Audit Plan Letter

advertisement
TS16949 requirements
28-10-12
2
Subjects
– Audit planning
– Recertification audit requirements
– Auditing Remote supporting functions
3
Reason for the presentation
– This presentation is provided as a reminder to all auditors of
some of the requirements of the TS16949 program where the
IAOB have identified non conformances in the past 12 months.
– Read the presentation and as required ensure that we comply
with the requirements.
– Veto Powers and witness auditors please ensure that during
the course of your reviews that you verify that the requirements
of the program are being met.
4
Audit Planning
• Planning is critical to the success of a TS16949 Audit
• Processes noted in the plan must reflect the processes identified by
the client using the clients terms.
5
Audit plan
• The Audit Plan is developed from information supplied by the
client.
• Where the information isn’t supplied prior to an audit, the on site
audit shall commence with the planning of the audit through the
review of all the required information with the management
team.
• In these situations additional audit time shall be added to the
audit to enable the planning of the audit on site. This additional
time must be shown as the first line item on the plan submitted
for veto review.
6
Planning information required for Stage one audit (Readiness
Review) (refer rules 6.5 Stage 1 planning)
– a) description of processes showing the sequence and interactions,
including identification of outsourced processes,
– b) key indicators and performance trends for the previous 12 months,
minimum,
– c) evidence that all the requirements of ISO/TS16949 are addressed by
the client's processes,
– d) quality manual, including the interactions with support functions on
site or remote,
– e) evidence of one full cycle of internal audits to ISO/TS 16949 followed
by a management review,
– f) list of qualified Internal auditors and the criteria for qualification,
– g) list of automotive customers and their customer-specific
requirements if applicable,
– h) customer complaint summary and responses, scorecards and
special status.
7
AUDIT PLANNING – ALL AUDITS
– The audit planning activity shall be undertaken prior to arrival on site
and shall include as inputs to the plan a review of the following
information supplied by the client:
– all requirements of the client's quality management system
implemented to meet the automotive requirements of those customers
requiring ISO/TS 16949 certification of their supplier, even when these
requirements go beyond ISO/TS 16949 (i.e. customer specific
requirements),
– the client processes taking into account their sequence and
interactions, including remote support functions,
– current customer and internal performance data, internal audit and
management review results, and the same information pertinent to any
new customers since the previous audit,
8
AUDIT PLANNING – ALL AUDITS (cont)
– customer satisfaction and complaint summary, including
verification of customer reports, scorecards and special status,
– follow up on issues from previous audits
9
Audit planning
The Audit Plan is a three-page form consisting of a client
notification letter (page1), an Audit Plan (page 2) and a check
list identifying the information received and reviewed (page 3).
Auditors are encouraged to write comments on page 3 about the
information reviewed.
The Audit Plan establishes pre-planning expectations for an
upcoming audit and is sent to the client and to the audit team.
The document also contains some specific miscellaneous
information not available on other documents.
10
Audit Planning (cont)
Notification Letter
– The Letter tells clients about conditions specific to the upcoming
audit.
– Sections should be deleted where they are not applicable.
– An example of a Notification Letter and Audit Plan appear on
following slides.
– Also remember that based on the rules, audit scheduling has to
start from Management Review and Customer Claim analysis.
Output from Customer Claim analysis has to be consider an
input for the auditing on the following processes.
11
Audit Plan Letter (page 1)
Amend these
parts of the
letter to suit
the audit you
will be
conducting
12
Audit Plan Letter (cont)
The section in
blue is to be left
if the information
required to plan
the audit is not
received.
This section
only left in
when the
audit is a
recertification
Audit Plan Table (page2)
13
Where the information required to
plan the audit is not received from
the client insert a line before the
entry meeting for planning.
The Audit Plan can
be expanded to
accommodate
multiple auditors
and/or days.
Audit planning is intended to be performed prior to any activity
Audit planning uses information provided by the client.
Audit table (cont)
14
This
paragraph is
to be left in
the plan if the
required
information is
not received
to allow the
audit to be
planned
15
Audit Plan Page 3 record of information received
Identify in this section the
information received from the
client and reviewed to develop
the audit plan.
As applicable include comment on the
information received in these
sections. Auditors are encouraged to
add comments on what they review.
Identify in this section if the required
information was received or not.
Include your name and the date the
information was reviewed and the plan
developed.
16
Recertification audit requirements from rules third
edition and areas we have been found to not
comply
During recertification audits the audit shall include the
following:
– A review of the effectiveness of the management system in its
entirety in the light of internal and external changes and it
continued relevance and applicability to the scope of certification
– During witness audits the IAOB have identified that in some
cases auditors have not been covering the clients system and
the technical specification in it entirety. Ensure that all applicable
clauses of the technical specification are clearly address during
the recertification audit.
17
Recertification audit requirements (cont)
– Demonstrated commitment to maintain the effectiveness and
improvement of the management system in order to enhance
overall performance
– Review the previous performance of the management system
over the previous certification audit cycle and look for any
adverse trends. Comment on your findings in our audit report
template next to the applicable headings.
– Whether the operation of the certified management system
contributes to the achievement of the clients policy and
objectives
– During the course of the audit ensure that the system continues
to support the clients business. Comment on your findings in our
audit report template next to the applicable headings
18
Recertification audit requirements (cont)
– The effective interaction between all the processes defined in
the quality management system and the overall effectiveness of
the management system.
– During the course of the audit ensure that the interactions are
still defined in the QMS and that the system continues to be
effective. Comment on your findings in our audit report template
next to the applicable headings
19
Auditing Remote supporting functions
– TS Rules section 5.5 defines the requirements for supporting
activities. Supporting functions shall be audited as required to
support a site; they will be included in the initial Stage 2 audit
and at least once more during the surveillance audit cycle and
– the recertification audit (annually for product design). Supporting
activities can be on-site or remote, and can include functions
such as product design, contract review, purchasing, and
warehouses.
20
Auditing Remote supporting functions
– the audit report needs to include information on what was
audited related to the interface of the supporting functions.
– During audit reporting, the auditor should consider the following:
The audit report must detail the linkages audited by the
audit team. It is not enough just to indicate that the audit
included an audit of the linkage to the support provided by
the support location.
Where the audit of the support location was completed by
another CB there needs to be comment in the report about
your review of that CB’s report and that their report
includes comment on the interfaces between that site and
the site we are auditing (see rules 5.5 option 2)
Download