AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS AUDITING AND CERTIFICATION OF QUALITY MANAGEMENT SYSTEMS by Dr. Anwar El-Tawil ISO

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS ISO Standards for Auditing QMS Previously, three standards existed for auditing QMS: ISO 10011/1, 2 and 3 A JWG between ISO/TC 176 and ISO/TC 207 has prepared a common auditing standard ISO for auditing QMS and EMS Common auditing standard does not mean that there must be one audit of QMS and EMS

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS What is an Audit? Audit « a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which agreed criteria are met » (ISO 9000)

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Objectives of QMS Audit To determine conformity of QMS to requirements To determine effectiveness of QMS To identify areas for improvement To permit certification/registration of organization To meet legal requirements (e.-g. for manufacturers of medical devices)

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Types of QMS Audit Ê Internal audits (first-party audits):  Audits conducted by, or on behalf of, the Organization itself for internal purposes  Internal audits can form the basis for an orgnization’s self-declaration of conformity

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Types of QMS Audit (cont.) Ë External audits (second- and third party audits):  Second-party audits are conducted by parties interested in the Organization (e.g. customers)  Third-party audits are conducted by external, independent certifiers/registrars

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Principles of Auditing (ISO 19011) l Principles relating to auditor character:  Ethical conduct - foundation of professionalism  Fair presentation - obligation to report truthfully and accurately  Due professional care - reasonable care in auditing

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Principles of Auditing (ISO 19011) (cont.) l Principles relating to audit process:  Independence - basis for impartiality and objectivity in conclusion  Evidence - rational basis for reaching conclusion

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Parties involved in QMS Audit Provision of data/information Determination of audit objectives and criteria Audit Report Auditee Client Auditor Determination of audit scope Conduct of the audit

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Audit Process Initiating the Audit Document Review Preparing for on-site audit activities On-site Audit Activities Reporting on Audit Audit Follow-up Audit completed

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Initiating the Audit l Determine audit objectives, scope, and criteria  Objectives can be:  checking conformity to ISO 9001,  checking capability to ensure compliance with laws, regulations and/or contractual requirements,  identifying areas of potential improvement  Scope is defined in terms of  location  organizational units  activities and processes l Establish audit feasibility

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Initiating the Audit (cont.) l Establish audit team and appoint its leader based on:  audit objectives, scope, criteria, location and duration  overall competence of audit team by:  identifying knowledge and skills needed  selecting audit team with needed knowledge and, if necessary, including technical experts acting under the direction of an auditor  language and cultural environment of audit  independence of audit team and avoidance of conflict of interest l Contact auditee

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Document Review l Review QMS documents including records and previous audit reports l The review is done by the audit team leader or by one or more auditors l A preliminary on-site visit can be necessary to get an overview of available information l If the QMS documentation is found inadequate,the audit client should be informed l No further resources should be spent on the audit until such concerns are resolved

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Preparing for On-site Audit An audit plan should be prepared including: Audit objectives, scope and criteria Dates and places of on-site audit Organizational and functional units to be audited Expected time and duration of audit including meetings with auditee’s management and audit team meetings Audit team work assignments taking into account auditor independence, competence and responsibilities of auditors,auditors-in-training and technical experts

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Working Documents for On-site Audit Working documents used by audit team include: Audit procedures, checklists and audit sampling plans; Forms for recording information, supporting evidence, records of audit findings and meetings Work documents and records should be retained at least until audit completion Work documents involving confidential information should be safeguarded

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS On-site Audit Activities - Opening Meeting l Objectives  To confirm audit plan  To clarify how audit will be performed  To establish communication with auditee l Participation  Auditee’s management  Staff responsible for audited functions, if appropriate  Audit team whose leader should chair meeting l Main Issues  Introduction of participants and their role  Audit objectives, scope, criteria and timetable  Audit methods, language, confidentiality and reporting

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Collecting information: document review interviews site visits Criteria On-site Audit Activities - Collecting Information Verification Review Audit conclusions Information Audit evidence Audit findings

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Possible Sources of Information for the Audit l Interviews l Observation of activities, work environment and conditions l Documents, for example  Q Policy, Q objectives and Q plans  Procedures, instructions, licences and permits,  Specifications, drawings  Contracts, orders l Records such as  Inspection records, reports  Minutes, logbook of customer complaints, audit reports l Data summaries, analyses and performance indicators

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS On-site Audit Activities - Closing Meeting (I) l Preparation Audit team should confer prior to the closing meeting to:  Review audit findings  Reach consensus on audit conclusions  Agree on roles and tasks for closing meeting l Participation  Auditee’s management and responsible staff  Audit team whose leader should chair the meeting

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS On-site Audit Activities - Closing Meeting (II) l Main Issues  Presentation of audit findings and conclusions  Acknowledgement by auditee and agreement on corrective action plan  Resolving diverging opinions  If specified, presentation of recommendations for improvement

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Audit Report l Should contain audit conclusions on:  Conformance of QMS to criteria  Effective implementation and maintenance of QMS  Effectiveness of management review process Report should also identify  units audited  audit client  audit team  dates and places of audit  audit criteria  audit findings

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Audit Report (cont.) l Audit report can also include:  Agreed audit objectives, scope and plan  auditee’s key representatives  summary of audit process including obstacles met  statement regarding confidential nature of report  any agreed follow-up actions  any unresolved divergences between auditors and auditee  recommendations for improvement, if specified in objectives l Distribution  to recipients designated by audit client

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Competence of QMS Auditors QMS auditors should have knowledge and skills in:  Audit procedures, tools and methods  Management systems and their standards  Organizational situations  Applicable laws  Quality techniques (terminology, principles and tools, for ex. statistical tools, FMEA)  Sector-specific products and processes

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Qualifications of QMS Auditors l Auditors should have ( minimum recommended)  sufficient education (secondary),  technical, managerial or professional work experience (5 y.)part of which is in QM (2 y.),  auditor training (40 hours),  audit experience (4 complete audits - 20 hours) l Auditor ’s personal attributes: observation, tenacity, independence, realism, ethics, diplomacy, cool under stress, oral and written expression

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS QMS Lead Auditors Lead auditors should demonstrate necessary knowledge and skills to lead and manage the audit:  planning  organizing  directing  performing  reporting Lead auditors should have performed additional audits (3 complete audits in 15 days) as lead auditor under supervision of a competent lead auditor Lead auditors should be able to reach audit conclusions on overall capability of QMS

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Certification Process Pre-assessment Initial visit Audit preparation The Audit(s) Corrective Actions Surveillance Certificate granted

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Some Certification Issues l Interpretation of ISO 9000 – National Committees, ISO/TC 176 l Credibility of certifier (see slide 28) l Accreditation programmes (see slide 28) l Cross – border recognition (see slides 29-32) l Certification costs

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS competence impartialityAccreditation  Confidence in competence and impartiality of certifier Accrediation is carried out to check conformance of QMS Certifiers with ISO Guide 62 (future ISO/IEC 17021) Accreditation Bodies should conform to ISO Guide 61 (future ISO/IEC 17011) Accreditation of QMS Certifiers

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Objective: One-Stop Assessment  Accepted Worldwide Possible Approaches  Mutual Recognition Agreements (MRAs) between two certifiers  Multilateral Recognition between certifiers  International Recognition between accreditors Cross-border Acceptance of Certificates

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Country X Country Y Certifier ACertifier BMRA Supplier 1Supplier 2 Disadvantages –Limited recognition –MRAs are time consuming and costly to establish and maintain Mutual Recognition Agreements (MRA)

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Examples:IQNet, IIOC, itqs, Regional CQS Delta TÜVBayern itqsIQNet QMI DQS APCER NSAI AENOR FCAV KEMA AFAQBSI bureaus of shipping and consultants Disavantage:Incomplete coverage of world IIOC SQS ÖQS Multilateral Recognition between Certifiers SGS DNV BVQI

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Mutual Recognition Mechanism (Peer Evaluation/Multilateral Agreement) Country B Country A Country C AA CCCCC SSSSSSSSS S: S: Supplier C: C: Certifier A: A: Accreditor International Recognition System (IAF)

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS Traditionally, NSBs carried out Product Certification  This involved the company quality system (ISO System No 5) With the advent of ISO 9000 then NSBs either  started a certification/registration system, or  co-established such as system with other bodies As Accreditation became widespread,  some NSBs established an accreditation system  others co-established such systems with other bodies Role of NSBs in Certification & Accreditation

AET9907C.PPT AUDITING AND CERTIFICATIONS OF QMS competence impartiality To ensure competence (technical and administrative) and impartiality To avoid conflict of interest  Consultancy on Management Systems and certification should not be combined  Certification and Accreditation should not be combined  Laboratory Accreditation and running a lab should not be combined Conditions for NSBs to be engaged in Certification & Accreditation