ISO 9001 2008

INTERNAL AUDIT PROGRAM

This web page will introduce our ISO 9001 2008 Internal Audit Program.
However, it will not present the complete audit program. Instead, it will
show you how our audit program is organized and it will explain how it
works. Once you've examined our approach, we hope you'll consider
purchasing our complete ISO 9001 2008 Internal Audit Program.

Our ISO 9001 Internal Audit Program (Title 22) is 177 pages
long, and is available in both pdf and MS doc file formats.
It is easy to understand and ready to use.

Introduction to Audit Program

Our ISO 9001 Audit Program has five parts:

Compliance Audit Program
Policy Audit Program
Procedures Audit Program
Process Audit Program
Records Audit Program

Each of these five programs will be discussed below.

We begin with a table of contents. It shows how we've organized our
ISO 9001 Internal Audit Program. While the content of each program
is different, the following table shows that each one of our five audit
programs is organized in the same way.

ISO 9001 2008 INTERNAL AUDIT PROGRAM TITLE 22 TABLE OF CONTENTS
PART	INTRODUCTION	PAGE
1	Introduction to ISO 9001	4
2	Introduction to Audit Program	5
A	ISO 9001 COMPLIANCE AUDIT PROGRAM	14
1	Compliance Audit Procedure	14
2	Compliance Audit Profile	15
3	Compliance Audit Questions	SAMPLE HTML
4	Compliance Audit Scores	79
5	Compliance Audit Summary	80
6	Compliance Audit Conclusions	81
7	Compliance Audit Recommendations	82
8	Compliance Audit Implementation Record	83
B	ISO 9001 POLICY AUDIT PROGRAM	84
1	Policy Audit Procedure	84
2	Policy Audit Profile	85
3	Policy Audit Questions	86
4	Policy Audit Scores	89
5	Policy Audit Summary	91
6	Policy Audit Conclusions	92
7	Policy Audit Recommendations	93
8	Policy Audit Implementation Record	94
C	ISO 9001 PROCEDURES AUDIT PROGRAM	95
1	Procedures Audit Procedure	95
2	Procedures Audit Profile	96
3	Procedures Audit Questions	97
4	Procedures Audit Scores	103
5	Procedures Audit Summary	105
6	Procedures Audit Conclusions	106
7	Procedures Audit Recommendations	107
8	Procedures Audit Implementation Record	108
D	ISO 9001 PROCESS AUDIT PROGRAM	109
1	Process Audit Procedure	109
2	Process Audit Profile	110
3	Process Audit Questions	SAMPLE PDF
4	Process Audit Scores	111
5	Process Audit Summary	154
6	Process Audit Conclusions	156
7	Process Audit Recommendations	157
8	Process Audit Implementation Record	158
E	ISO 9001 RECORDS AUDIT PROGRAM	159
1	Records Audit Procedure	160
2	Records Audit Profile	160
3	Records Audit Questions	161
4	Records Audit Scores	162
5	Records Audit Summary	170
6	Records Audit Conclusions	172
7	Records Audit Recommendations	173
8	Records Audit Implementation Record	174
F	ADMINISTRATIVE INFORMATION	175
MAR 2009	COPYRIGHT © 2009 BY PRAXIOM RESEARCH GROUP LIMITED	VER 4.0

Overview of Compliance Audit Program

Our Compliance Audit Program uses questions to list the ISO 9001
quality management system (QMS) requirements. Like ISO’s five sets
of requirements, our Audit Program consists of five separate
questionnaires:

General Audit Questionnaire
Management Audit Questionnaire
Resource Audit Questionnaire (SAMPLE)
Realization Audit Questionnaire
Remedial Audit Questionnaire

Our audit starts with section 4 because ISO's requirements start there.

In general, our Compliance Audit Program asks two types of questions:
questions that specify ISO 9001 mandatory quality management system
requirements and questions that specify requirements that may be excluded
or ignored under some circumstances. Questions that point to mandatory
requirements allow two response options: YES or NO, while questions that
specify requirements that may be excluded offer three response options:
YES, NO, or N/A. An N/A response option is provided because you may
exclude or ignore some requirements if you can justify doing so.

YES answers mean you’re in compliance with the standard, NO answers
mean you’re not in compliance, and N/A answers mean that a question is
not applicable in your case. NO answers to Compliance Audit questions
point to compliance problems (also known as nonconformities or
noncompliances).

Once you’ve answered all the Compliance Audit Questions, you’re ready
to summarize your audit, calculate compliance scores, draw general audit
conclusions, and make and implement recommendations to address your
compliance problems.

Overview of Policy Audit Program

Our ISO 9001 Policy Audit covers the following topics:

Management
Documentation
Usability
Training
Implementation
Changes

Start by selecting a policy that you want to audit. Then prepare your Policy
Audit Profile. Before you begin answering policy audit questions, please
record the name of this policy at the top of the Policy Audit questionnaire.
This will help to maintain the focus of your audit.

Three response options are provided: YES, NO, and N/A. NO answers point
to policy performance problems, YES answers identify positive areas, while
N/A responses identify questions that are not applicable in your situation.

Once you’ve answered all the audit questions, you’re ready to summarize
your internal audit, calculate policy performance scores, draw general audit
conclusions, and make and implement recommendations to address your
policy performance problems.

Overview of Procedures Audit Program

Our ISO 9001 Procedures Audit covers the following topics:

Management
Documentation
Content
Compliance
Usability
Training
Control
Records
Changes

Start by selecting a procedure that you want to audit. Then prepare
your Procedures Audit Profile. Define the scope of your audit, identify
the participants, and prepare a brief audit plan.

Before you begin answering procedures audit questions, please record
the name of this procedure at the top of the Audit questionnaire. This
will help auditors to maintain the focus of their audit.

Three response options are provided: YES, NO, and N/A. NO answers point
to procedural performance problems, YES answers identify positive areas,
while N/A responses identify questions that are not applicable in your
situation.

Once you’ve answered all the audit questions, you’re ready to summarize
your audit, calculate procedural performance scores, draw general audit
conclusions, and make and implement recommendations to address your
procedural performance problems.

Overview of Process Audit Program

Our ISO 9001 Process Audit covers the following topics:

Develop Process >>> SAMPLE PDF
1. Organization
2. Documents
3. Outputs
4. Inputs
5. Information
6. Monitoring
7. Measurement
8. Training
9. Resources
Implement Process
1. Management
2. Competence
3. Communication
4. Infrastructure
5. Records
Maintain Process
1. Management
2. Competence
3. Information
4. Communication
5. Infrastructure
6. Records
Control Process
1. Management
2. Outputs
3. Inputs
4. Monitoring
5. Measurement
Evaluate Process
1. Scope
2. Focus
3. Methods
Improve Process
1. Information
2. Methods
3. Implementation
4. Management

Clause 4.1 of ISO 9001 makes it clear that organizations must identify
and manage the processes that make up their quality management
systems. Therefore, the process approach is now a requirement.

The process approach is a management strategy. When managers use
a process approach, it means that they manage the processes that make
up their organization, the interaction between these processes, and the
inputs and outputs that “glue” these processes together.

But, what’s a process, and what are inputs and outputs? Briefly put, a
process uses inputs to generate outputs. Or, more precisely, a process is
an integrated set of activities that uses resources to transform inputs into
outputs. A system exists whenever several processes are interconnected
using such input-output relationships.

Processes are interconnected because the output from one process
becomes the input for another process. In effect, processes are “glued”
together by means of such input-output relationships. And because the
output of one process becomes the input of another process, inputs and
outputs are really the same thing. In general, there are three basic types
of inputs/outputs: products, services, and information.

Below you will find a list of some of the processes that can
be audited using our Process Audit Program:

Production process
Assembly process
Purchasing process
Design process
Delivery process
Marketing process
Management process
Maintenance process
Manufacturing process
Service provision process
Communications process
Document control process
Record keeping process
Administrative process
Measurement process
Monitoring process
Planning process
Training process

Of course, this does not exhaust the list of possible processes that could
be audited using our approach. Your organization’s processes will certainly
include many more processes that we have failed to mention.

Start your audit by selecting a process. Then prepare your Process Audit
Profile. Define the scope of your audit, prepare a brief audit plan, and identify
the inputs that are used by this process and the outputs that are generated.

Before you begin answering process audit questions, please enter
the name of your process at the top of the Process Audit questionnaire.
Three response options are provided: YES, NO, and N/A. NO answers
point to process performance problems, YES answers identify positive
areas, while N/A responses identify questions that are not applicable
in your situation.

Once you’ve answered all the audit questions, you’re ready to summarize
your audit, calculate process performance scores, draw general audit
conclusions, and make and implement recommendations to address
your process performance problems.

Overview of Records Audit Program

Our Records Audit Program is partly based on the ISO 15489-1
records management standard and covers the following topics:

Management
Initiation
Recording
Revisions
Access
Maintenance
Retention
Destruction
Reporting
Usability
Authenticity
Protection
Continuity
Training
Auditing
Compliance

Start by selecting a set of records. Our Audit Program can be used to audit
virtually any type of record keeping system. Examples that you may wish to
consider include the following: training records, design records, production
records, service delivery records, measurement records, product traceability
records, audit records, manufacturing records, management review records,
and calibration records.

Once you’ve chosen which records to audit, you’re ready to prepare your
Records Audit Profile. Specify the scope of your audit, its location, the
participants, and prepare a brief audit plan.

Before you begin answering record keeping audit questions, please enter
the name of the records being audited at the top of the audit questionnaire.
This will help to ensure that the focus of the internal audit is maintained.
Three response options are provided: YES, NO, and N/A. NO answers
point to record keeping performance problems, YES answers identify
positive areas, while N/A responses identify questions that are not
applicable.

Once you’ve answered all the audit questions, you’re ready to summarize
your audit, calculate record keeping performance scores, draw general
audit conclusions, and make and implement recommendations to
address your record keeping performance problems.

SAMPLE AUDIT QUESTIONS

A. COMPLIANCE AUDIT PROGRAM

3. COMPLIANCE AUDIT QUESTIONS

SECTION 6. RESOURCE AUDIT QUESTIONS

6.1 PROVIDE REQUIRED QMS RESOURCES
1	Did you identify the resources that your QMS needs?				YES	NO
2		Did you identify the resources that are needed to support your QMS?			YES	NO
3			Did you identify the resources needed to implement your organization's QMS?		YES	NO
4			Did you identify the resources needed to maintain your organization's QMS?		YES	NO
5			Did you identify the resources needed to improve your organization's QMS?		YES	NO
6				Did you identify the resources that you need in order to be able to continually improve the effectiveness of your QMS?	YES	NO
7		Did you identify the resources needed to help enhance your customers' satisfaction?			YES	NO
8			Did you identify the resources needed to ensure that customer requirements are being met?		YES	NO
9	Do you provide the resources that your QMS needs?				YES	NO
10		Do you provide resources needed to support your organization's QMS?			YES	NO
11			Did you provide resources needed to implement your organization's QMS?		YES	NO
12			Did you provide resources needed to maintain your organization's QMS?		YES	NO
13			Did you provide resources needed to improve your organization's QMS?		YES	NO
14				Do you provide the resources needed to continually improve the effectiveness of your organization's QMS?	YES	NO
15		Do you provide resources needed to help enhance your customers' satisfaction?			YES	NO
16			Do you provide resources needed to ensure that customer requirements are being met?		YES	NO
6.2 PROVIDE COMPETENT QMS PERSONNEL 6.2.1 ENSURE THE COMPETENCE OF WORKERS
17	Do you ensure the competence of anyone within your QMS who could directly or indirectly affect your ability to meet product requirements?				YES	NO
18		Do you ensure that your QMS workers have the right experience?			YES	NO
19		Do you ensure that your QMS workers have the right education?			YES	NO
20		Do you ensure that your QMS workers have the right training?			YES	NO
21		Do you ensure that your QMS workers have the right skills?			YES	NO
6.2.2 MEET COMPETENCE REQUIREMENTS
22	Do you identify the competence requirements of personnel within your QMS who perform work that could directly or indirectly affect your organization's ability to meet product requirements?				YES	NO
23	Do you provide training, or take other suitable steps, to meet your organization's unique QMS competence requirements?				YES	NO
24		Do you make your personnel aware of how their activities can affect your organization's ability to meet product requirements and how important their efforts are?			YES	NO
25			Do you explain how personnel can help your organization to achieve its quality objectives?		YES	NO
26	Do you evaluate the effectiveness of your QMS training and awareness activities?				YES	NO
27	Do you maintain suitable records which show that personnel within your QMS are competent?				YES	NO
28		Do you maintain suitable records of training?			YES	NO
29		Do you maintain suitable records of education?			YES	NO
30		Do you maintain suitable records of experience?			YES	NO
31		Do you maintain suitable records of skills?			YES	NO
6.3 PROVIDE NECESSARY INFRASTRUCTURE
32	Did you identify the infrastructure that your organization needs in order to ensure that product requirements are met?				YES	NO
33		Did you identify your building needs?			YES	NO
34		Did you identify your workspace needs?			YES	NO
35		Did you identify your utility needs?			YES	NO
36		Did you identify your process equipment needs?			YES	NO
37			Did you identify your process hardware needs?		YES	NO
38			Did you identify your process software needs?		YES	NO
39		Did you identify your support service needs?			YES	NO
40			Did you identify your transportation needs?		YES	NO
41			Did you identify your communication needs?		YES	NO
42			Did you identify your information needs?		YES	NO
43	Do you provide the infrastructure that your organization needs in order to ensure that product requirements are met?				YES	NO
44	Etcetera ...

Now that you know what our internal audit
program looks like, please consider purchasing
Title 22: ISO 9001 2008 Internal Audit Program.
Check our Prices. Place an Order.
Check our License Agreement.

If you purchase our ISO 9001 2008 Audit Program, you'll find
that it's integrated, detailed, exhaustive, and easy to understand.
You'll find that we've worked hard to create a high quality product.
In fact, we guarantee the quality!

Title 22 can be delivered to you on CD or as an email attachment.
Title 22 is 177 pages long and comes in pdf and MS doc file formats.

OTHER RELATED PAGES

ISO 9000 Introduction

Quality Management Principles

ISO 9001 2008 versus ISO 9001 2000

Plain English Quality Management Definitions

ISO 9001 2008 Translated into Plain English

How to Develop Your Process-based QMS

Process-based QMS Development Plan

Quality Management Gap Analysis Tool

How to Upgrade to the New Standard

Process Management Approach

Frequently Asked Questions

OTHER AUDIT TOOLS

Plain English Process Audit Program

ISO 9004 2009 Compliance Audit Tool

ISO 28000 Supply Chain Security Audit Tool

AS9100:2009 Aerospace Quality Audit Program

ISO 13485 2003 Internal Medical Device Audit Program

ISO 14001 2004 Internal Environmental Audit Program

ISO 22000 2005 Food Safety Management Audit Program

ISO 27002 2005 Information Security Management Audit Tool

OHSAS 18001 2007 Occupational Health and Safety Audit Program

Home Page	Our Libraries	A to Z Index	Our Customers
How to Order	Our Products	Our Prices	Our Guarantee
PRAXIOM RESEARCH GROUP LIMITED 9619 - 100A Street, Edmonton, Alberta, T5K 0V7, Canada Telephone: 780-461-4514 info@praxiom.com
First published on September 10, 2000. Updated on December 5, 2011.

Disclaimer and Limitation of Liability
The publisher and authors have used their best efforts in designing and
developing this electronic publication. We make no representation or warranties
with respect to accuracy or completeness of the contents of this publication and
specifically disclaim any implied warranties or merchantability or fitness for any
particular purpose and shall in no event be liable for any loss of profit or any
other commercial damage, including but not limited to special, incidental,
consequential, or other damages.

Legal Restrictions on the Use of this Page
Thank you for visiting this page. You are, of course, welcome to view our
material as often as you wish, free of charge. And as long as you keep intact
all copyright notices, you are also welcome to print or make one copy of this
page for your own personal, noncommercial, home use. But, you are not
legally authorized to print or produce additional copies or to copy and paste
any of our material onto another web site or to republish it in any way.