process audit and iso

Audit ProcessInternal Audit Process & ISO

Presented By -Sadaf HublikarQuality Analyst

Introduction An audit is an evaluation of a person,

organization, system, process, enterprise, project or product.

Audits are performed to ascertain the validity and reliability of information, also to provide an assessment of a system's internal control. The goal of an audit is to express an opinion of the person, organization or system in question, under evaluation based on work done on a test basis.

What is an Internal Audit? Internal auditing is an independent, objective

assurance and consulting activity designed to add value and improve an organization's operations.

It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.

ISO Standard As per ISO Standard Quality is defined as"The totality of features and characteristics of a product or service that bear on its ability to satisfy stated or implied needs". 

Latest ISO 9000 series

ISO9001:2008 is Quality management systems – Requirements

PreviousAdd latest Versions

ISO9004:2009 is Managing for the sustained success of an organization – A quality management approach

Revised Quality Principle

5. Improvement

2. Leadership

7. RelationshipManagement

4. Process Approach

1.Customer Focus

6. Evidenced-Based decisionmaking

3. EngagementOf People

Quality Principles

Purpose of Audits Detection

Protection

Prevention

Objectives of Audit To provide assurance and reassurance. Implementation of any system developments Amendments to processes Formation of policies, procedures and controls Recommending actions to mitigate the risks arising Feedback and feed forward controls

Internal Audit Framework Planning

Performing

Reporting

Planning the Audit

Research Risk Assessment Audit Strategy Preliminary Survey

Policies and Procedures Inputs and Outputs Control Steps People

Conti…Identify Issue or

ConcernWork plan

Identify Staff Form Audit team

Team Meeting

Identify Audit Requirements

Identify Objectives

Contact Auditee

Identify Type of Audit

Develop Expectations

Objectives ,Scope & Methodology

OSRS for each objective

Applicable Audit Standards

Engagement letter

Performing Depending upon the audits to be

performed, Auditing Standards prescribe different requirements.

For example: In an operational audit, the audit team should test the compliance with applicable laws and regulations that is as per ISO standards.

Data Collection & Analysis

Evidence

Working Papers -Schedules -Interviews -Observations

Analysis of Evidence

Developed Findings

Update QARS

Collect and Analyze information pertaining to objectives and subjective-Cause-Effect -Recommendation

Reporting Auditing and Reporting are not separate

activities but represent a single integrated process.

Thus report is assembled and crafted into a cohesive and

comprehensive document after data collection and analysis is been done respectively.

ProcedureTeam Meeting

Outline Draft Report

Write Draft Report Audit Manager Review

Independent Report Review

Process Draft Report

Process Final Report

Quality Control

Draft Report to Auditee

Auditee Written Comments

Auditee Comments Added

to ReportIssue Final Report

Post Audit Evaluation Once the Final Report is issued, the audit

team perform a post audit evaluation to discuss the strength and weakness of audit and suggest

the ways to improve quality of future audit efforts.

Conti..

Team MeetingDiscuss

Strength & Weakness

Develop Suggestion for Improvement

Staff DevelopmentAudit Quality and Timelines

Identify Audit Leads Work Plan Proposal

Thank You