is feedback obtained?

35) What data is collected?

36) Is the issue of improvement of the processes properly addressed? How?

What are the results?

 

Source:  Eagle Certification Group – 2017 Annual Bootcamp/Conference

SimpleQuE offers free sample manufacturing process audit checklists for AS9100, ISO 9001 and IATF 16949 which can be used as an example to examine a company’s key manufacturing process and prepare your company for the highest quality internal auditing possible.

Links to Sample Manufacturing Process Audit Checklists:

IATF 16949 Checklist

AS9100 Checklist

ISO 9001 Checklist

Sign Up For Our Newsletter

Look Fors – Part 1: Context of the Organization

Research

What are 3rd party auditors looking for?  This is the first of a three part series by Jim Lee, President of simpleQuE

Clause 4 of Annex SL – Context of the Organization

This is the cornerstone of a management system and the business’ strategic direction.  An organization needs to identify internal and external issues that can impact its intended outcomes, as well as all interested parties and their requirements.  It needs to document its scope and set the boundaries of the management system to line up with business objectives.

The context doesn’t have to be documented, so 3rd party auditors (as well as internal auditors) will be asking questions of various management members, and looking for these as objective evidence that an organization understands its context and considers all the factors and stakeholders affecting the business.  The items listed below don’t have to exist, but if they do, you want to take credit for them in understanding the context.  Some items may not by themselves demonstrate an understanding of the context, but combined with multiple examples, can provide the evidence an auditor is looking for.

  • Business plan
  • Strategic plan
  • SWOT analysis (Strengths Weaknesses Opportunities Threats)
  • Vision and mission statement
  • Process mapping
  • External parties identified
  • Lesson learned
  • Surveys
  • Internal meeting minutes to determine company goal setting
  • Metrics to measure effectiveness of QMS
  • Process turtle diagrams
  • Process flow plans
  • Quality manual

Not that all of the elements listed above will be needed, but organizations may risk failure if they do not:

  • Identify or understand their primary competitors
  • Mention civic responsibility
  • Consider future business trends
  • Identify all customer requirements
  • Identify local/state/national requirements
  • Identify required outputs needed for internal customers
  • Identify uncertainties like negative risks or positive opportunities
  • Determine the processes used to flow the business from quote to delivery
  • Identify outsources processes
  • Establish process goals

 

Coming in future articles – what auditors are looking for in regard to Leadership and Risk.