Considerations for Inclusions for an Audit Scope

S

Shannon

Hi everyone,

Can anyone tell me what some inclusions that should be considered for an audit scope?

This question is towards internal auditing following the guidlines of ISO 19011.

Thanks in advance

Regards,
Shannon
 
RoxaneB

RoxaneB

Change Agent and Data Storyteller
Super Moderator
Shannon said:
Hi everyone,

Can anyone tell me what some inclusions that should be considered for an audit scope?

This question is towards internal auditing following the guidlines of ISO 19011.

Thanks in advance

Regards,
Shannon
Click to expand...

I don't quite understand your question, unfortunately. Are you asking what should be included in the audit scope? I typically include:

  • Area/Process to be audited
  • Clause(s) to be audited
  • Documents to be audited
 
S

Shannon

Sorry it was a little off, what should be considered when determining an audit scope.

I have a few below that I would consider and the reasons why i would consider when determining the scope of an udit. any feedback would be great!

A) Risk, the risk to the area to be audited, are there any risks involved such as disruption to the auditees work that need to be considered?

B) complexity

C) processes

D) audit time. Is there enough time allocated to the area being audited? Will timeing effect the audit objectives?

E) results of previous audits. Are there any findings (non-conformances, follow up of previous audits to be checked?

Regards,
Shannon
 
Q

qusys

Trusted Information Resource
Shannon said:
Hi everyone,

Can anyone tell me what some inclusions that should be considered for an audit scope?

This question is towards internal auditing following the guidlines of ISO 19011.

Thanks in advance

Regards,
Shannon
Click to expand...

The reference are reported in ISO 19001 guidelines you are mentioning.
Some examples are: type of audit ( I mean first, second third part audit) ,the audited process including procedures, records etc., its premises, the time allocated to the audit...:bigwave:
 
Q

qusys

Trusted Information Resource
Shannon said:
Sorry it was a little off, what should be considered when determining an audit scope.

I have a few below that I would consider and the reasons why i would consider when determining the scope of an udit. any feedback would be great!

A) Risk, the risk to the area to be audited, are there any risks involved such as disruption to the auditees work that need to be considered?

B) complexity

C) processes

D) audit time. Is there enough time allocated to the area being audited? Will timeing effect the audit objectives?

E) results of previous audits. Are there any findings (non-conformances, follow up of previous audits to be checked?

Regards,
Shannon
Click to expand...

Hi Shannon,
I responded to your previous post without looking at this ( I was writing my post...).
However some ites you are citing have also been reported by me.
I do not understand the type of audit you are planning. Besided I think the scope of the audit is stricly linked to its objectives.
Then you shall also decide the criteria of the audit.
As to the point E) it is related to the evaluation of the effectiveness of previous CA. CA should be an input to the planning of a successive audit.

As to point A), the audit is a planned process , intrinsically it is a disruption given that you are allocating time with people that will be busy to do this and not doing their normal work , but I think it is part of their job itself. Not all people shall follow this, there are guides. If they shall respond or show something , they can be called on demand.
 
Last edited:
RoxaneB

RoxaneB

Change Agent and Data Storyteller
Super Moderator
Okay, I think I get it. I take all of the above into consideration when developing my audit schedule for the year.

(A) Risk
  • Is it an area that I will send new auditors into or seasoned ones?
  • Will the audit disrupt the areas ability to fulfill client requirements?
  • Should they be assessed once or more than once during the audit cycle?

(B) Complexity
  • If it is a complex process with lots of requirements, I look at whether or not the audits can be broken down into multiple audits or if a large system audit is better value
  • If there are numerous inputs and outputs, I try to schedule things so that audit trails can be logically followed up on
  • Complex may require more time (especially in preparation) - this is taken into consideration

(C) Processes
  • Do I want to audit one process?
  • Do I want to audit more than one process?
  • Are the processes related to or supportive of each other in any way?
  • Is the process currently undergoing any major transitions (tools, technology, document overhaul, etc.)

(D) Audit Time
  • Prep time - New auditors require longer to prep usually. Complexity is a factor. Number of processes is a factor.
  • Conducting - Complexity and number of processes come into play here. Number of auditees. Time of year - is it their "busy season"? Are many people on vacation? Is Management available?

(E) Results of Previous Audits
  • Any open findings related to the clauses assigned to be audited?
  • Do they have recurring findings?
  • Do they have a high number of findings on a consistent basis?
 
You must log in or register to reply here.

Similar threads

G
Steps for adding to Multi Site AS9100 QMS an ISO9001 Certified QMS - Anyone done this?
Replies
0
Views
62
gwitt140
G
T
ISO 13485:2016 Internal Audits method
2
Replies
18
Views
1K
QCBOB
QCBOB
M
External audit non conformity related to applicable regulations
Replies
9
Views
903
mihzago
mihzago
A
Internal Audit-Clause 7.4
Replies
3
Views
341
SeanN
S
G
Responding to Customer Audit
2
Replies
16
Views
370
ED76
E
Top Bottom