Traning Process Approached Internal Audit(Change Background) doc

Course Objectives To provide participants with the necessary competency in:  Planning & conducting Internal  Audit by using the IATF Process Approach techniques  Reporting & follo

ISO/TS 16949 Process Approach Internal Auditing Training

Nui Thanh, March 20 - 2013

Course Content

 Session 2 Introduction to Auditing

 Session 4 Audit Planning

 Session 5 Conduct Audit

 Session 7 Post-audit Actions

Course Objectives

 To provide participants with the necessary

competency in:

 Planning & conducting Internal

 Audit by using the IATF Process Approach

techniques

 Reporting & following up the audit findings

effectively

STRIVE FOR EXCELLENCE

BERUSAHA KE ARAH KECEMERLANGAN

ISO/TS 16949 BACKGROUND

1

What is ISO/TS 16949?

requirements.

(IATF) and Japan Automobile Manufacture

Association (JAMA), supported by ISO/TC 176

and VDA 6.1 (German) automotive catalogs.

Japanese automotive manufacturer.

ISO/TS Development

1st Edition

ISO/TS 16949:1999

2nd Edition ISO/TS 16949:2002 (OFFICIALLY PUBLISHED

ON 25 MARCH 2002)

3rd Edition ISO/TS 16949:2009

ISO/TS Goals

Continual improvement

Emphasis on defect prevention

Reduction of variation and waste in the

supply chain

Intention of ISO/TS 16949

￭ To avoid multiple certification

￭ To provide a common QMS approach in the Automotive industry

Additional Requirements

ISO 9001

Together with customer-specific requirements, ISO/TS

16949 defines the quality system requirements for use in the automotive supply

chain.

STRIVE FOR EXCELLENCE

BERUSAHA KE ARAH KECEMERLANGAN

Introduction toAuditing

2

What is audit ?

A ‘check & balance’ process to ensure activities are performed in an appropriate and effective manner.

Usually conducted on an independent basis.

Objective evidence is required.

“ Systematic, independent and documented process for obtaining audit evidence and evaluating it

objectively to determine the extent to which audit

criteria are fulfilled.”

Source: ISO 9000: 2000

Type of audits

Your own Organisation

Certification Body

Purpose of Internal Audit

Assess the overall process control

Ensure conformance to the Documented Quality System & Standards

Evaluate the effectiveness of the key

processes in achieving their objectives

Investigating problems (product or process) Way of improving the current QMS

What To Look For During Internal Audit

3 key aspects of a process

Improvement

Effectiveness

Conformance

What shall

be done

What is actually done

vs

 Conformance is the basic principle

 Compare the actual activities against the audit criteria In other words,

“do what have written and recorded down what you have done.”

 How do we know if a process is effective? It is

 Able to maintain ‘mountains’ of documentation?

 Able to follow Procedure strictly?

 Able to produce results?

Effectiveness of a process is shown by the result it

achieved with the delivered output Hence, auditors shall

look at indicator / measurable metrics to tell is customer

requirements are met.

 Look for trends

 Compare current result against past results

3 types of internal audit

To verify conformance to ISO/TS

16949 Standard & customer specific requirements (CSR).

Focuses on the Manufacturing Process within the total quality management system.

Focuses on product characteristics that lead to the verification of the achievement of product requirements.

Common Internal Audit Failure

♦ Perceive audit as waste of time.

♦ Lackluster auditor selection

process

♦ Lack of proper system to train

auditors

♦ Inadequate process to evaluate

ability to perform audit.

♦ Over reliance on Quality department

♦ Poor auditor judgment leads to lack of confidence in internal audit result.

♦ See auditor as fault finder or trouble maker

STRIVE FOR EXCELLENCE

BERUSAHA KE ARAH KECEMERLANGAN

Audit Overview

3

Audit Planning

1

Prepare annual audit schedule

Prepare audit plan

Prepare Checklist

Conducting audit

Collecting & verify audit evidence

Evaluate audit evidence against audit criteria

Audit Reporting

3

Auditor review meeting

Review audit finding with auditee

Conclusion & Report Writing

Closing Meeting

Corrective Action and Follow-up

4

Circulate Audit Report

Update Audit Schedule

Corrective Action performed

Verify completed actions

Close case

Auditors Competency

 Auditors for ISO/TS 16949 are required to

demonstrate competency in the understanding of:

 ISO/TS 16949 Standard – latest.

 Audit methodology:

 Conducting opening & closing meetings

 Writing non-conformances

 Closing out non-conformances

 Automotive process approach auditing technique.

 Core tools (APQP, FMEA, SPC, MSA, PPAP)

Customer- specific requirements.

STRIVE FOR EXCELLENCE

BERUSAHA KE ARAH KECEMERLANGAN

Audit Planning

4

Audit Planning

Prepare Annual Audit Schedule

Prepare Audit Plan Prepare Checklist

COPs are processes which start with the customer

input and results in outputs delivered to the customer COPs are primary processes which interact with the customer.

Customer Oriented Process

Customer

I 0

Organization

Multiple COPs in an Organization

Customer

Organization

O

Interaction with customer

Interaction of one COP with another

• Within an organization, there are many COPs

• Each COP interfaces with the customer

I I O I OI O O I

Understanding audit criteria requirement

>>Output – Trail Mapping

Time Planning

>>Output – Audit Plan

Ensure completeness of the audit

>>Output – Audit Checklist

Jelly Fish Diagram

Annual audit schedule

Auditor Audit Preparation

Process Analysis

Understanding audit criteria Time Planning

Ensure completeness Audit Checklist

Audit Plan Trail Mapping

Trail

Understanding the process

Usually 3 methods can be used to understand the process.

Before that, confirm the scope of audit area Where to start and where to end.

It can be presented in process outline, process flow etc

Question Ask the auditee to explain their process

Audit Trail

Example – Incoming activities

Received raw material

Inspect raw material

Store raw material

Issue raw material

Understanding Audit Criteria Requirement

 Audit Processes are required to fulfill one or more audit

criteria requirements Audit criteria can include

» ‘Shall’ – mandatory requirement

» ‘Notes’ – for guidance in understanding or clarifying

the associated requirement

» ‘should’ in a Note is for recommendation only

» ‘such as’ – suggestions given are for guidance only

ISO/TS 16949 Requirements

0 Introduction

1 Scope

2 Normative reference

3 Terms and definitions

4 Quality Management System

7.4 Purchasing 7.5 Production & Service provision 7.6 Control of Monitoring & Measuring devices

8 Measurement, Analysis and Improvement

8.1 General 8.2 Monitoring & Measurement 8.3 Control of Nonconforming Product 8.4 Analysis of Data

8.5 Improvement

How? (method, technique)

With Who?(skill, training)

What key criteria?

(measurement, assessment)

With What?

(equipment, material)

OUTPUT INPUT

Process Analysis

Process

4 Questions about a Process

• Who - Who is responsible and what kind of competency does he need?

• What - What kind of resources are needed to achieve the desired result?

• How - What methods & techniques are deployed to control the process?

• How Many - What is performance measurement of this process?

Process Analysis

• The order of analysis is

suggested by most of the

audit practitioners.

• The boxes invite note-taking

during actual on site audit.

Process Analysis Sequence

1 Enter COP name or support process name.

2 Enter details of actual output (e.g products & documents).

3 Enter details of the machines, materials, equipment, computer system and etc.

4 Enter resource requirements (e.g skills

& competency criteria).

5 Enter details of linked process controls, support process, procedures, methods and etc.

6 Enter the measures of process effectiveness, e.g matrix and target.

7 Enter details of actual input (e.g documents, materials, tooling & schedule).

Audit by Process Approach

A process in sequence:

When auditing, look at the process from various angle.

An output of previous process becomes the input to the next process Processes are interlinked!

Audit Checklist

Aide Memoire

Concise

Should follow ‘process’

Avoid tick sheets

Should not take over Audit

Separate checklist for each area

Useful for new Auditors

Can evolve overtime

Aids time management

Checklist is a tool to verify ‘completeness’ of audit,

NOT to take over audit!

Relations of Core Tools

Contract

Review

Feasibility Review

APQP

Phase 1

APQP Phase 4

APQP Phase 2

APQP Phase 5

APQP Phase 3

7.2 7.1

7.3 6.0 7.3

7.3 7.5.2

7.5 8.0

How to Audit Core Tools?

 Select a few products as ‘audit sample’

 Use the products to run though each phase

of APQP (process approach)

 Ask for the relevant documents/records to justify if the activities in each phase of

APQP are executed to meet customer

needs.

Auditing Production Part Approval Process (PPAP)

 Screen the automotive customers

Auditing Customer Specific Requirements (CSR)

 Customer Specific Requirements are identified at the beginning

Quality

Special Characteristic

Product & Process Design

Business Process

Communication

System Related Requirements

PPAP

Delivery

Incorporated Incorporated

How to Audit FMEA?

 Look at FMEA triggering

events

New Product

Modified Product

Control Plans FMEA

 Look at the S, O, D, & RPN before and after actions are taken.

 See if the actions are incorporated

as control point

How to Audit MSA?

 Repeatability

 Stability

 Look at the analysis

 Examine the actions

taken

APQP Phase 4 Validation

SPC

Identification

Execution monitoring

Analysis Actions

APQP Phase 5 Mass Production PPAP

STRIVE FOR EXCELLENCE

BERUSAHA KE ARAH KECEMERLANGAN

Conducting Audit

5

Conducting the Audit

Conduct Opening meeting

Collecting & verify audit

evidence

Evaluate audit evidence

against audit criteria

Opening Meeting Agenda

1 Introduction

2 Purpose and scope

3 Plan for the day

4 Explanation of auditing process

5 Confirm authorized person to acknowledge audit report

6 Reporting method

7 Any questions

Basic Steps in a Process Approach Audit

♦ Reviewing the list of customer Specific Requirements ( CSR ).

♦ Identifying the process owner, their responsibilities and authority.

♦ Reviewing process measurement ( e.g related to COP ) before

conducting audit.

♦ Compare business goals & objectives to customer goals & objectives.

♦ Understand the basic business process flow and follow through.

♦ Reviewing process linkages and interactions.

Basic Steps in a Process Approach Audit

♦ If the product or process meet specification with no

negative trends, then.

 Ask about the basic building block of the process

and determine the auditee knowledge of the process.

 Ask the auditee how they measure the process

effectiveness and how they interpret the result.

 Ask how they built on steps to achieve continual

improvement.

Basic Steps in a Process Approach Audit

♦ If the product or process does not meet

specification or has negatives trends, then

• Ask if Top Management involved.

• Ask who is responsible ( process owner )

• Ask what step is not being followed in product realization processes.

• Ask when the negative trend started.

• Ask how the organization contain the problem.

• Ask if root cause has been found and corrective action implemented.

• Ask if similar process being reviewed.

• Ask if FMEA and control Plans reviewed & updated.

• Ask if Product Audits reviewed & frequency increased.

Collecting & Verifying Information

Method include

Interview Observe activities Review

documents

‘Audit Triangles’

Question (Ask them what they do)

Observe

(See what they

actual do)

Check (What the procedure say they should do)

Asking Question – Filter Funnel

 Open questions

Encourage Auditee to talk freely

Use What, Where, When, Why, How, Who?

Key Points for Interview

provide you with evidence that the key processes are conformed to the requirements and they

effectively implemented.

How to Audit Processes without Documented Procedures?

Identify Key processes

in the activity

Understand the processes

How

Examine Evidence/ results

Activities

Weight results

Vs Audit criteria

Relate to ISO/TS 16949 Requirements

Records

● Auditors should look for “ Documented QMS”, NOT “System of Documentation!”

 Use the control plans

 Select 2~3 products as audit samples to walk-through the processes; look

at actual activities vs control plan

 Link the activities with ISO/TS requirements

Put People at Ease

 Find best place for interview

 Reason for interview & note taking should be explained

 Smile when appropriate

 Avoid barriers, e.g across table

 Keep at same physical level as Auditee

 Be assertive

 Don’t infringe ‘personal space’

 Be open in speech and manner

 Use humour- but only if appropriate

 Be calm, cool and objective

Interview Process

1 Identify individual to be audited

2 Introduce yourself

3 Explain why you are there & ‘break the ice’

4 Ask open question (s)

5 Ask the detailed questions

Audit Evidence Audit Criteria

Audit Finding

‘Weigh’ Evidence against criteria to obtain Audit Finding

Evaluate Audit Evidence

STRIVE FOR EXCELLENCE

BERUSAHA KE ARAH KECEMERLANGAN

Reporting Audit

6

Reporting the Audit

3 Auditor review meeting

Review audit finding with auditee

Conclusion & Report Writing

Closing Meeting

Auditor Review Meeting

findings

 Purpose: To review audit findings in a collective manner

Audit Report

 A formal, factual and agreed record of

Audit including nonconformities, observations, corrective action, timescales, conclusions, recommendations

Audit Report Should Include

♦ Identification of client and audited organization

♦ Audit objectives, scope and plan

♦ Audit criteria

♦ Date & place of audit

♦ Audit findings

♦ Identification of auditees

♦ Identification of audit team

♦ Summary of audit process

♦ Statement confidentiality

♦ Report distribution

♦ Evidence objectives of audit achieved

♦ Agreed action plans

♦ Unresolved opinions

 Source: ISO 19011

Typical Audit Report Content

Non- Conformity

Statements

(NC)

Opportunity for Improvement

(OFI)

Conclusion

Nonconformities Should

 Be factual/ objective

 Be clear and concise

 Make reference to the relevant clause number of Quality Standard/ Company document

 Be locatable by other Auditors

 Define the exact instance - Objective Evidence

 Be given a unique identifier

 Be categorized (e.g NC or OFI)

 Be accepted/ signed by authorized personnel representing auditee.

Internal Audit Finding Classification

 Classification of non-conformity into major

or minor is Not a requirement for internal

audit.

 However, it is the requirement during the certification audit carried out by third party.

Minor Nonconformity

 A failure in some part of the organization’s

documented QMS relative to ISO/ TS16949, or

 A single observed lapse of following one item of a company’s QMS

 Does NOT result in:

 Reduced ability to assure control of process or products & failure of the QMS.

- Source: Rules for achieving IATF recognition.