Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
QMS Audit (updated)
1. 1
AN INTRODUCTION TO THE
AUDITING OF THE ISO 17025
QUALITY MANAGEMENT
SYSTEM (QMS)
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
What is a Quality Audit ?
• An audit program will address all elements of the QMS to
ensure its continued compliance to relevant National and
International standards
• An audit is NOT intended to criticise or apportion blame
• An audit is a systematic , independent , and documented
process of obtaining and evaluating evidence in order to
determine the extent to which agreed procedures and
criteria have been fulfilled
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
2. 2
Why Audit ?
• To ensure compliance with relevant standards
• To ensure that activities are performed and recorded
• To ensure contractual obligations are fulfilled
• To identify the simplification of or addition to procedures
• To identify any opportunities for improvement
• To provide confidence that the QMS is effective
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
The Auditor :-
• Ideally be independent of the facility being audited
• Should have relative training / qualifications
• Should have an agreed agenda / checklist
• Should work to an agreed company audit plan
• Will be fair , truthful , discreet , inquisitive , and
communicative . He should also be non-critical , and be
responsible and accountable for his actions .
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
3. 3
PKQA SERVICESPKQA SERVICES
Quality Assurance Consultancy & ISO 17025 Auditing
The Auditor should possess :-
Professional Skills
• Be detail oriented , maintain independence and objectivity
• Work in a systematic and investigative manner
• Relate to all levels of personnel , and use sound judgement
People Skills
• Be a good listener and communicate clearly
• Discuss issues without arguing
• Maintain the self-esteem of all parties
Personal Attributes
Be diplomatic , tactful , decisive , fair , honest , and ethical
The Auditee(s) :-
• Ideally a team member of the facility being audited
• Should have relative training / qualifications
• Should be sincere , open , willing , and decisive
• Should be able to offer a constructive opinion
• Remember , the QMS is being audited NOT the Auditee
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
4. 4
Depths / Scope of the Audit
Quality Manual
Operational Procedures
and Work Instructions
Records and Evidence
Auditing is the Who … What … Where … When … and How …
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
PKQA SERVICESPKQA SERVICES
Quality Assurance Consultancy & ISO 17025 Auditing
Audit Planning
Addresses the specific aspects of who ,what , where ,
when , and how :-
Who is the auditee ?
What are the audit objectives/outcome ?
Where will the audit be conducted ie , its scope ?
When will the audit occur and how long will it take ?
How will the audit be conducted (the audit procedure and
checklist) ?
5. 5
PKQA SERVICESPKQA SERVICES
Quality Assurance Consultancy & ISO 17025 Auditing
Types of Audit : 1
Imagine a layered cake :-
Vertical Audit
(many elements)
Horizontal Audit
(single element)
etc
Booking In Process
Contract Review
Handling of Items
Equipment Calibration
Item Calibration
Recording of the Results
Certificate Formulation
PKQA SERVICESPKQA SERVICES
Quality Assurance Consultancy & ISO 17025 Auditing
Types of Audit : 2
• Horizontal :-
Looks at a single section of the QMS , but in greater depth
than a Vertical Audit . Particularly beneficial if there have
been historic non-compliances with the section
• Vertical :-
Looks at multiple sections of the QMS , but perhaps not to
the same depth as that of a Horizontal Audit . The Vertical
Audit looks at the ‘trail’ of linked , but separate elements .
6. 6
PKQA SERVICESPKQA SERVICES
Quality Assurance Consultancy & ISO 17025 Auditing
Types of Audit : 3
• First Party :-
Usually undertaken by personnel from within the
organisation , but independent of the function being audited
•Second Party :-
Usually carried out by external auditors / consultants / clients
•Third Party :-
Carried out by Accreditation or Certification bodies
The Audit Plan (1)
• Be agreed with senior management / Quality Manager
• Should list all (relevant) sections of ISO 17025
• Should cover each section of ISO 17025 at least annually
(workload permitting)
• Ideally be phased over a 12 month period
See next slide for a typical annual plan
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
7. 7
The Audit Plan (2)
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
The Audit Checklist (1)
• Can only address statements within the relative section(s)
of ISO 17025 , and to those of the operational procedure
and work / calibration instruction being audited
• A series of questions based on the QMS element(s) being
audited , and prepared prior to the audit itself .
A sample can be seen on the next slide
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
8. 8
The Audit Checklist (2)
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
The Audit Itself Involves :
• Witnessing the process , procedure , document or instruction
relative to the audit and ensuring compliance is maintained by :-
• Interviewing and questioning staff directly involved in the
process
• Observation of activities and processes
• Viewing and witnessing records
• Determination of any Observations or Non-compliances
• Recording the results and findings / conclusions
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
9. 9
Difficult Situations :-
Don’t lose your temper or argue at any time . Auditees may
argue , but auditors discuss .
Smile and relax the auditee . Show a sense of humor ; it
will build bridges between you and the auditee .
Avoid time wasting , unrelated conversations , long lunch
breaks , and other breaks . Identify these diversions and
address them politely and diplomatically . This can be a
little difficult , so don’t make it seem like an insult .
If given evasive or indirect answers , ask for clarification
PKQA SERVICESPKQA SERVICES
Quality Assurance Consultancy & ISO 17025 Auditing
The Audit Forms (1)
• An Audit Report form :
To record the evidence of the audit and used in
conjunction with the Audit Checklist
• A Non-compliance / Corrective Action Form :
To record non-compliances arising from the audit
which may require a follow-up audit
Samples of both can be seen on the next slide
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
10. 10
The Audit Forms (2)
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
The Audit Forms (3)
The Audit Report Form : -
• A narrative of the audit checklist . Don’t drown in detail .
• Documented evidence that the procedure / process
has been followed completely and correctly
• Is auditable itself during the Quality Records audit
• A communication tool for the management review
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
11. 11
The Audit Forms (4)
The Non-Compliance Form Form :-
• Identifies any violations of policies , procedures , or work
instructions
• Identifies any Observations made by the auditor
• Identifies if any Corrective Action(s) are necessary
• Decides and agrees the completion date for any Corrective
Action(s) , and whether a follow-up audit is necessary for
their discharge
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
Post Audit Discussions
• The audit report (when issued) must provide conclusive
evidence to show that the facility has demonstrated its
compliance with the Standard , procedure , or process (and
reported otherwise if not)
• If a Non-Compliance is raised , it should be fully documented ,
with an agreed discharge date and/or a follow up audit
• It should be noted that an Observation is purely the
OPPINION of the auditor , and as such is not enforceable
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
12. 12
Issue of Reports and Follow-up
• Agree when the report(s) will be issued , to whom , and
in what format
• Agree a time scale
• Agree a date for a follow-up meeting (or the forwarding
of evidence) to verify discharge of any non-compliances
raised during the audit . The meeting can also be used to
arrange a re-audit (if necessary) or to plan a future new
audit of the facility
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
Audit Summary (1)
Clients documents required for an ISO 17025 Audit are :-
• The Quality Manual
• Operational Procedures
• Work / Calibration Instructions
• Audit Plan plus other supplementary forms / records
Also required and usually supplied by the Auditor are :-
• Audit Checklist and Audit Report Forms
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
13. 13
Audit Summary (2)
Plan it
Do it
Report on it
Follow it up
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES
Presented by :-
Quality Assurance Consultancy & ISO 17025 Auditing
PKQA SERVICESPKQA SERVICES