2020‐04‐06
Welcome to your CQI and IRCA Certified
ISO 9001:2015 Lead Auditor (Quality Management System) Training Course
ATP No. 01199944 has been independently assessed and approved by the CQI and
IRCA. This means they have the processes and systems in place to deliver certified
courses to the highest standard.
About the CQI and IRCA
The CQI is the only chartered professional body dedicated entirely to quality.
IRCA is its specialist division dedicated to management system auditors.
Find out more about the CQI and IRCA at www.quality.org
We hope you enjoy your course.
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
WELCOME TO
RESOURCE INSPECTIONS CANADA INCORPORATED
ATP No. 01199941
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
1
2020‐04‐06
Quality
Management
System
ISO 9001:2015
Lead Auditor
Training Course
CQI & IRCA
Certified Training
Course No # 18019
Resource
Inspections
Canada Inc.
2
2020‐04‐06
Welcome & Introduction
Facility briefing, introduction, expectations, performance evaluation
Facility Briefing
3
2020‐04‐06
Expectations
Course Tutor
Hamza Khalid

BS and MBA

IRCA Certified Lead Auditor

QMS

EMS

OH&S

FSMS

17025

BCMS

ISMS

CISA Certified Auditor

Saudi Aramco Approved Auditor

Management System Auditor
4
2020‐04‐06
Learners
•
Introduction.
•
Attendance (use block letters).
•
Make your name cards.
•
Check out your:
o
Student manual.
o
Copy of ISO 9001 Standard.
o
Copy of ISO 19011: 2018 Standard.
o
Workshop material.
Course Objectives
Knowledge:

Knowledge about Quality Management
System (QMS) auditing and third-party
certifications.

Knowledge about Risk Management
System.

Knowledge about QMS purposes and
benefits.
Auditing Skills:

Application of the auditing principles.

Audit process.

Audit documentation.
5
2020‐04‐06
Continuous Assessment Process
During the course, the
tutor will continually
evaluate the learners’
performance based on
class assessment.
learners shall
demonstrate
satisfactory performance
in achieving the
learning objectives and
assignments.
By: Hamza Khalid; hamza@ricionline.com
Attendance is
mandatory through
out the course
A non responsive learner
may be provided with
additional coaching
outside the formal
training hours to catch
up with the rest.
Any extended breaks
or absence during the
course might affect the
result of the
assessment, grades
and issuance of the
certificate.
9001:15-LA-SL Rev.01 Date: Jan 2019
Continuous Assessment Process
Grading System:
The performance of each learner will be assessed against
the appropriate learning objectives and then a grade is
awarded as follows:
Excellent
Good
Satisfactory
Fail
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
6
2020‐04‐06
Written Examination

2 hours duration for natives (English).

2-1/2 hours duration for non-natives.

Passing continuous assessment is a pre-requisite
to take the examination paper.

Where the exam passing grade is 70; 50 for
every section in the exam (1,2,3,4).
Certificate of Achievement

This certificate will be awarded to learners who attended
and successfully pass both continuous assessment and the
written examination.

The certificate is valid for a period of five years from the
initial date of course.
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
7
2020‐04‐06
Certificate of Attendance

This certificate will be issued to all the participants
who attended the complete course with a minimum
satisfactory grade in the continuous assessment but
were unable to pass the written examination.
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Evaluation of the Organization & its Context
Session 1
Session 1
9001:15-LA-SL Rev.01 Date: Jan 2019
8
2020‐04‐06
Evaluation of the
Organization
Session 1

Type of the Organization.

Purpose of the Organization.

Size of the Business.

Business Resources.

Business Model.

Business Boundaries.

Business Opportunities.

Business Operations.

Business Issues.

Interested Parties Requirements.
9001:15-LA-SL Rev.01 Date: Jan 2019
Type of the
Organization






Session 1
Profitable.
Charity.
Public.
Private.
Corporate.
Business sector.
9001:15-LA-SL Rev.01 Date: Jan 2019
9
2020‐04‐06
Purpose of the
Organization







Products and services.
Mission.
Vision.
Policies.
Objectives.
Values.
Culture.
Session 1
9001:15-LA-SL Rev.01 Date: Jan 2019
Size of the
Business




Session 1
Number of employees.
Management sites.
Functional sites.
Complexity of the processes
(technology, employee).
9001:15-LA-SL Rev.01 Date: Jan 2019
10
2020‐04‐06
Business
Resources
 Human resources.
 Infrastructure, including
buildings, utilities, process
equipment, monitoring and
measurement equipment, work
environment & raw materials.
 Documented information.
 Knowledge of the organization.
Session 1
9001:15-LA-SL Rev.01 Date: Jan 2019
Business
Model
Session 1

Brokerage.

Freemium.

Leasing.

Pay as you go.

Product and service.

Subscription.
9001:15-LA-SL Rev.01 Date: Jan 2019
11
2020‐04‐06
Business Boundaries

Location.

Facilities (e.g. production sites) including remote
facilities which are part of the Quality Management
System.
Session 1
9001:15-LA-SL Rev.01 Date: Jan 2019
Business Opportunities
Session 1

Launching new products and services.

Opening new market.

Addressing new customers.

Building partnership.

Adoption of new technology.

Fostering new practices or standards.

Other possibilities to address customer needs.
9001:15-LA-SL Rev.01 Date: Jan 2019
12
2020‐04‐06
Business Operations
Marketing
Sales
Preservation
Design
Purchase
Documentation/Invoicing
After sale service
Recycling
Production
Transportation
Inspections
Delivery
Product Release
Payment
Disposition
9001:15-LA-SL Rev.01 Date: Jan 2019
Session 1
Business Issues
Risks & Opportunities
Session 1

Internal Issues.

External Issues.
9001:15-LA-SL Rev.01 Date: Jan 2019
13
2020‐04‐06
Internal Issues (Context)
Vision
Leadership
style
Mission
Policies
Staff
Values
Objectives
Knowledge of the
organization
Strategy
Structure
Performance of the
organization
Session 1
9001:15-LA-SL Rev.01 Date: Jan 2019
External Issues (Context)
Political
Session 1
Economic
Social
Technology
Environment
Legal
Demography
9001:15-LA-SL Rev.01 Date: Jan 2019
14
2020‐04‐06
Interested Parties Requirements

Interested parties and their
needs and expectations.
Session 1
9001:15-LA-SL Rev.01 Date: Jan 2019
Interested Parties Requirements
Interested parties
Owners
Bankers
Leaders
Organization
Customers
Society
Competitors
Suppliers
Community
Interested parties’
needs
Session 1
Interested parties’
expectations
9001:15-LA-SL Rev.01 Date: Jan 2019
15
2020‐04‐06
Scope of QMS (4.3)


To determine the scope of QMS:

External and internal issues that need to be
considered.

Requirements of the relevant interested parties that
need to be considered.

The product and services of the organization.
The scope should be available and maintained as
documented information.
Session
By: Hamza
1
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Quality Management System Processes (4.4)
Management
Processes
Procurement
Processes
Session
By: Hamza
1
Khalid; hamza@ricionline.com
Planning
Processes
Support
Processes
Production
Processes
Quality
Processes
Business
Processes
Engineering
Processes
9001:15-LA-SL Rev.01 Date: Jan 2019
16
2020‐04‐06
Context of Organization (Clause 4)
Context of the
Organization
Clause 4.1
Maintain
documented
information to
support the
process of its
operations
Quality
Management
System and its
Processes
Clause 4.4
Retain documented
information to have
confidence that
processes have been
carried out as per the
planned
arrangements
Maintain
documented scope
of QMS
Session
By: Hamza
1
Khalid; hamza@ricionline.com
Context of the
Organization
Clause 4
Internal & external issues
Requirements of
Interested Parties
Clause 4.2
Requirements and
expectations of
the interested
parties
Determining the
Scope of Quality
Management
System
Clause 4.3
9001:15-LA-SL Rev.01 Date: Jan 2019
Context of the Organization
Workshop 1
GOTO BREAKOUT Activity
17
2020‐04‐06
Risk Management
Session 2
Session 2
9001:15-LA-SL Rev.01 Date: Jan 2019
Risk & Opportunities

Risk is “the effect of uncertainties
on the objectives”

Opportunity is “situation or
condition favourable for attainment
of a goal”
Session 2
9001:15-LA-SL Rev.01 Date: Jan 2019
18
2020‐04‐06
Risk Management Process
•
Context Establishment.
•
Risk Assessment:
•
•
Risk Identification.
•
Risk Analysis.
•
Risk Evaluation.
Risk Treatment.
Based on ISO 31000.
Session
By: Hamza
2
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Risk Assessment
Risk assessment is the overall
process of risk identification, risk
analysis and risk evaluation.
Risk Analysis
Risk
Identification
Risk Assessment includes:
1.
Risk Identification.
2.
Risk Analysis.
3.
Risk Evaluation.
By: Hamza Khalid; hamza@ricionline.com
Risk Evaluation
9001:15-LA-SL Rev.01 Date: Jan 2019
19
2020‐04‐06
Risk Identification
Risk identification is the process of
finding, recognizing and describing
risk.
Note: Risk identification involves
the identification of risk source,
event and their potential
consequences.
Note: Risk identification can
involve historical data, theoretical
analysis, informed and expert
opinions and stakeholders needs.
Session
By: Hamza
2
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Risk Analysis
The process to comprehend the
nature of risk and to determine
level of risk.
Example
Risk = Likelihood x consequences
5 x 5 = 25
Session 2
9001:15-LA-SL Rev.01 Date: Jan 2019
20
2020‐04‐06
Risk Evaluation
The process of comparing the
results of risk analysis with risk
criteria to determine whether the
risk is acceptable or tolerable.
Risk Criteria:
Terms of reference against which
the significance of risk is
evaluated.
Session 2
9001:15-LA-SL Rev.01 Date: Jan 2019
Risk Treatment
Process of selecting and applying controls to treat risk.
Risk Avoidance
• The activity or condition that gives rise to the particular
risk should be avoided. Example: eliminating the risk
source or changing the process.
• Risk Reduction
• Reduce the risk by changing the likelihood or
consequences of the risks.
• Risk Acceptance
• Accepting the Risk. Retaining the risk by informed
decision.
• Risk Transfer
• The risk is transferred to another party that can most
effectively manage this particular risk depending on risk
evaluation.
•
Session 2
9001:15-LA-SL Rev.01 Date: Jan 2019
21
2020‐04‐06
Risk Based
Thinking
Risk Based Thinking

Risk-based problem solving
(R&O identification).

Risk-based decision-making
(Actions to address R&O).
QMS Processes,
Policies
Information Assets
Value Creation
Data
Business Processes, Assets
Wisdom
Information
Knowledge
Session 2
9001:15-LA-SL Rev.01 Date: Jan 2019
Clause 6 Planning
Maintain
documented
information about
objectives
Planning of
Changes
Clause 6.3
Session
By: Hamza
2
Khalid; hamza@ricionline.com
Quality Objectives and
planning to achieve them
Clause 6.2
Planning 6
Action Plan
Actions to Address
Risk and
opportunities
Clause 6.1
Risk and
Opportunities
Identification
9001:15-LA-SL Rev.01 Date: Jan 2019
22
2020‐04‐06
Identification of Risk &
Opportunities Clauses
Workshop 2
Session 2
9001:15-LA-SL Rev.01 Date: Jan 2019
Lunch Break
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
23
2020‐04‐06
Quality Management
Systems
(ISO 9001)
Session 3
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
QMS - Family of Standards
Session 3
Vocabulary
Standard
ISO 9000
Quality Management System - Fundamentals and vocabulary
Requirement
Standard
ISO 9001
Quality Management System - Requirements
Guidelines
Standard
ISO9004
Quality management system - Managing Sustained
Success
9001:15-LA-SL Rev.01 Date: Jan 2019
24
2020‐04‐06
QMS Benefits
•
A structured framework.
•
Assistance to management.
•
Global acceptance.
•
Common language.
•
Stakeholders confidence.
•
Satisfy customer needs.
•
Effective economic management.
•
Improved profile and credibility.
•
Ensure compliance with the law.
•
Improved profits.
•
Ensure continuous operation.
•
Competitive advantage over competitors.
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
Value
Input
Process
Output
RBT
P

Process Approach enables an organization to plan its
processes and their interactions.

PDCA cycle enables an organization to ensure that its
processes are adequately resourced and managed, and that
opportunities for improvement are determined and acted on.

Risk-based thinking enables an organization to determine the
factors that could cause its processes and its Quality
Management System to:

Deviate from the planned results

Put in place preventive controls

Minimize negative effects.

Session
By: Hamza
3
Khalid; hamza@ricionline.com
Make maximum use of opportunities as they arise.
9001:15-LA-SL Rev.01 Date: Jan 2019
25
2020‐04‐06
QMS Framework
QMS Framework
Principles
Structure
Processes
approach
QMS Cycle
Session
By: Hamza
3
Khalid; hamza@ricionline.com
Principles
1. Customer
focus.
2. Leadership.
3. Engagement
of people.
4. Process
approach.
5. Improvement.
6. Evidencebased decisionmaking.
7. Relationship
management.
Session 3
Risk Management
9001:15-LA-SL Rev.01 Date: Jan 2019
Structure
QMS
PDCA Cycle
Risk-based Approach
& Process approach
Annex SL
Plan
Risk-based
Thinking
1. Scope
2. Normative
reference
3. Terms &
definitions
4. Context of the
organization
5. Leadership
6. Planning
7. Support
8. Operations
9. Performance
10. Improvement
Do
1. Risk Identification
2. Risk Analysis
3. Risk Evaluation
Check
Act
• Risk treatment
9001:15-LA-SL Rev.01 Date: Jan 2019
26
2020‐04‐06
Common Terminology
High Level
structure
Identical
Text
Written for ISO
Technical committees
Clauses (10)
Appendices (3)
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
A
N
N
E
X
S
L
Session 3
Scope &
Purpose
Clause 1
Leadership
Clause 5
Performance
measurement
Clause 9
Normative
Reference
Clause 2
Planning
Clause 6
Improvement
Clause 10
Terms &
Conditions
Clause 3
Context of
the
organization
Clause 4
Support
Clause 7
Operations
Clause 8
I
S
O
9
0
0
1
9001:15-LA-SL Rev.01 Date: Jan 2019
27
2020‐04‐06
Quality Management System
Principles
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
1. Customer Focus
Leaders are supposed to
ensure that the entire
organization shall understand
the importance of meeting
customer requirements
Session
By: Hamza
3
Khalid; hamza@ricionline.com
This message
shall be
communicated
using possible
means of
communications
9001:15-LA-SL Rev.01 Date: Jan 2019
28
2020‐04‐06
1. Customer Focus (Clauses)
Communicating
the Quality Policy
Clause 5.2.2
Communicating the
Quality Objectives
Clause 6.2
Customer Focus
Clause 5.1.2
Customer
Communications
Clause 8.2.1
Policy
Clause 5.2
Quality Objectives
& Planning to
achieve them
Clause 6.2
Customer
Satisfaction
9.1.3
Session
By: Hamza
3
Khalid; hamza@ricionline.com
Determining
Customer
Requirements for
Products and
Services
Clause 8.2.1
9001:15-LA-SL Rev.01 Date: Jan 2019
2. Leadership
What I need and how can I get it done
Ensuring Commitments:
Promoting, communicating, engaging
motivating and supporting people of
the organization.
Communicating Intentions:
Mission, vision, values, policies,
objectives.
Communicating Directions:
Intended results, conformity of
products and services, customer
satisfaction.
Leading the OrganizationCommanding and Controlling:
Prevent undesired results by
addressing risks and opportunities.
Session
By: Hamza
3
Khalid; hamza@ricionline.com
Transforming the Organization:
by continual improvement.
Crisis Management
Accepting Blames:
Accountability in case of leadership
lapses.
9001:15-LA-SL Rev.01 Date: Jan 2019
29
2020‐04‐06
2. Leadership (Clauses)
Leadership Commitment
Clause 5.1.1
Customer Focus
Clause 5.1.2
Leadership
Clause 5
Establishing Quality Policy
Clause 5.2.1
Communicating Quality
Policy
Clause 5.2.2
Organizational Roles and
Responsibilities
Clause 5.3
Management Reviews
Clause 9.3
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
3. Engagement of People (Resources)
Innovation
Motivation
Caring
Sharing
Education,
qualification,
experience,
training, skills
Training
Accountability
Core competence
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
30
2020‐04‐06
3. Engagement of people (Clauses)
Support
Clause 7
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
4. Process Approach
Value
Input
Process
Session 3
Output
P
Organizations need to identify and manage many activities,
processes and systems, in order to function effectively and
efficiently. Any Process using resources needs to be managed to
enable the transformation of inputs into outputs using set of
interrelated activities, this is known as the Process Approach.
The output from one process can directly form the input to
another process and generally this transformation is carried out
under planned and controlled conditions. The application of a
system of processes within an organization, together with the
identification and interactions of these processes, and their
management can be referred to as the Process Approach.
9001:15-LA-SL Rev.01 Date: Jan 2019
31
2020‐04‐06
4. Process Approach
(Cont’d)
QMS and its
Processes
Clause 4.4
The application of the process approach in a Quality Management System
enables:
a) Understanding consistency in meeting customer requirements.
b) The consideration of a process in terms of added value.
c) The achievement of effective process performance.
d) The improvement of processes based on the evaluation of data and
information.
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
4. Process Approach
KPI
KPI
Marketing
Sales
Business Process
Approach
Design
Conforming
Output
Preservation
Transportation
Customer
Purchase
Operations
Output
Inspections
KPI
Session 3
Nonconforming
Output
9001:15-LA-SL Rev.01 Date: Jan 2019
32
2020‐04‐06
Dr. Shewart’ Cycle (PDCA)
Intended results
achieved
Nonconformity
Process
owner
Intended
results
Proposed
corrections
Applications
of proposed
corrections
Check/inspect
Undesired
results achieved
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
5. Evidence based decision making
A proper analysis is
mandatory to make smart
decisions
Management reviews
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
33
2020‐04‐06
5. Evidence-based Decision-making (Clauses)
Analysis and Evaluation
Clause 9.1.3
Management Review
Clause 9.3
Internal Audits
Clause 9.2.2
Corrective Actions
Clause 10.1
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
6. Relationship Management
Relations with
Manufacturers
Suppliers
Dealers
Vendors
Contractors
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
34
2020‐04‐06
6. Relationship Management (Clauses)
Requirements for Products &
Services
Clause 8.2
Control of Externally
Provided, Processes, Products
and Services
Clause 8.4
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
7. Improvement
Corrective Actions
Innovation
Breakthrough Changes
Reorganization
Continual Improvement
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
35
2020‐04‐06
7. Improvement
10. Improvement
10.1 General
10.2 Non-conformity and
Corrective Action
Session
By: Hamza
3
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Improvement - Corrective Actions
•
Session 3
Corrective actions are improvements to the
organization's processes made to eliminate the
causes of non-conformities or other
undesirable situations. It is a common concept
in ISO Management System Standards. It
focuses on the systematic investigation of
the root causes of identified problems or
identified risks in an attempt to prevent their
recurrence.
9001:15-LA-SL Rev.01 Date: Jan 2019
36
2020‐04‐06
Improvement - Innovation
New requirements
+
=
Better Solutions
Session 3
Innovation
9001:15-LA-SL Rev.01 Date: Jan 2019
Improvement - Reorganization
•
Reorganization, in a business context,
is an overhaul of a company's internal
structure. Purposes of reorganization
include improving efficiency, cutting
costs, repositioning the business, and
dealing with corporate changes such
as mergers and acquisitions.
The restructuring may involve
changes to departments, business units
and employee roles, and often includes
significant layoffs.
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
37
2020‐04‐06
Improvement – Breakthrough Change
Breakthrough Change
Individual
Skills
Team
Performance
Organization
Culture
Leads to
Dynamic Change
Session 3
9001:15-LA-SL Rev.01 Date: Jan 2019
Continual Improvement
•
•
•
Session 3
A Continual Improvement Process, is an
ongoing effort to improve products, services, or
processes.
These efforts can seek "incremental"
improvement over time or "breakthrough"
improvement all at once.
Delivery (customer valued) processes are
constantly evaluated and improved in terms of
their efficiency, effectiveness and flexibility.
9001:15-LA-SL Rev.01 Date: Jan 2019
38
2020‐04‐06
Leadership and
Planning
Session 4
Session 4
9001:15-LA-SL Rev.01 Date: Jan 2019
Leadership Clause 5
Leadership &
Commitment
Clause 5.1
Organization Chart &
Responsibility Matrix
Organizational Roles,
Responsibilities &
Accountabilities
Clause 5.3
General
Clause 5.1.1
Leadership
Clause 5
Retain
Documented
Information for
the Policy
Communication
Communicating
the Quality Policy
Clause 5.2.2
Establishing the
Quality Policy
Clause 5.2.1
Session 4
Customer
Focus
Clause 5.1.2
Quality
Policy
Clause 5.2
Maintain
Documented
Quality Policy
9001:15-LA-SL Rev.01 Date: Jan 2019
39
2020‐04‐06
Leadership
•
Top management shall demonstrate leadership and commitment with respect to the Quality
Management System.
•
Accountability of the effectiveness of the QMS.
•
Quality Policy.
•
Quality Objectives.
•
Integration of QMS with Business management system.
•
Process approach.
•
Provision of adequate resources.
•
Communicating the opportunities of following QMS requirements and risks for not following
them.
•
Ensuring QMS achieves its intended results.
•
Engaging and directing, supporting people towards achieving the effectiveness of QMS.
•
Promoting improvement.
•
Supporting other functions.
Session
By: Hamza
4
Khalid; hamza@ricionline.com
Customer Focus
• Determining, understanding and complying with
customers, and regulatory requirements consistently.
• Identification and addressing risk and opportunities that can
affect conformity of the products and services.
• Ability to enhance customer satisfaction is supposed to be
determined and addressed.
• Focus on enhancing customer satisfaction should be
maintained.
Session 4
9001:15-LA-SL Rev.01 Date: Jan 2019
Senior Management (e.g. COO,
CEO, CSO and CFO)
Line Managers
Chief Information Security
Officer
Information Security Committee
(member of)
Information Security Planning
Team (member of)
Stakeholder
System administrator
IT Manager
Physical Security
Risk Management
Legal Advisor
Human Resources
9001:15-LA-SL Rev.01 Date: Jan 2019
40
2020‐04‐06
Quality Policy
QMS Policy states the organization’s overall intentions,
directions and commitments, appropriate to the business.
Quality Policy is supposed to be maintained as
‘Documented Information’
• Ensure review of QMS policy.
• Ensure the implementation and communication of the
QMS policy,
• Evaluate the perception of organization with regards
to QMS policy.
• QMS Policy should be available to all the relevant
stakeholders.
Session 4
9001:15-LA-SL Rev.01 Date: Jan 2019
QMS Roles & Responsibilities
Who ensures the effectiveness of QMS?
Who ensures that QMS achieves its intended
outcomes?
Who is reporting performance and how?
Who controls the changes to QMS?
Session 4
Senior Management (e.g. COO,
CEO, CSO and CFO)
Line Managers
Chief Information Security
Officer
Information Security Committee
(member of)
Information Security Planning
Team (member of)
Stakeholder
System administrator
IT Manager
Physical Security
Risk Management
Legal Advisor
Human Resources
Senior Management
(e.g. COO, CEO and CFO)
Line Managers
Senior
Management (e.g. COO,
Corporate
Quality
CEO,
CSO and
CFO)Manger
QA Manager
Line
Managers
Stakeholder
Chief
Information Security
QA/QC Manager
Officer
Assistant Manager
Information
Security Committee
Department
(member
of) Heads
Risk Manager
Information
Security Planning
Legal(member
Advisor of)
Team
Human Resources
Stakeholder
Specialist/Expert
System
administrator
ITExternal
ManagerConsultant
Employee/Staff/User
Physical
Security
Inspector
Risk
Management
Auditor
Legal
Advisor
TrainerResources
Human
9001:15-LA-SL Rev.01 Date: Jan 2019
41
2020‐04‐06
Planning (Clause 6.0)
 Risk and Opportunities.
 Planning to achieve Objectives.
Session 4
9001:15-LA-SL Rev.01 Date: Jan 2019
Planning (Clause 6.0)
Actions to address
Risks & Opportunities
Clause 6.1
Change
management
procedure
Session 4
Risk
management
register
Planning
Clause 6
Planning of
change
Clause 6.3
Maintain a
strategic plan
Quality objectives &
planning to achieve
them
Clause 6.2
Maintain documented
information of the
objectives
9001:15-LA-SL Rev.01 Date: Jan 2019
42
2020‐04‐06
Risk and Opportunities

Risk and opportunities associated
with internal and external issues.

Risk and opportunities associated
with the requirements of interested
parties.
Session 4
9001:15-LA-SL Rev.01 Date: Jan 2019
Planning to Address Risk and Opportunities
Session 4

Organization shall develop an action plan addressing all the
identified risk and opportunities.

When planning for the Quality Management System, the
organization shall consider the internal and external issues,
interested parties needs and expectations, and determine the risks
and opportunities that need to be addressed.

Action taken to address risk and opportunities shall be
proportionate to the potential impact on the conformity of
product and service.
9001:15-LA-SL Rev.01 Date: Jan 2019
43
2020‐04‐06
Quality Objectives
Quality objectives can be derived from:
1. Context of the organization, issues and requirements.
2. Leadership and commitment.
3. Customer focus.
4. Resources.
5. Infrastructure.
6. Work environment.
7. Documentation.
8. Operations.
9. Customer satisfaction.
10. Nonconformity.
11. Corrective actions.
12. Improvements.
Session 4
9001:15-LA-SL Rev.01 Date: Jan 2019
Planning to Achieve Objectives
Organization shall develop action plans to
achieve effectively all the objectives
established by the organization.
Session 4
9001:15-LA-SL Rev.01 Date: Jan 2019
44
2020‐04‐06
Planning for
Change
1.
When the organization determines the need for making changes to
the Quality Management System, the changes shall be carried out in
a planned manner.
2.
Clause 4.4.1 g) Evaluate the Quality Management System processes
and implement any changes needed to ensure that these processes
achieve their intended results.
Session 4
9001:15-LA-SL Rev.01 Date: Jan 2019
Planning for
Change
Session 4
1.
Changes in the context of the organization.
2.
Changes in the leadership process.
3.
Changes in the support processes/Changes in the documented
information.
4.
Changes in the operation processes.
5.
Changes in the requirements of product and service provision.
6.
Changes for production or service provision to ensure conformity.
7.
Changes in the design and development.
8.
Changes in the performance requirements.
9001:15-LA-SL Rev.01 Date: Jan 2019
45
2020‐04‐06
Audit Checklist- Leadership and
Commitment
Workshop 3
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
End of Day 1
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
46
2020‐04‐06
Day 2: Recap
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Support
Session 5
Session 5
9001:15-LA-SL Rev.01 Date: Jan 2019
47
2020‐04‐06
Support (Clause 7)
Retain documented information
Calibration certs
People, Infra, Work Environment,
TMME, Measurement of
traceability, Organizational
knowledge
Maintain procedures
Resources
Clause 7.1
In case calibration standard is not
available retain the basis for the
calibration
Documented
information
Clause 7.5
Retain documented
information,
qualification, education,
experience, training and
skills
Competence
Clause 7.2
Support
Clause 7
Retain records as per
ISO 9001 and that of
organization necessary
for the operations
1.
1.
Internal & external
communication relevant to
Quality Management System
Communication
Clause 7.4
Session 5
Awareness
Clause 7.3
2.
3.
Awareness of quality policy &
objectives.
Employees contribution.
Implication of
nonconforming QMS.
9001:15-LA-SL Rev.01 Date: Jan 2019
Resources (7.1)
5M+1E

People

Infrastructure

Session 5
Buildings, utilities, production machines.

Environment for the operation of processes
(work environment).

Monitoring and measurement resource
(TMME).

Organizational knowledge.

Competence.

Awareness.

Communication.
9001:15-LA-SL Rev.01 Date: Jan 2019
48
2020‐04‐06
7.1.4 Environment for the Operation of Processes
The organization shall determine the environment suitable to
achieve product and services conformity.
Take into consideration:
•
The social work environment.
•
The psychological environment.
•
The physical environment.
Session
By: Hamza
5
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
7.1.5 Monitoring & Measurement Resources
The organization shall determine and provide resources needed to
ensure valid and reliable results by using:
•
Suitable monitoring and measurement equipment.
•
Ensure measurement traceability of equipment.
•
Calibration of equipment.
Session
By: Hamza
5
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
49
2020‐04‐06
7.1.6
Organizational
Knowledge

Knowledge gained from experience.

Knowledge gained from lesson learned.

Knowledge gained by capturing and sharing undocumented
knowledge and experience.

Knowledge gained after analyzing and evaluating results of
improvements in processes, product and services.

Knowledge gained from customers and suppliers.

Knowledge gained from conferences, academia, standards and
codes.

Cumulative knowledge of all above.
Session
By: Hamza
5
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Internal Sources
7.1.6
Organizational
Knowledge
Session
By: Hamza
5
Khalid; hamza@ricionline.com

Intellectual property.

Knowledge gained from experience.

Lessons learned from failures and successful projects.

Capturing and sharing undocumented knowledge and
experience.

The results of improvements in processes, products
and services.
External Sources

Standards.

Academia.

Conferences.

Gathering knowledge from customers or suppliers.
9001:15-LA-SL Rev.01 Date: Jan 2019
50
2020‐04‐06
Risk and
Opportunities
Associated with
the Knowledge of
the Organization

Staff turnover.

Failure to capture undocumented knowledge.

Failure to share available knowledge.

Learning from experience.

Mentoring.

Benchmarking.
Session
By: Hamza
5
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Core Competence
Training
Skills
Experience
Data,
Information,
Knowledge
Core
Competence
Undocumented
Knowledge
Session
By: Hamza
5
Khalid; hamza@ricionline.com
Education
Qualification
9001:15-LA-SL Rev.01 Date: Jan 2019
51
2020‐04‐06
Determine the necessary
competence required for people
doing work under the
organization’s control for QMS
Competence
(7.2)
Ensure they are:
 Knowledgeable.
 Trained.
 Skilled.
 Experienced.
 Educated.
If





not;
Train them.
Perform mentoring.
Reassign current employee.
Hire competent people.
Contract competent people.
Maintain ‘documented information’
as evidence of competence.
Session 5
9001:15-LA-SL Rev.01 Date: Jan 2019
Ensure to create and raise awareness on:
Awareness (7.3)
Session 5
 Quality policy.
 Quality objectives.
 Contribution to the effectiveness of the Quality
Management System.
 Benefits of an improved Quality management system.
 The implications of not conforming with Quality
Management System.
9001:15-LA-SL Rev.01 Date: Jan 2019
52
2020‐04‐06
Internal Communications:
Communications
Internal & external
(7.4)
Session 5





Quality policy and objectives.
Effective QMS.
Roles, responsibilities, authorities, accountabilities.
Audit report to top management.
Reporting performance of the QMS.
External Communications:






Stakeholders.
Regulators.
Customers.
Suppliers.
Bankers.
Creditors.
9001:15-LA-SL Rev.01 Date: Jan 2019
7.5 Documented
Information
a) Creating and updating.
b) Control of documented information.
Session 5
9001:15-LA-SL Rev.01 Date: Jan 2019
53
2020‐04‐06
Documented Information
Workshop 4
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Operations
(Clause 8)
Session 6
Session
By: Hamza
6
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
54
2020‐04‐06
Operations (Clause 8.0)
Operational
Planning and
Controls
Clause 8.1
Control of
Nonconforming
Output
Clause 8.7
Procedure for the
Control of
Nonconforming Output
Procedure for Product
and Service Release
with Acceptance
Criteria
Operational Plan
Product
Requirements
Clause 8.2
Marketing & Sales
Plan
Operations
Clause 8
Release of
Product
Clause 8.6
Production Plan
Product Design
Requirements
Clause 8.3
Production &
Service
Provision
Clause 8.5
Control of
Externally
Provided
Processes &
Products
Clause 8.4
D&D Process
Procurement Plan
Session
By: Hamza
6
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Operational Planning & Control (Clause 8.1)
Retain documented
information to
demonstrate the
conformity of products
and services to their
requirements
Requirements for the
Product and Service
Clause 8.1 (a)
Production
Processes and
their Criteria
Clause 8.1 (b) 1
Documentation
Requirements
Clause 8.1 (e)
Maintain documented
information to have the
confidence that the
processes have been carried
out as per the plan
Operational
Planning &
Controls
Clause 8.1
Product
Acceptance
Criteria
Clause 8.1 (b) 2
Controls to be
Applied
Clause 8.1 (d)
Production
Resources
Clause 8.1 (c)
Session
By: Hamza
6
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
55
2020‐04‐06
Product Requirements (Clause 8.2)
Customer
communications
Clause 8.2.1
Retain documented
information
Retain documented
information
Control of
changes to the
requirements of
product, survive
Clause 8.2.4
Determining the
requirements of
product and services
Clause 8.2.2
Product
requirements
Clause 8.2
9001:15-LA-SL Rev.01 Date: Jan 2019
Design and Development (Clause 8.3)
D&D Process Flow
Diagram
Design and
Development
Process
Clause 8.3.1
Product
Characteristics,
Drawings,
Retain Documented
Information
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Risk assessment for
claims
Review of the
requirements of
product, service
Clause 8.2.3.1
Documentation
requirements Clause
8.2.3.2
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Identification,
Review and
Authorization of
Change
Retain Documented
Information
Product
characteristics,
DD Changes
DD Planning
Clause 8.3.2
Clause 8.3.6
Roles &
Responsibilities
Design &
Development
of the
Products and
Services
Clause 8.3
DD Outputs
Clause 8.3.5
Stages
DD Inputs
Clause 8.3.3
DD Controls
Clause 8.3.4
Organization Chart
Requirements,
Specifications,
Retain Documented
Information
Review,
Verification,
Validation
Retain Documented
Information
9001:15-LA-SL Rev.01 Date: Jan 2019
56
2020‐04‐06
Control over Externally Provided Products (Clause 8.4)
Externally provided
• Process
• Product
• Service
Establish Criteria for
•
•
•
•
Supplier evaluation
Re-evaluation
Selection
Monitoring the performance
of suppliers
General
Clause 8.4.1
Control over
externally provided
process, product,
service
Clause 8.4
Information for
external providers
Clause 8.4.3
Type and extent of
controls
Clause 8.4.2
Session
By: Hamza
6
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Retain documented information segregated and correct.
a) Describe nonconformity b) Describe the action taken
c) Describe any concession obtained d) Identification of the
authority deciding the action in respect of the nonconformity.
Retain documented
information:
a) Evidence of
conformity with
acceptance criteria.
b) Traceability to the
person authorizing
release.
Retain documented information
describing the results of review
of changes, the person
authorizing the change and
necessary actions arising from
the review.
Identification &
Traceability
Clause 8.5.2
Control of
Nonconforming Output
Clause 8.7
Release of Product
Clause 8.6
Production
& Service
Provision
Clause 8.5
Control of Changes
Clause 8.5.6
Actions under warranty provision, contractual
obligations such as maintenance services, and
supplementary services such as recycling or final
disposition.
By: Hamza Khalid; hamza@ricionline.com
Production Plan
Planned Arrangements.
Control of Production
& Service Provision
Clause 8.5.1
Customer Property
Clause 8.5.3
Preservation
Clause 8.5.4
Post-delivery Activities
Clause 8.5.5
Retain documented information
necessary to enable traceability
Batch No, Lot No, Unique ID.
Identify, verify, protect
and safeguard
Retain documented
information.
Identification, handling,
contamination control,
packing, storage,
transportation and protection.
9001:15-LA-SL Rev.01 Date: Jan 2019
57
2020‐04‐06
Control of
Nonconforming
Output,
Products and
Services
Session
By: Hamza
6
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Where does Nonconformities (NC) Originate?
The cause of NC might
be misunderstanding of
customers requirements,
needs and expectations.
Sales and
Marketing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Design
Purchasing
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
58
2020‐04‐06
Where does Nonconformities Originate?
The causes of
nonconformities might
be inappropriate design
solutions.
Sales and
Marketing
Design
Purchasing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
Where does Nonconformities Originate?
Nonconformities can occur
because of errors in the
procurement of purchased
products and services or due to
inadequate quality of incoming
product and services.
Sales and
Marketing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Design
Purchasing
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
59
2020‐04‐06
Where does Nonconformities Originate?
Nonconformities may occur due to
various reasons:
• Inadequate procedures.
• Inadequate tools.
• Workmanship.
• Inadequate methods.
• Untrained workforce.
• Other.
Sales and
Marketing
Design
Purchasing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
Where does Nonconformities Originate?
Inspection can
also make an
error.
Sales and
Marketing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Design
Purchasing
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
60
2020‐04‐06
Where does Nonconformities Originate?
After the customer
has accepted the
product, we can no
longer control
nonconformities.
Sales and
Marketing
Design
Purchasing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
Where are Nonconformities Detected?
Failures made in sales
and marketing that
become evident as
nonconformities in
design process.
Sales and
Marketing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Design
Purchasing
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
61
2020‐04‐06
Where are Nonconformities Detected?
Nonconformities detected
in purchasing process
originated in sales and
marketing, design process
or were generated by
supplier.
Sales and
Marketing
Design
Purchasing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
Where are Nonconformities Detected?
Nonconformities
detected in product
and service provision
process.
Sales and
Marketing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Design
Purchasing
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
62
2020‐04‐06
Where are Nonconformities Detected?
A lot of nonconformities are
discovered during inspection
and testing.
Sales and
Marketing
Design
Purchasing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
Where are Nonconformities Detected?
The Customer will
be unhappy in case
of nonconformities.
!
Sales and
Marketing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Design
Purchasing
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
63
2020‐04‐06
What is the Cost of Nonconformities?
10,000$
1000$
0,1$
Sales and
Marketing
1$
Design
10$
Purchasing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
QMS should be
designed to keep cost
of nonconformities as
low as possible…
100$
Production
and Service
Provision
!
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
What is the Cost of Nonconformities?
!
Sales and
Marketing
Session
By: Hamza
6
Khalid; hamza@ricionline.com
Design
Purchasing
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
64
2020‐04‐06
What is the Cost of Nonconformities?
… and to detect them
sooner in order to
prevent losses.
!
Sales and
Marketing
Design
Session
6
By: Hamza
Khalid; hamza@ricionline.com
Purchasing
Production
and Service
Provision
Release of
Products
and Services
Customer
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Checklist - Procurement
Workshop 5
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
65
2020‐04‐06
Lunch Break
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Performance Evaluation & Improvement
Session 7
9001:15-LA-SL Rev.01 Date: Jan 2019
66
2020‐04‐06
Performance Evaluation (Clause 9)
•
•
•
•
General
Clause 9.1.1
Retain documented
information as
evidence of the
results of
management
reviews.
Internal audit records
•
Management
Review
Clause 9.3
Customer
Satisfaction
Clause 9.1.2
Clause 9
Analysis and
Evaluations
Clause 9.1.3
Internal Audit
Clause 9.2
What needs to be monitored?
Methods of monitoring.
When to monitor?
When to analyse the results
from monitoring?
Retain documented
information as evidence of
results?
Customer
satisfaction
record
Analysis and
evaluation record
Session 7
9001:15-LA-SL Rev.01 Date: Jan 2019
Customer Satisfaction (Clause 9.1.2)
Customers surveys
Customer
Surveys
Warranty claims
Market analysis
Dealers reports
Session 7
Customer Feedback
on Delivered
Product
Warranty
Claims
Clause 9.1.2
Customer
Satisfaction
Market Share
Analysis
Dealers
Reports
Customer
Complaints
Meetings
with
Customers
Customer feedback
report
Meeting
report
Customer
complaints
9001:15-LA-SL Rev.01 Date: Jan 2019
67
2020‐04‐06
Analysis and Evaluation (Clause 9.1.3)
Conformity
of Product
and Services
Clause 8.5.1
Customer
Satisfaction
Clause 9.1.2
Customer
satisfaction
records
Internal audit
records
Suppliers
Performance
Clause 8.4.1
Clause
Analysis
and
Evaluation
9.1.3
Internal
Audit Results
Clause 9.2
Records of product and
service conformity
(Production reports,
quality records)
Management
Review Output
Clause 9.3
Supplier
evaluation
records
Management
review records
Effectiveness of risk plan, strategic
plan, management change plan
Clause 6.1, 6.2,6.3
Results of planning
Session 7
9001:15-LA-SL Rev.01 Date: Jan 2019
Key Performance Indicators
KPI
KPI
KPI
KPI
Marketing
Sales
Design
Purchase
Preservation
KPI
Session 7
KPI
Production
Documentation/invoicing
Transportation
KPI
KPI
KPI
KPI
Inspections
Product Release
Delivery
KPI
Payment
KPI
9001:15-LA-SL Rev.01 Date: Jan 2019
68
2020‐04‐06
Internal Audit (Clause 9.2)
The organization shall conduct internal audits at planned intervals to:
• Identify and report internal weaknesses related to quality.
• Provide detailed assessment of the organization's Quality Management
System.
• Address non-conformities and weaknesses for both management and
technical controls.
• Internal auditors are supposed to be free of conflict of interest and act based
on impartiality.
• Internal audit program to be established based on audit scope, criteria,
frequency.
• Internal audit reports, corrections and corrective actions are required to be
maintained as records.
Session 7
9001:15-LA-SL Rev.01 Date: Jan 2019
Management Review (Clause 9.3)
Management Review Inputs
The status of
actions from the
previous
management
reviews.
Changes in
external & internal
issues relevant to
the QMS.
Top management shall
review the organization's
QMS, at planned
intervals, to ensure its
continuing suitability,
adequacy, effectiveness
and alignment with the
strategic direction of the
organization.
Session 7
Information on the performance and
effectiveness of the QMS, including trends in
customer satisfaction, meeting quality
objectives, process performance, N.C. & C.A.,
monitoring & measuring results, audit, the
performance of external providers.
The adequacy
of resources.
The effectiveness of
actions taken to
address risks and
opportunities.
Opportunities for
improvement.
Management Review Outputs
Decisions
& actions
• Opportunities for improvement;
• Any need for making changes to the QMS.
• Resource needs.
•Retain documented information (MRM reports).
9001:15-LA-SL Rev.01 Date: Jan 2019
69
2020‐04‐06
Improvement
Correction, corrective actions,
continual improvement,
Breakthrough changes,
innovation, and reorganization.
General
Clause 10.1
Output of the
results of analysis
and evaluations
Clause 9.1.3
Retain
documented
information as
evidence of
a) the nature of
nonconformity
and the
subsequent
actions taken.
b) the results of
any corrective
actions
Example:
NCR
Clause 10
Continual Improvement
Clause 10.3
Nonconformity &
Corrective Actions
Clause 10.2
Output from
management
review meeting
Session 7
9001:15-LA-SL Rev.01 Date: Jan 2019
QUALITY
Improvement
P
D
A
P
P
C
D
A
C
P
D
C
C
D
A
P
A
C
D
A
Incremental
improvements
time
Session 7
9001:15-LA-SL Rev.01 Date: Jan 2019
70
2020‐04‐06
Non-conformity
“Non fulfilment of Requirements”
Corrective Action

Perform root cause analysis.

Take actions.

Verify the effectiveness of corrective
actions.

Available & documented.
Session 7
9001:15-LA-SL Rev.01 Date: Jan 2019
Quiz/Questionnaire
Workshop 6
9001:15-LA-SL Rev.01 Date: Jan 2019
71
2020‐04‐06
End of Day 2
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Day 3: Recap
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
72
2020‐04‐06
Accreditation, Certification and Auditor
Competence
Session 8
9001:15-LA-SL Rev.01 Date: Jan 2019
Session 8
The attestation
of product,
process, system
or person.
The attestation
related to those
bodies who are
involved in
certification.
Accreditation
Certification
Accreditation vs Certification
9001:15-LA-SL Rev.01 Date: Jan 2019
73
2020‐04‐06
IAF Hierarchy
International Accreditation Council
National Accreditation Body
Certification Body
Company
ISO 9001:2015
Quality Management
System Certificate
Session
By: Hamza
8
Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Certification bodies must:
How to Obtain
Accreditation
Session 8

Implement 17021 management system.

Be audited by accreditation body.

Hold records of auditors.

Prove knowledge and experience in applicable industry.

Have certificated lead auditors.
9001:15-LA-SL Rev.01 Date: Jan 2019
74
2020‐04‐06
ISO
17021:2011
Conformity
Assessment
•
Requirements for bodies providing audit and
certification of management systems
•
This standard contains principles and requirement for
the competence consistency and impartiality of audits
and certification of all types of management systems.
Session 8
9001:15-LA-SL Rev.01 Date: Jan 2019
Organization Certification Process Flow
Application
Submission
Surveillance
Audits
Documentation
Review
Certification
Decision
Stage 1 Audit
Stage 2 Audit
Session 8
9001:15-LA-SL Rev.01 Date: Jan 2019
75
2020‐04‐06
Chartered Quality
Institute &
International Register
of Certificated
Auditors
(CQI-IRCA)
Session 8
9001:15-LA-SL Rev.01 Date: Jan 2019
CQI-IRCA Training
Program and Schemes












Session 8
Quality.
Environmental.
Occupational Health & Safety.
Food Safety.
Social Systems.
Business Continuity.
Information Technology.
Aerospace.
Maritime.
Pharmaceutical.
Energy.
Information Security.
9001:15-LA-SL Rev.01 Date: Jan 2019
76
2020‐04‐06
CQI-IRCA Auditors Grades





Provisional Auditor.
Provisional Internal Auditor.
Internal auditor.
Lead Auditor.
Principal auditor.
Session 8
9001:15-LA-SL Rev.01 Date: Jan 2019
CQI-IRCA
Auditor
Certification
Criteria
Session 8
•
Provisional Auditor; for individuals who have attended an
Auditor/Lead Auditor training course but have not yet
conducted any audits.
•
Provisional Internal Auditor; for individuals who have
attended an Internal Auditor training course but have not yet
conducted any audits.
•
Internal Auditor; for individuals who conduct internal
‘partial system’ audits of your organisation’s management
system, or a supplier’s management system.
9001:15-LA-SL Rev.01 Date: Jan 2019
77
2020‐04‐06
CQI-IRCA
Auditor
Certification
Criteria
•
Auditor; for professionals who conduct ‘full system’
audits as part of their role i.e. internal full system
audits, second-party full system audits or conducting
third-party audits for certification purposes.
•
Lead Auditor; for auditors experienced at managing
audits and at leading teams.
•
Principal Auditor; for experienced auditors who may
no longer conduct audits but who are still actively
engaged in work relating to the audit profession.
Session 8
9001:15-LA-SL Rev.01 Date: Jan 2019
CQI-IRCA
Auditor
Education and
Audit
Experience
Requirements
Session 8
Requirements set for each grade based on:

Education.

Training.

Work and QMS experience.

Audit experience.

Completion of auditor training courses.

Records of auditor continuous professional development.
9001:15-LA-SL Rev.01 Date: Jan 2019
78
2020‐04‐06
Education
 At least to a secondary education level.
CQI-IRCA
Lead Auditor
Certification
Criteria
Work Experience
 Four years’ full-time experience, or two years with a degree
or near degree.
 Two years’ full-time experience relevant to the auditor
scheme you are applying for.
Auditor Training
 A relevant CQI-IRCA certified Auditor/Lead Auditor
training course.
 Or the relevant CQI-IRCA certified Auditor/Lead Auditor
Conversion training course.
Auditing experience
 Four full management system audits as an auditor-intraining, totalling 20 days, including a minimum of 15 days
on site.
 Three full management system audits as the leader of an
audit team that includes at least one other auditor, totalling
15 days, 10 of which must have been spent on site.
Session 8
9001:15-LA-SL Rev.01 Date: Jan 2019
Introduction
to ISO 19011: 2018
Session 9
Session 9
9001:15-LA-SL Rev.01 Date: Jan 2019
79
2020‐04‐06
Auditing Management Systems ISO 19011: 2018
Principles
Framework
PDCA Cycle
Session 9
Processes
1.
2.
3.
4.
5.
6.
7.
Scope
Normative reference
Terms and definitions
Auditing principles
Managing audit program
Performing an audit
Competence and evaluation
of auditors
8. Annexure A
9. Annexure B
9001:15-LA-SL Rev.01 Date: Jan 2019
ISO 19011: 2018 Structure
Session 9
1.
Scope.
2.
Normative references.
3.
Terms and definitions.
4.
Principles of auditing.
5.
Managing an audit program.
6.
Audit activities.
7.
Competence and evaluation of auditors.
9001:15-LA-SL Rev.01 Date: Jan 2019
80
2020‐04‐06
Audit

A Systematic, independent and
documented process for obtaining
objective evidence and evaluating it
objectively to determine the extent to
which the audit criteria are fulfilled

Establishing criteria is one of the
important aspects of the audit process.

During the audit process objective
evidences are obtained by the individuals
who are managing audit process or
program.

Audit evidence are evaluated against
audit criteria objectively to determine
the extent to which the audit criteria
are fulfilled.
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Types
Session 9

Internal Audits/First-party Audits
When an organization prefers to do its own audit either using their own auditors or external auditors to
perform their internal audits.

External Audit/Second-party Audits
Suppliers audit, either performed by the auditors of the organization directly or by hiring external auditors.

External audit/Third-party Audits
These audits are performed by independent auditing organization, like registrar or regulators.
9001:15-LA-SL Rev.01 Date: Jan 2019
81
2020‐04‐06
Audit Evidence

A verifiable document (records, statement of
fact or other information), which is
qualitatively or quantitatively relevant to the
audit criteria.

A pressure test report, NCR, CAR,
management review records, customer
complaints, customer satisfaction record, data
analysis record, metrics.

Is subject to some degree of verification.
Session 9
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Criteria
Session 9

Audit criteria is established during audit
process.

A set of requirements used as a reference
against which the objective evidence is
compared.

Auditable standards, company policies,
objectives, plans, strategies, structure, system
(processes, procedures, practices), Legal
requirements, technical standards & codes,
customer specifications, etc.
9001:15-LA-SL Rev.01 Date: Jan 2019
82
2020‐04‐06
Audit Evaluation

Compare audit finding with audit criteria, a decision to ensure that audit evidence collected against criteria is
correct and its significance (risk or opportunity, major or minor).
Session 9
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Finding
Session 9
•
The results of the evaluation of the
collected audit evidence against audit
criteria is defined as audit finding.
•
Examples: established risk or
opportunity, management system
requirements-conformity or
nonconformity, Legal requirements compliance or noncompliance.
9001:15-LA-SL Rev.01 Date: Jan 2019
83
2020‐04‐06
Audit Outcomes

The outcomes of an audit after consideration of the audit objectives and all the audit findings.

A set of all the audit findings after consideration of audit objectives.

A review of these findings will determine the suitability, adequacy, effectiveness and efficiency of the
management system. This auditor's final opinion about the management system or legal requirements or
technical requirements or policies or objectives or procedures or good practices or strategies.
Session 9
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Team
•
Group of auditors.
•
Group of sector experts/Technical experts/ Consultants/Advisors.
•
Observers (those who only monitors the
audit process).
•
Guide appointed by auditee to facilitate auditors during audit
process.
•
If required for support, a group of sector experts/Technical
experts/Consultants/Advisors who work as directed by audit team
leader.
84
2020‐04‐06
Audit Scope

Width and depth of the audit.

Width of the audit determines the
description of physical location and
boundaries where audit is to be
performed and covering
organizational units (Organization
may have more than one unit).

Depth of the audit will determine
the extent of the audit, how far the
auditor has investigated the
management system, processes,
activities, tasks.

The width and depth of the audit
will determine the time period
required to complete the audit.
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Program
Session 9

Arrangements for a set of audit(s)
planned for a specific timeframe and
directed towards specific purposes.

The audit program objectives are
determined by the audit client.
9001:15-LA-SL Rev.01 Date: Jan 2019
85
2020‐04‐06
Audit Plan

Description, sequence,
arrangements of the audit
activities, including, resources,
performance criteria
(measurement criteria,
evaluation) schedule of activities,
identification of auditors and
auditees.
Session 9
Principles of Auditing







Session
By: Hamza
9
Khalid; hamza@ricionline.com
Integrity.
Fair presentation.
Due professional care.
Confidentiality.
Independence if practicable.
Evidence-based approach.
Risk-based approach. (New Principle)
9001:15-LA-SL Rev.01 Date: Jan 2019
86
2020‐04‐06
ISO 19011: 2018 Clause 6 Performing an Audit
6.2 Initiating the Audit
6.3 Preparing Audit Activities
6.4 Conducting the Audit
Activities
6.5 Preparing and Distributing
Audit Report
6.6 Completing the Audit
6.7 Conducting Audit Follow-up
Session 9
9001:15-LA-SL Rev.01 Date: Jan 2019
Desired Personality Attributes
Session 9
SN Characteristics
Description
1
Ethical
Fair, honest
2
Open-minded
Willing to listen to others
3
Diplomatic
Tactful in dealing with people
4
Observant
Actively monitoring surroundings
5
Versatile
Adaptable to different situations
6
Tenacious
Persistent
7
Decisive
Reaching to conclusion quickly
8
Self-reliant
Able to function independently (considering practicability)
9
Acting with fortitude
Acting responsibly
10
Open to improvement
Willing to learn
11
Collaborative
Effectively interacting with others
9001:15-LA-SL Rev.01 Date: Jan 2019
87
2020‐04‐06
the Audit
Session 10
Session 10
9001:15-LA-SL Rev.01 Date: Jan 2019
Establishing Initial Contact with the Auditee
Responsibility: Lead Auditor
Purpose:
Session 10
1.
Initiate communication channels with auditee person responsible
for audit.
2.
Confirm the authority to conduct audit.
3.
Provide information with respect to objectives, scope,
methodology, audit team, including technical expert and guides,
translators.
4.
Request access to relevant documented information and records for
audit planning.
5.
Determine applicable laws, contractual requirements.
6.
Agree with the audit extent of disclosure of documented
information and confidentiality issues.
7.
Ask for any specific requirements, area of concerns, access
requirements, guides, interpreters and observers.
8.
Determine any areas of interest, concerns or risks to the auditee
in relation to a specific audit.
9001:15-LA-SL Rev.01 Date: Jan 2019
88
2020‐04‐06
Determine Feasibility
of the Audit
Responsibility: Lead auditor, to ensure that audit
objectives will be achieved.
Take into consideration:
1.
Sufficient and appropriate information is
available for planning and conducting the
audit.
2.
Adequate cooperation throughout the audit
life cycle.
3.
Adequate time to perform the audit.
4.
Availability of adequate resources to perform
the audit.
Session 10
9001:15-LA-SL Rev.01 Date: Jan 2019
Review of Documented Information
Responsibility: Program Manager/Audit Team
Purpose:
To gather information to prepare, audit plan, checklist, and to make an assessment on
how effectively MSS has been developed, implemented, monitored and improved.
1.
Documentation relevant to planning.
2.
Procedures.
3.
Documented information like last audit report, internal audit report, suppliers audit
report, management review report, and others as appropriate.
Review of documented information should take into account the context of the
organization, size, nature, complexity, risk & opportunities of the auditee’s management
system and organization, objectives and scope.
Session 10
9001:15-LA-SL Rev.01 Date: Jan 2019
89
2020‐04‐06
Review of Documented
Information- Why
•
Documented information covers the scope of work and provides detailed information
on how the management system is designed and developed.
•
It supports the audit objectives.
•
It can provide an indication of the document control system of the organization or
auditee.
•
It will provide information about the maturity of the management system.
•
It will provide risk associated with product, service and processes during the life cycle
of the product and service.
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Review of Documented Information- What to
Consider
Ensure
That information provided are correct, accurate, and
complete.
Ensure
That the information are consistent.
Ensure
That documents are current.
Session
By: Hamza
10 Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SLRev.01
Rev.01Date:
Date:Jan
Jan2019
2019
90
2020‐04‐06
Preparing Audit Plan
Responsibility: Audit Team leader
Purpose:
1.
It is a mutually agreed document between
audit client, audit team and auditee.
2.
It facilitates efficient scheduling and
coordination.
While audit planning takes into consideration:
1.
Sampling technique.
2.
Composition of the audit team and their
cumulative knowledge.
3.
The risk associated to the organization
(contamination, accident).
Session 10
9001:15-LA-SL Rev.01 Date: Jan 2019
Preparing Audit Plan
Audit plan contents:
a)
Audit objectives.
b)
Audit scope with clear identification of
organizational and functional units and processes.
c)
Audit criteria.
d)
Location, date and time.
e)
Audit methodology/techniques including sampling.
f)
Auditee representative.
g)
Communication arrangements.
h)
Confidentiality.
i)
Roles and responsibilities of audit team, auditee
including, experts, interpreters and guides.
j)
Follow up.
It is a good practice to take approval of the audit plan
from program manager as well the audit client.
Session 10
9001:15-LA-SL Rev.01 Date: Jan 2019
91
2020‐04‐06
Assigning
Responsibilities
to Audit Team
Responsibility: Audit team jointly
decides.
Briefing by the team leader prior to
the audit.
Session 10
9001:15-LA-SL Rev.01 Date: Jan 2019
Selecting Audit Team
Team size and competence depends on:
•
The audit objectives, criteria and duration.
•
Competence of the team to meet objectives.
•
Statutory, regulatory, contractual,
accreditation/certification requirements.
•
Team’s objectivity and impartiality.
Session 10
9001:15-LA-SL Rev.01 Date: Jan 2019
92
2020‐04‐06
Audit Team Members’ Roles
•
Team leader.
•
Team members.
•
Sector Experts.
•
Observers.
•
Interpreters.
Session 10
9001:15-LA-SL Rev.01 Date: Jan 2019
Lead Auditor Responsibilities
•
•
•
•
•
•
•
•
•
•
•
•
Session 10
Prepare the audit plan.
Assign team roles.
Brief the team.
Review working documented information to ensure
adequacy.
Chair the closing meeting.
Report nonconformities.
Report any major obstacles encountered during the audit.
Make final decisions for all phases of the audit.
Submit the audit report.
Manage risk.
Deal with internal and external issues.
Understanding the auditee’s context and business activities.
9001:15-LA-SL Rev.01 Date: Jan 2019
93
2020‐04‐06
Team Members’ Responsibilities
•
Review all relevant information related to their assigned tasks;
•
Prepare any work documented information (including checklists) necessary
to carry out those tasks;
•
Comply with the audit requirements;
•
Carry out assigned duties effectively and efficiently;
•
Report deficiencies and audit findings to the Team Leader;
•
Cooperate and support the Team Leader.
Session 10
9001:15-LA-SL Rev.01 Date: Jan 2019
Preparing Documented Information for
Audit
Responsibility: Audit team
Purpose:
1.
Reference documented information.
2.
Recording evidence.
Documented information to be prepared:
Session 10
1.
Checklist.
2.
Sampling plan.
3.
CAR form.
4.
Attendance sheet.
5.
Audit report format.
9001:15-LA-SL Rev.01 Date: Jan 2019
94
2020‐04‐06
Audit Checklist

A systematic sequential set of audit questions extracted
from the documented information review during pre-audit
activity.

Checklist is based on

Processes.

Relevant Procedures.

Documented information in use.

Requirements of ISO 9001.
Session
By: Hamza
10 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Advantages of Checklist

Sequence Guide to the auditor.

Auditing tool.

An aid to the auditor to control the depth of the audit.

An aid to the auditor to control the pace of the audit.

A means of recording responses by auditees.
Session
By: Hamza
10 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
95
2020‐04‐06
Limitations of Checklist

The checklist may hold back initiative and analysis of the process or procedure.

The checklist may prevent the auditor from investigating significant incidents
because they were not on the checklist.
Session
By: Hamza
10 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Document Review
Workshop 7
9001:15-LA-SL Rev.01 Date: Jan 2019
96
2020‐04‐06
Lunch Break
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Document Review
Workshop 7
9001:15-LA-SL Rev.01 Date: Jan 2019
97
2020‐04‐06
Specimen Exam Paper Review
9001:15-LA-SL Rev.01 Date: Jan 2019
End of Day 3
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
98
2020‐04‐06
Day 4: Recap
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Audit Plan
Workshop 8
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
99
2020‐04‐06
Conducting the Audit
Session 11
Roles and Responsibilities of
Guides, Observers and Interpreters
Observers:
•
observers may accompany the audit team; their role is only to
witness the proceedings and shall not interfere or influence
during the audit.
Guides:
•
Guides Are appointed by auditee to assist the audit team and
report to team leader, to assist in identifying individuals,
participate in interview and confirming timing, arranging
accesses to specific locations, ensure safety
•
Guides may witness the audit on behalf of the auditee
•
They may provide clarification in collecting information
Interpreters:
Translate/relay the information required for the audit activities to
run smoothly.
Session
By: Hamza
11 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
100
2020‐04‐06
Conducting the Opening Meeting
Responsible: Audit Team Leader
Purpose:
1.
Confirmation of audit plan.
2.
Introduction.
3.
To ensure the feasibility of the audit.
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
The Opening Meeting Format
Session
By: Hamza
11 Khalid; hamza@ricionline.com
•
Enable participants to introduce themselves.
•
Discuss the Audit Plan.
•
Confirm audit purpose, scope and criteria.
•
Establish communication.
•
Encourage cooperation, honesty and openness.
•
Confirm the audit arrangements.
•
Explain the responsibilities of the Audit Team
Members.
•
Confidentiality.
•
Closing Meeting time.
•
Audit Report.
9001:15-LA-SL Rev.01 Date: Jan 2019
101
2020‐04‐06
Communicating During
the Audit
Responsible: Audit Team leader
Communication to whom: Among the team-Program
manager-Audit Client-Auditee-regulators
Purpose:
1.
To report progress and concerns.
2.
Evidence collected during the audit may suggest an
immediate risk to the auditee shall be
communicated to all parties.
3.
Any concerns outside the scope should be noted
and communicated to all concerned parties.
4.
Identification and communication of ‘immediate
and significant’ risk or upon realization that the
audit objectives will not be met.
Session 11
When the evidence suggests that audit objectives cannot be
achieved, the team leader should report to the audit client
and auditee so that they may determine appropriate actions;
such actions may ask for a modification of the audit plan,
changes to the objectives or audit scope. These changes shall
be approved by the program manager and auditee.
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Information
Availability and Access
1.
The audit objectives, scope, duration, location and
criteria define the audit method chosen for the
audit.
2.
Can include virtual or physical location.
3.
When, where and how to access audit information
is vital.
4.
Where this information is generated, used and/or
stored is irrelevant. The access is what determines
the audit methods. This audit can use a mixture of
methods.
5.
A change in the methods may be required
depending on audit circumstances.
Session
By: Hamza
11 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
102
2020‐04‐06
Reviewing Documented
Information while Conducting the
Audit
Responsibility: Audit Team Leader and Members
Purpose:
1.
To determine conformity of the system.
2.
Gather information to support audit activities.
Note: if adequate documentation cannot be provided within the
time frame given in the audit plan, the audit team leader should
inform both program manager and auditee, a decision will be
required to continue the audit.
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Process
Source of
Information
Sampling
Audit
Evidence
Audit
Criteria
Evaluation
Audit
Findings
Session 11
Reviewing
Outcome
9001:15-LA-SL Rev.01 Date: Jan 2019
103
2020‐04‐06
Collecting and Verifying
Information
•
During the audit, information relevant to the audit objectives,
scope and criteria, including information relating to interface
between functions, activities and processes, should be collected
by means of appropriate sampling and should be verified.
Audit evidences leading to audit findings should be recorded.
•
If during the audit and collection of evidences, the audit team
becomes aware of any new or changed circumstances or risks,
these should be addressed by the team accordingly as they are
given decision making authority by audit leader.
•
Interview.
•
Observation.
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
Generating Audit Findings
•
Audit findings are either conformity or nonconformity,
compliance or noncompliance.
•
Nonconformities with audit evidence constitute audit finding.
•
Nonconformities may be graded as major/minor.
•
Efforts shall be made to satisfy diverging opinion about
nonconformity and its grading.
•
Audit findings shall be reviewed by the audit team at
appropriate stage.
9001:15-LA-SL Rev.01 Date: Jan 2019
104
2020‐04‐06
Sampling -Why
•
When it is practically not
possible to audit the whole
population.
•
When cost effectiveness is
desired by the client.
Session
By: Hamza
11 Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL Rev.01
Rev.01 Date:
Date: Jan
Jan 2019
2019
Sampling- Judgement-based
•
Judgment is based on the knowledge, skills and experience
of the audit team; the following to be considered:
•
Previous audit experience within the audit scope.
•
Complexity of the requirements, including legal, inorder to achieve objectives.
•
Complexity and interaction of the processes.
•
Changes in technology, humans and management.
•
Previously identified risks areas.
•
Output from the management review report.
Session
By: Hamza
11 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
105
2020‐04‐06
Sampling- Statistical Sampling
•
Statistical sampling is based is on the characteristics of the
overall population from which samples are to be taken.
•
Attributes-based (sample outcome is either correct or
incorrect/Pass or Fail).
•
Variable-based (the outcome of the sample is in a variable
range).
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Selecting Source of Information
The scope and complexity of the audit context determine
the source of information for collecting the audit evidence:
1.
Interviews- employees, management, suppliers,
customers.
2.
Observation of activities and the surrounding work
environment.
3.
Documented information, policies. Objectives, plans,
procedures, standards, instructions, specifications,
drawings, contracts.
4.
Documented information, audit, management review,
corrective actions, inspections, minutes of meetings,
results of tests.
5.
Data summaries, analysis and performance indicators
6.
Sampling plans.
7.
Customer feedback, external audit reports, suppliers'
ratings.
8.
Websites.
9.
Simulation and modeling.
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
106
2020‐04‐06
Guidance on Visiting Auditee’s Premises
Ask
Provide
Seek
Inform
Ask for permission and access if controlled.
Provide adequate information to the auditors about security requirements, safety
requirements, cultural issues, any vaccination requirements, and other clearances.
Seek information about PPE who will provide and what type.
Inform the concerned people about the visit.
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
Guidance while Performing on-site Activities
during Audit
Do not disturb
Ensure
Ensure safety.
Communicate
Communicate emergency procedures.
Communicate
Communicate properly.
Ensure
Do not touch
Ensure guide is with you.
Do not touch any equipment.
Case
In case an incident took place, take it up with auditee.
Take
Take permission to take photographs.
Take
Seek
Seek permission to keep the documented information or record.
Do not collect
Session 11
Do not disturb operations.
Do not collect personal data.
9001:15-LA-SL Rev.01 Date: Jan 2019
107
2020‐04‐06
Conducting Interview
•
Explain the reason for the interview.
•
Put the person at ease.
•
Ask simple and to-the-point questions.
•
Summarize the interview and review with the
person interviewed.
•
The interview shall be held with the
appropriate person.
•
Conduct the interview during work hours.
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
Questioning Techniques: 5W’s &1H
How?
What?
Where?
When?
Why?
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
108
2020‐04‐06
Audit Findings
When determining audit finds give due
consideration to the following;
1.
Follow up on the previous audit’s
documented information outcomes.
2.
Requirements of the audit client.
3.
Opportunities for improvements.
4.
Sample size.
5.
Categorization of audit finding if any.
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
Recording Nonconformities
When recording nonconformities, consider the following:

Identification of criteria against which conformity was noted.

Description of non-conformity and criteria.

Classification of non-conformity.

Non-conformity declaration.

Audit evidences to some degree.

Related audit findings, if applicable.
9001:15-LA-SL Rev.01 Date: Jan 2019
109
2020‐04‐06
Determining Audit Outcome
Audit outcome: Address the following issues:
1.
The effective implementation, maintenance, and
improvement of MSS.
2.
The capability of the management review process to
ensure continuing SAEEI (Suitability, Adequacy,
Effectiveness, Efficiency, Improvement) of MSS.
3.
Achievement of the audit scope, objectives, criteria.
4.
Extent of conformity.
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
Correction

Take actions to eliminate nonconformity.
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
110
2020‐04‐06
Classification of Non-Conformities
Corrective Action

Perform root cause analysis.

Take actions.

Verify effectiveness of corrective
actions.

Available & documented.
Session
By: Hamza
11 Khalid; hamza@ricionline.com
Major Non
conformity
(Major NC)
Minor Non
conformity
(Minor NC)
• Major deviation
or collapse in
the system.
• Minor lapse
which may lead
to a problem in
future if not
addressed.
Opportunity for
improvement
(OFI)
• Recommendation
for improvement
9001:15-LA-SL Rev.01 Date: Jan 2019
Pre-closing
Meeting
The audit team should confer prior
to the closing meeting in order to:
1.
Review audit findings.
2.
Agree on outcome.
3.
Prepare recommendations.
4.
Discuss audit follow up.
5.
Grading of findings
(Major/Minor).
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
111
2020‐04‐06
Closing Meeting
Responsibility: Team leader should chair.
Who should attend?
a) Audit team. b) auditee team with their
management. c) audit client. d) any other interested
party.
Purpose:

Advising that the audit findings are based on
sampling.

Method of reporting.

Explanation of findings and their consequences
and outcome.

Post audit plan.
Note: any diverging opinion if not resolved shall be
recorded.
Session 11
9001:15-LA-SL Rev.01 Date: Jan 2019
Closing Meeting Approach
Session 11

Present all findings and evidence carefully and
precisely.

Be prepared to support and justify findings.

Do not be drawn into arguments.

If an error transpires, apologize; alter or
withdraw, if necessary.

Do not accept a "quick fix" to CARs.
9001:15-LA-SL Rev.01 Date: Jan 2019
112
2020‐04‐06
Closing Meeting Activities
•
Describe the purpose, scope and objectives of the audit.
•
Describe the strengths and weakness of the auditee.
•
Explain what is CAR & OFI’s.
•
Distribute CAR Forms.
•
Explain the process of the closeout of corrective actions.
•
Explain all audit findings including, CARs and OFI’s.
•
State final decision and outcome.
•
Inform submission date of the Audit Report.
•
Explain the audit follow-up process.
•
Express gratitude to the client.
Session
By: Hamza
11 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Collecting audit evidence
Workshop 9
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
113
2020‐04‐06
Lunch Break
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Conducting Opening and Closing Meeting
Workshop 10
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
114
2020‐04‐06
Specimen Exam Paper Review
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
End of Day 4
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
115
2020‐04‐06
Day 5: Recap
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Reporting the Audit
Session 12
116
2020‐04‐06
Audit Report is a summary of the audit
conclusion, findings and other activities
performed during the audit.
Audit Report must provide a clear, concise, complete and accurate record of the actual audit.
Session 12
9001:15-LA-SL Rev.01 Date: Jan 2019
Preparing Audit
Report
Responsibility: Team leader
The team leader shall provide a
complete, accurate, concise, and
clear record of the audit, and
should include the content in the
following slide and send it to the
program manager.
Session 12
9001:15-LA-SL Rev.01 Date: Jan 2019
117
2020‐04‐06
Audit Report Contents
•
Audit objectives.
•
Audit scope and criteria.
•
Auditee/client info.
•
Audit team members & participants.
•
Audit date and location.
•
Executive summary.
•
A statement about the degree on fulfillment of the audit
criteria.
•
Reference standards & documented information.
•
Any exclusions or areas not covered during the audit.
•
Distribution list of the audit report.
•
Opening & closing meetings’ details.
Session
By: Hamza
12 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Report Contents (cont’d)
•
Strengths & weaknesses.
•
Audit findings.
•
Audit evidence.
•
Non-conformities.
•
Opportunities for improvements.
•
Audit outcome.
•
Agreed on Follow-up plans.
Session
By: Hamza
12 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
118
2020‐04‐06
Distributing Audit Report
The audit report should be issued with an agreed
period of time. If delayed, reasons shall be
communicated to the auditee and the program
manager. The report should be dated, reviewed
and approved, as appropriate, in accordance with
the audit program procedure.
The audit report should be distributed to the
participants as defined in the audit plan.
Session 12
9001:15-LA-SL Rev.01 Date: Jan 2019
Completing the Audit
•
The audit is completed when all the audit activities are completed.
•
Documented information pertaining to the audit should be
retained or destroyed after the agreement between the
participating parties and in accordance with the audit program
procedures and applicable requirements.
•
Unless required by law, the audit team and program manager
should not disclose the contents of the documented information,
any other information obtained during the audit, or the audit
report to any other party without the explicit approval of the
audit client and, where appropriate, the approval of auditee. If
disclosure of contents of an audit document is required, the audit
client and auditee should be informed as soon as possible.
•
Lesson learned from the audit should be entered into the
continual improvement processes of the management system of
the audited organization.
Session 12
9001:15-LA-SL Rev.01 Date: Jan 2019
119
2020‐04‐06
Conducting Audit Follow-up
The outcomes of the audit can, depending on the audit objectives,
indicate the need for corrections, corrective actions, preventive
actions or improvement actions. Such actions are usually decided
and undertaken by the auditee within an agreed timeframe. As
appropriate, the auditee should keep the person managing the
audit program and audit team informed of the status of these
actions.
The completion and effectiveness of these actions should be
verified. This verification may be part of a subsequent audit.
Session 12
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Finding Closeout Cycle (Major Nonconformity)
Auditor raises
nonconformity
Auditor
closes the finding
Auditor verifies
effectiveness of corrective
action on site
Auditee analyses
nonconformity
Auditee confirms on site
verification visit date to
the Auditor
Auditee investigates
the root cause
Auditee takes correction &
corrective actions
Session
By: Hamza
12 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
120
2020‐04‐06
Audit Finding Closeout Cycle (Minor- Nonconformity)
Auditor raises
nonconformity
Auditor
closes the finding
Auditor verifies
effectiveness
Auditee analyses
nonconformity
Auditee submits
corrective actions to
auditor
Auditee investigates
the root cause
Auditee takes
correction and corrective
actions
Session
By: Hamza
12 Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Student Activity
Identify different ways an auditor can use to follow-up and
close an audit finding?
Session 12
1.
By performing visits at site, for verification.
2.
By review of documentary evidence.
9001:15-LA-SL Rev.01 Date: Jan 2019
121
2020‐04‐06
Audit Follow-ups
Workshop 11
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Audit Role play
Workshop 12
9001:15-LA-SL Rev.01 Date: Jan 2019
122
2020‐04‐06
Lunch Break
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Audit Role play
Workshop 12
9001:15-LA-SL Rev.01 Date: Jan 2019
123
2020‐04‐06
Specimen Exam Paper Review
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
End of Day 5
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
124
2020‐04‐06
Day 6: Welcome!
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Day 6: Recap
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
125
2020‐04‐06
Identification of
Non-conformities
Workshop 13
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Specimen Exam Paper Review
9001:15-LA-SL Rev.01 Date: Jan 2019
126
2020‐04‐06
Case Study
Workshop 14
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
Lunch Break
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
127
2020‐04‐06
Case Study
Workshop 14
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
End of Day 6
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
128
2020‐04‐06
Day 7: Welcome!
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Day 7: Recap
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
129
2020‐04‐06
Course Review
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Course Summary
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
130
2020‐04‐06
Lunch Break
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Written Exam Instructions & Specimen Paper Review
Duration: 2 hours
By: Hamza Khalid; hamza@ricionline.com
Use Clean Copy of Standard
Cell phones & Laptops not allowed
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
131
2020‐04‐06
“ Congratulations! You now have the desired
knowledge & Skills to be an auditor prove it
during the written examination
”
By: Hamza Khalid; hamza@ricionline.com
“
9001:15-LA-SL
9001:15-LA-SL
Rev.00
Rev.01
Rev Date:
Date: Dec
Jan 2019
2018
Congratulations! in advance to those who will
qualify the examination
”
By: Hamza Khalid; hamza@ricionline.com
9001:15-LA-SL Rev.01 Date: Jan 2019
132
2020‐04‐06
“
Thank You
&
Good Luck!
By: Hamza Khalid; hamza@ricionline.com
”
9001:15-LA-SL Rev.01 Date: Jan 2019
133