ISO 9003 Internal Audit Program

The following material will introduce our ISO 9003 Internal Audit Program. However, it will not present the complete Program. Instead, it will show you how our Internal Audit Program is organized and it will provide you with several detailed samples of our approach. Once you've examined our approach, we hope you'll consider purchasing our complete ISO 9003 Internal Audit Program.

We begin with a table of contents. It shows how we've organized our Internal Audit Program. Next, we present an overview of the Program. This overview shows that it is made up of seven separate phases. Since you probably want more than generalities, we've also included a sample of our audit questionnaires. We've included one detailed questionnaire
(the complete ISO 9003 Internal Audit Program has 16).

Once these kinds of questionnaires and worksheets have been completed and the audit file has been done, it's time to review the file. In order to fulfil this requirement, we've developed a file review questionnaire. You'll find the complete questionnaire in the material that follows.

If you like our internal audit approach, please consider ordering our program.

We have two versions of our ISO 9003 Audit Program: a hardcopy version and an electronic version. Our hardcopy version comes in a three-ring binder. We've used a binder so that you can add your own working papers and documents to the audit file. As you carry out your audit, you will gather or create a variety of notes, queries, forms, and reports. If you add these items to your audit binder, you will automatically create a complete record of your audit. Our electronic version is available in Word 97 format on a 3.5" diskette (Windows 95/98/NT only). We provide an electronic version of our Program so that you can create your own unique audit program by customizing ours.

If you purchase our ISO 9003 Internal Audit Program, you'll find that it's integrated, detailed, exhaustive, and easy to understand. You'll find that we've worked hard to create a high quality program. In fact, we guarantee the quality!

PART	INTRODUCTION	PAGE
A	Identification	1
B	Table of Contents	3
C	Program Overview	4
D	Audit Plan	9
E	Audit Procedure	12
PART	AUDIT PROCESS	PAGE
4.1	Management Responsibilities	13
4.2	Quality System Requirements	17
4.3	Contract Review Requirements	21
4.4	Does not apply to ISO 9003	00
4.5	Document and Data Control	23
4.6	Does not apply to ISO 9003	00
4.7	Customer-supplied Products	26
4.8	Product Identification and Tracing	28
4.9	Does not apply to ISO 9003	00
4.10	Product Inspection and Testing	30
4.11	Control of Inspection and Test Equipment	32
4.12	Inspection and Test Status of Products	36
4.13	Control of Nonconforming Products	38
4.14	Corrective Action Requirements	40
4.15	Handling, Storage, and Delivery	42
4.16	Control of Quality Records	44
4.17	Internal Audit Requirements	46
4.18	Training Requirements	48
4.19	Does not apply to ISO 9003	00
4.20	Statistical Techniques	50
PART	CONCLUSION	PAGE
T	Audit Evaluation	52
U	Audit Summary	54
V	Audit Report	58
W	File Review	60
X	Implementation	63

Our ISO 9003 Internal Audit Program has seven phases.
The following material will introduce these phases.

Phase 1 asks you to prepare an internal quality audit plan. In order to do so, you would use our planning checklist and our outline (in Part D). Once you’ve answered all the planning questions and prepared your plan using our outline, you’re ready to perform the internal audit.

However, you need more than a plan. You also need an internal audit procedure. Part E introduces this audit procedure. The first step in this procedure is to study our audit questions. These are listed in 16 audit questionnaires. We’ve developed 16 questionnaires because ISO 9003 has 16 sets of requirements.

Once you’re familiar with these questions, you can begin collecting evidence. You need evidence to answer the questions. Collect evidence by interviewing auditee personnel, reading documents, reviewing manuals, studying records, analyzing data, observing activities, and examining working conditions.

As you collect your evidence, answer each audit question and record your observations using our 16 questionnaires. Three answers are possible: Yes, No, and N/A (not applicable). If you’re sure that the answer is Yes, then place a check mark in the Yes column. Similarly, if you’re sure that the question does not apply to your situation, then place a check mark in the N/A column. In these two cases, no further action will be required.

But, if it looks like your answer could be No, pause for a moment. You could be looking at a nonconformity. But before you say that it is definitely a nonconformity, find some objective evidence. If you find enough evidence to prove that it is a nonconformity, place a check mark in the No column.

In order to help you to investigate possible nonconformities, each of the 16 Parts (4.1 to 4.20) also has a form that allows you to list possible nonconformities, summarize evidence, and formulate conclusions.

Once you’ve collected and recorded your evidence, you can formulate and record conclusions about the nature and extent of the nonconformity. Based on your evidence, you can conclude that a nonconformity does exist, or that it does not. Based on your evidence, you can specify how widespread the nonconformity is, what causes it, how important it is, and so on. If you’ve concluded that you’ve found a definite nonconformity, go back to the associated audit question and answer No.

Once you’ve collected all your evidence and answered all the audit questions, you’ve completed the internal quality audit.

Now you’re ready to audit the audit process. Please use the audit evaluation questionnaire in Part T for this purpose. This audit evaluation questionnaire is designed to help the Lead Auditor ensure that the quality system audit was carried out in a fair and reasonable manner. Its purpose is to help the audit team do a good job and to help improve the performance of future audits.

Just like the previous set of questionnaires, No responses point to nonconformities that must be addressed, while Yes and N/A responses can be largely ignored. But unlike the previous audit, this one identifies audit nonconformities while the previous one identifies quality system nonconformities.

At this point you’ve audited the quality system and you’ve audited the auditing process. Now it’s time to summarize your results. Part U provides a checklist and some worksheets to help you do this.

Please use the checklist as a guide, and use the associated worksheet to list your nonconformities and summarize your evidence and conclusions. Please remember to cross-reference your summary to the corresponding audit questions and Part numbers (4.1 to 4.20).

Part U also shows you how to summarize your audit results in more quantitative terms. It provides two simple worksheets for this purpose. One shows you how to calculate compliance scores while the other shows you how to calculate nonconformance scores.

These scores can be used in at least two ways. Firstly, they can give you a quick way of determining where remedial resources ought to be allocated and therefore which areas your audit report ought to emphasize. Secondly, these scores can be used to measure whether the performance of your quality system is improving over time.

Now that you’ve summarized your internal audit results, you’re ready to prepare your audit report. In order to do so, please use our reporting checklist and our report outline (Part V). Our reporting worksheets, and our ISO 9003 Internal Audit Program as a whole, will help you make sure that your audit report is accurate, exhaustive, and well organized.

Your audit report will list the nonconformities you have discovered and summarize the observations you have made. In addition, it will summarize the evidence you have collected and discuss the conclusions you have drawn. Finally, it will discuss the recommendations that should be implemented in order to remove nonconformities and improve quality system performance.

Once the audit has been completed and the audit report has been finalized, it’s time for the Audit Manager or Senior Audit Executive to review the audit file. The file review is carried out by answering a set of file review questions (Part W). These questions are designed to ensure that the file is complete and that all audit tasks have been carried out. Also, it gives management a chance to evaluate the quality of both the audit and the audit file.

The final phase in the Program asks you to monitor the implementation of your audit recommendations. The form in Part X is provided for this purpose. Simply list the recommendations that were made and make sure that you cross-reference each one to the associated Part number and audit question. Then all you need to do is track the implementation of each recommendation by specifying who authorized implementation and when the implementation process was officially completed.

Q	AUDIT QUESTIONS	YES	NO	N/A	OBSERVATIONS
1	Have you designed and implemented a quality record keeping system?
2	Have you developed procedures to control your quality record keeping system?
3	Have you identified and defined the quality information that needs to be collected?
4	Have you developed methods and procedures to collect quality system information?
5	Have you developed methods and procedures to record quality system information?
6	Have you developed methods and procedures to file quality records?
7	Have you developed methods and procedures to index quality records?
8	Have you developed methods and procedures to store quality records?
9	Have you developed methods and procedures to maintain quality records?
10	Have you developed methods and procedures to remove quality records?
11	Have you developed methods and procedures to archive quality records?
12	Have you developed methods and procedures to destroy quality records?
13	Do you have procedures to protect quality records from unauthorized access?
14	Do you have procedures to prevent quality records from being altered without approval?
15	Do you have procedures to safeguard quality records from damage or deterioration?
16	Can your quality record keeping system prove that your quality system is implemented?
17	Can your quality record keeping system prove that your quality system is effective?
18	Does your quality record keeping system define how long old records must be retained?
19	Does your quality record keeping system ensure that all quality information is dated?
20	Does your quality record keeping system allow information to be retrieved without difficulty?
21	Does your quality record keeping system produce documents that are easy to read?
22	Does your quality record keeping system also include records provided by suppliers?
23	When contractually required, do you allow customers to access your quality records?

Q	FILE REVIEW QUESTIONS	YES	NO	N/A	COMMENTS
1	Has Identification page been completed?
2	Has an Audit Plan been prepared?
3	Have all audit sections been completed?
4	Has the audit process been evaluated?
5	Have audit results been summarized?
6	Has an Audit Report been prepared?
7	Has an Implementation Record been started?
8	Have working papers been signed and dated?
9	Have working papers been approved & dated?
10	Has Audit Report been signed and dated?
11	Did auditors conduct audit interviews?
12	Did auditors study quality documents and data?
13	Did auditors study quality records and manuals?
14	Did auditors evaluate quality work activities?
15	Did auditors answer all audit questions?
16	Did auditors document their observations?
17	Did auditors document their evidence?
18	Did auditors document their conclusions?
19	Did auditors document nonconformities?
20	Did auditors do a good job?
21	Did auditors stay on track?
22	Did auditors make fair evaluations?
23	Did auditors make realistic judgements?
24	Did auditors make objective assessments?
25	Did auditors make reasonable observations?
26	Did auditors behave in a professional manner?
27	Did auditors treat all auditee management and staff with courtesy and respect?
28	Did auditors respect the confidentiality of all audit documents, data, records, and manuals?
29	Did auditors resist the temptation to water down audit conclusions and recommendations?
30	Did auditors have the necessary authority?
31	Did auditors have the necessary resources?
32	Did auditors have the necessary training?
33	Were auditors qualified to do the job?
34	Were auditors given enough time to do the job?
35	Has each auditor been evaluated at least once during the past three years?
36	Did lead auditor prepare a good Audit Plan?
37	Did lead auditor write a good Audit Summary?
38	Did lead auditor prepare a good Audit Report?
39	Did lead auditor organize an effective audit?
40	Did lead auditor manage his team effectively?
41	Did lead auditor help his team to do its best?
42	Did lead auditor exploit the talents of his team?
43	Did auditee staff co-operate fully with auditors?
44	Have auditee managers agreed to eliminate the nonconformities listed in the Audit Report?
45	Have auditee managers agreed to implement the recommendations presented in the Report?
46	Has auditee manager agreed to follow-up audit?
47	Does the Audit Report discuss observations?
48	Does Audit Report identify nonconformities?
49	Does the Audit Report summarize evidence?
50	Does the Audit Report present conclusions?
51	Does Audit Report make recommendations?
52	Does the Audit Report review and evaluate how well the quality policy is being applied?
53	Does the Audit Report evaluate how well quality system procedures are being followed?
54	Does the Audit Report review and evaluate how well quality plans are being followed?
55	Does the Audit Report review and evaluate how well quality objectives are being achieved?
56	Does the Audit Report review and evaluate the overall performance of the quality system?
57	Does the Audit Report make recommendations to improve quality system performance?
58	Are you confident that the evidence is valid?
59	Are you confident that the evidence supports the conclusions that were drawn?
60	Are you confident that the evidence supports the recommendations that were made?
61	Are you personally satisfied that all important nonconformities have been identified?
62	Do you believe that the audit was carried out in a fair and reasonable manner?
63	Do you believe that the Audit Report presents a fair assessment of the quality system?

Thank you for visiting this section. You are, of course, welcome to view our material as often as you wish, free of charge. However, you are not legally authorized to print or copy it. If you would like to purchase our material, please contact our Sales Department. Our sales people would be very pleased to take your order or to answer any questions you might have.

FEB. 1997	Ó PRAXIOM RESEARCH GROUP LIMITED. ALL RIGHTS RESERVED.	REV. 1.0
PART B	TABLE OF CONTENTS	PAGE 3

ISO 9003 INTERNAL AUDIT PROGRAM
4. 16 CONTROL OF QUALITY RECORDS
AUDIT AREA:	ORGANIZATION:

PREPARED BY:	APPROVED BY:
DATE PREPARED:	DATE APPROVED:

FEB. 1997	Ó PRAXIOM RESEARCH GROUP LIMITED. ALL RIGHTS RESERVED.	REV. 1.0
PART 4.16	CONTROL OF QUALITY RECORDS	PAGE 44

ISO 9003 INTERNAL AUDIT PROGRAM
FILE REVIEW
AUDIT AREA:	ORGANIZATION:

ISO 9000 Translated into Plain English
Home Page	Contents	Site Map	Detailed Index
Introduction	Definitions	Theory	Requirements
Guidelines	Q.S.D. Plan	Audit Programs	Quality Awards
Our Guarantee	How to Order	Our Publications	Link Partners
Top of Page	Other ISO Sites	Other Resources	How to Link