Oh, and HELLO to eveyone!!!

I start my new Quality Managers position wih my new company next week and I know I am going to have a ton of questions!
You all seem very bright and creative and I am sure i will be hanging out here a lot :)

Anyway the company I am going to is certified to the new standard but there are some noncons I have to deal with right off the bat, and they are due resolved in about 70 days.

One of them is training. The first thing I want to do it re-train all the auditors and set them loose.
Anyone have any good checklists, generic I guess.
Is so that would be great, you can e-mail them to me or post them.

Thanks a lot.

G.

Hullo G, and welcome to the Cove :bigwave:. Personally, I don't have any generic checklists, but you may find some in the Free Files (http://www.elsmar.com/pdf_files/)directory.

I also suggest a visit to the Auditing Forum (http://www.elsmar.com/Forums/forumdisplay.php?f=22)

Bring the questions. We'll try to help (And learn a bit ourselves in the process).

Over to the Cove dwellers...

/Claes

Welcome Gman, from another newbie.

At my company we do have element specific checklists, but I have never liked them - the questions on them never seem to be the ones I would ask.

Here is MY checklist for internal audits - well, actually my process. It is as generic as can be.

1. What am I auditing? What are the "shalls" that must be met? What is the intent behind the requirements, and how does it apply to our situation? What other elements of the standard are pertinent - records, training, resourcing, document control, etc. These questions are answered entirely from the standard.

2. Is our system conforming? What processes and procedures in our Quality System pertain to this requirement? How are they documented? Do they address all of the requirements of the standard for documented procedures and records? How do they relate to one another, and is the system internally consistent (i.e. are there conflicting requirements between different procedures, etc.)? Does it make sense? What are the good audit points? By audit points I mean observables within our processes - things that I should be able to see and verify. These questions are answered entirely from the documentation that exists within our quality system.

3. Are we following our system? This is where I start going out on the floor, talking to managers and front line workers, digging through records, etc. to see if the system that I audited in question 2 is the system that exists on the floor. I start with the audit points that I pre-determined, but rarely do I stop with them. There are always additional items and questions that come up, and you need to be flexible enough to adjust course as the situation dictates.

Anyway, that's the system I use - I'd like to hear from other folks who audit if they do it differently.

As far as training for auditors - They all need to have a consistent understanding of the standard - that may take a day or two. You can explain the auditing process to them in 5 minutes, but they need to practice it for a day or two in simulations - especially steps 1 and 2, which are often overlooked or under-appreciated. And they should definitely have some communications skills training - asking open-ended questions, LISTENING, and business writing - a good NC is useless if no one can understand it because it is poorly written.

Ed Gibbs

Yes! Welcome fellow Michigander. :bigwave: If you are in the Detroit area, there is a group of us that are planning on meeting on a monthly basis for lunch. You are more than welcome to buy, I mean join us :vfunny: (the buy part was a joke - you'll catch on to our unusuall sense of humor eventually)

Now, about the checklist. Are you looking for checklist the standard, or one that you would use as part of determining auditor competence? For the first, I would recommend, as part of the auditor training develop checklists for your processes and procedures. Most generic checklists are marginal for internal auditing. Mostly, you will be auditing against your own documentation and practices, so your checklists should be the same. Let me know if you want a generic standard (other than ISO/TS 16949). I am attaching a generic checklist.

Great post Ed, :agree:

I suppose most of us follow similar guidelines, but I for one have not put it in writng son nicely. Good job.

I would like to make one addition, however:

4. Is there a better ( cheaper, safer, faster, less complicated or whatever) way to do this? We also want to use the audit to search for improvement potential, right?

/Claes

As far as Audits go, Ed has a good baseline above... You would of course add in your process so the questions are targeted at your requirements.

I think that with a process approach to auditing, the first step is to define the scope of the audit you plan to conduct (what is the process you are planning to audit?) and what are you auditing that against? are you auditing it against a particular standard? or against your own quality manual? or against several standards? or some other requirements?

Once you have the scope and the process to be audited, then it gets much easier to complete the checklist... focus on the Inputs and Outputs of that process and on the internal checks and balances within the process. Also keep in mind that problems can and do arrise in any process, that is why I added # 5 to Ed's list (including Claes # 4 above)...

5) How do you know when there is a problem? Have you experienced any problems recently? and what steps do/did you take to try and resolve them?

Oh yeah, we also like to ask people on the shop floor if they know what our Quality Policy is and how their work contributes to the overall success of our company. E

PS: I also think it helps to involve your auditees in the development of a checklist. If you are going to conduct an audit with 7 requirements on your checklist, give the auditee an opportunity to add one or two more items to your checlkist. This lets you audit against your requirements and gives the auditee an opportunity to focus part of the audit on one or two areas they are concerned with...

Good additions folks, thanks.

I guess as far as checklists go I really have at least 2 sets, and I develop them as I go.

Checklist 1 is developed in Step 1, and lists the auditable requirements of the standard for our Quality System. That is the checklist I use as I go through the QS in Step 2 and audit the SYSTEM for compliance to the standard. If I write a NC at this point it will be against our QS, and it will reference the clause in the ISO standard that the QS doesn't meet. So I might write a NC that says "There is no evidence of a documented procedure for... as required by ISO-9001:2000 clause..."

Checklist 2 is developed in Step 2, and lists the audit points I find in our QS for use in Step 3. I use this checklist during the floor audit, and if I write a NC from this checklist it will be against actual practice and reference our QS. So it might say "Records of calibration of test equipment are not being maintained in blue boxes as required by company procedure... in the production area." I would not normally write a NC referencing the ISO standard in step 3 because the people on the floor are not working to ISO, they are working to our procedures, which I have already determined to be/not be compliant to the ISO requirements in step 2.

What about steps 4 and 5? How are the checklists for those steps developed, and how would you write a NC in those parts of the audit? What if someone says in Step 5 "I had a problem last week, but my boss told me to ignore it." Is that a NC? If so, is it a NC to the ISO standard or to the internal procedures?

Ed Gibbs

What about steps 4 and 5? How are the checklists for those steps developed, and how would you write a NC in those parts of the audit? What if someone says in Step 5 "I had a problem last week, but my boss told me to ignore it." Is that a NC? If so, is it a NC to the ISO standard or to the internal procedures?
Ed Gibbs
I will comment on #5 and trust Claes to do the same for #4...

I usually look to include a few questions targeted at problem identification and resolution. This can lead you in many directions... what are the control parameters? What equipment requires calibration? what happens if equipment calibration has expired? Who controls the process? have they been trained in how to control the process? what evidence shows that they are competent to perform that task? who has the authority to make a decision regarding that process? how are problems identified? who makes a decision on when actions need to be taken to resolve a problem? is that authority defined? if so, where is it defined? etc...

It would depend on your system as to whether your above statement would be a nonconformance... At the least, I would want to ask more questions regarding that statement and maybe have the opportunity to question their boss. Perhaps it's ok for the boss to give the authorization to run outside a control parameter? perhaps that boss is aware of other issues which caused him to make such a statement? perhaps you exceeded your in-process control parameters but steps were already underway to bring the process back in control? or while you may have exceeded the in-process control parameters, the final product attributes will not be adversely affected?

~ERL~

What do the Auditors need retraining in?

If its basic Audit Skills the web presentation available here (the link is at the top of the page) is quite usefull.

If they need converting to ISO9000:2000 then get a training body in and do them all on a 2 day Internal course.

Process Auditing itself is a skill on its own - maybe another training course?

What about steps 4 and 5? How are the checklists for those steps developed, and how would you write a NC in those parts of the audit?

Well... Step 4 may not be a separate step as such...

I just keep thinking that way through the entire audit, and do not issue a NC for improvement potential found, unless I can pin it to the std or our system. We don't call them NC's btw. (We call them improvement issues) I make very certain however, that I mention the potential in the audit report text.

/Claes

and set them loose.
Anyone have any good checklists, generic I guess.
Is so that would be great, you can e-mail them to me or post them.
Look up a company called Sunrise consulting in NC. They have some great info very cheap. I don't have their brochure or I would give you the phone number. What you will get is a checklist, but also a list of what auditors should look for to comply with the checklist.

I have not done any auditing in the past year, but I tended to generate internal audit checklist(s) tailored to the specific requirements of the internal audit(s) - I do this the first time I audit in an area, thereafter, I may re-use a checklist as long as the procedure/process/product under audit has not undergone radical change.

Your internal audits checklists should be based on the requirements in your processes, products, & procedures. I'm not too sure that my checklists would help you for internal audits - my processes, products, & procedures are more than likely very different than the processes, products, & procedures you deal with.

We are using the attached as the checklist for all of our process audits. This is the checklist our registrar will be using. It requires a great deal of "out of the box" thinking by our auditors. Product audits use the individual control plan, FMEA, etc. while the system audits will use the QSA checklist with defined documents, records, etc.

Try this

Hey, good posts Martin, and Valeri. Although, Valeri the problem I have with your form is now internal auditor will actually prepare for the internal audit, and that of course goes against everything we know.

I might just use that form in my training, if I may.

Great job, Martin, I like it. I was trying to come up with something similar, but I'm not all that creative (oops, that's another thread)

Hey, good posts Martin, and Valeri. Although, Valeri the problem I have with your form is now internal auditor will actually prepare for the internal audit, and that of course goes against everything we know.

I might just use that form in my training, if I may.
During training they give us these..

IVe seen COPS's and Turtles in a lot of TS16949 training material.

I wonder why this specific approach is pushed by TS16949 training when it is not an explicit requirement of the standard.

A good approach none the less.

I think cause there is a specific way to put on the floor the ISO/TS
requirements and Plexus sell them nicely to AIAG ... good business for them

:bigwave

Hey, good posts Martin, and Valeri. Although, Valeri the problem I have with your form is now internal auditor will actually prepare for the internal audit, and that of course goes against everything we know.

I might just use that form in my training, if I may.
Not a problem - use away. I do use the form for training my internal auditors and that does cause a stir!! The plants are actually planning to give one of these form to each of the process owners to fill out for practice purposes prior to the registration audits in October.

I have reviewed many of the checklists posted here and they are really good, I may use some of the ideas posted here. I thought that I would share my thoughts as well on this subject.

I have auditors who are not really well versed to the standard and get that deer in the headlights look at the mention of concepts of auditing or anything to do with the QMS. So I have had to design systems and checklists that sort of trick them into using things. I have created a checklist that tells an auditor where to go, what to look for specifically and whom to interview. If I did not they would be clueless and my audit program would be a flop.

You may ask why the company doesn't send these auditors for training. Well, they simply do not have the resources, it is a very small company and we all wear many hats (as I am sure many of my counterparts here do as well).

My checklist requires a little more work on my behalf to write, but so far has been more useful to my auditors. Also, this is just for M.O.P.'s (management oriented process), I still need to draft S.O.P. & C.O.P.'s checklists yet.

Take a look and see if it will help you.

Regards,
fox

I have also considered creating such checklists in the past, but felt they were too restrictive, and took so much time to produce it would be quicker to do the audit myself.

There is also the danger that by leading the auditor too much by the nose you are in effect removing his impartiality.

I have also considered creating such checklists in the past, but felt they were too restrictive, and took so much time to produce it would be quicker to do the audit myself.

There is also the danger that by leading the auditor too much by the nose you are in effect removing his impartiality.

I agree with you statements but, my experience taught me that you need to help "rookies" auditors in the way that you tell them what's to look then as they make more audits / get more experience you can "lead" them to make/use his/ her own checklist, style, ability- skills, criteria, etc.

I have also considered creating such checklists in the past, but felt they were too restrictive, and took so much time to produce it would be quicker to do the audit myself.

There is also the danger that by leading the auditor too much by the nose you are in effect removing his impartiality.

You are an auditor by trade. What comes natural to you may not be true for Internal Auditors who have the necessary skills for the position they were hired to do. Checklists are a necessity for those who do not live and breath "Audits". :agree:

In almost all of cases internal auditors have another duties ( belongs to all areas/ departments/ functions ) and eventhough the decided to response to your invitation they cant forget of his/ her basic duties...and sometimes they cant give their best because they are loaded with this basic things which they get his/ her salary... and this lead us to management support, etc.

In real life, we need (internal audits coordinator- management representative) to understand- live with it and develop a plan to comply appropiarly with this two situations.

Perhaps a companies unwillingness to provide proper trained and competent audit resource is indicative of an underlying general lack of top management commitment to quality.

Yes I know we all have to live in the real world - hence my utter disillusionment !!

I cant imagine we would ever call on the temp in accounts to 'come and design this when you have a spare moment'.

Perhaps a companies unwillingness to provide proper trained and competent audit resource is indicative of an underlying general lack of top management commitment to quality.

Yes I know we all have to live in the real world - hence my utter disillusionment !!

I cant imagine we would ever call on the temp in accounts to 'come and design this when you have a spare moment'.

On the other hand if they place all of their resources in non-billable activities, then there would be no billable activities, and hence, no business. As far as using temps, over here, they are used all of the time. There are many design houses that will rent a temp designer, or a temp anything else. Sometimes that is the best alternative. But rarely, do you use someone who does not have the expertise to perform the work (such as your "temp in accounts" designing stuff).

Management is being pulled in everywhich direction these days. Their customers want one thing, the government wants something else, the union still a third. No wonder they want the big bonuses.

As true as most of the statements above are, the reality is that if your system is well designed to the standard you can create a checklist designed around that system in which your auditors look for the particulars to see if you are living within the documented system. This way also cuts back on differing interpretations also.

In my experience I have found that most audit training by registrars and their checklists are too generic to be useful to rookie internal auditors who have other duties. If you are going to pull people from other areas they do not have the time to get retrained each time they audit, or have to try and remember what exactly 5.6 is looking for for evidence of compliance. Instead point them in the direction and ask them to verify it is being done. This would also save on cost of sending them to an outside class or bringing someone in who will generally only cover generalities of the standard rather than cite specific examples of compliance and non-compliance.

I just suppose it depends on your companies environment and the level of willingness of the internal auditors to get imersed in the program.

-fox

Cleverfox; that's is what I am trying here, one or two days before each audit I have an informal meeting with the auditor to check if he have everything needed to do it;so they clarify all doubts/requirements in advance.