I M S ( Q M S, E M S & O H S M S )

I N TE R NA L AU D I TO R
TRAINING
DELEGATE MANUAL
Course Timetable Bureau Veritas

COURSE TIMETABLE

DAY ONE

Session Title Start Finish

1. Registration and Submission of Pre-course 08:45 09:00

Quiz

2. Chapter 1 – Course introduction 09:00 09:30

3. Exercise 1 - Mini interview 09:30 10:00

4. Review of Pre course Quiz 10:00 10:30

5. Coffee Break 10:30 10:45

6. Chapter 2 – Introduction to QHSE issues 10:45 12:00

7. Chapter 3 – Overview of QHSE Standards 12:00 01:00

8. Lunch Break 01:00 02:00

9. Chapter 3 – Overview of QHSE Standards 02:00 03:30

10. Coffee Break 03:30 03:45

11. Chapter 3 – Overview of QHSE Standards 03:45 05:00

Jul-19 Integrated Management System – Auditor Course 1 of 4

Course Timetable Bureau Veritas

DAY TWO

Session Title Start Finish

1. Chapter 3 – Overview of QHSE Standards 09:00 10:30

2. Coffee Break 10:30 10:45

3. Chapter 3 – Overview of QHSE Standards 10:45 11:30

4. Chapter 3 – Overview of QHSE Standards 11:30 01:00

5. Lunch Break 01:00 02:00

6. Chapter 4 – Concept of Integration 02:00 03:00

7. Exercise 2 – Integration 02:30 03:00

8. Chapter 5 – Audit Management 03:00 03:30

9. Chapter 6 – Performing an audit 03:30 04:00

10. Chapter 7 – Reporting 04:00 04:30

11. Summary and close of Day 2 04:30 05:00

Jul-19 Integrated Management System – Auditor Course 2 of 4

Course Timetable Bureau Veritas

DAY THREE

Session Title Start Finish

1. Chapter 8 - Nonconformance & Corrective 09:00 09:30

Actions

2. Exercise 3 – Nonconformity Reports 09:30 10:30

3. Coffee Break 10:30 10:45

4. Workshop 1 – IMS Manual Review 10:45 11:45

5. Chapter 9 - Approach to the audit 11:45 12:00

6. Chapter 10- Auditor role, qualification and 12:00 12:15

certification

7. Lunch Break 01:00 02:00

8. Workshop 2-Auditing Context 02:00 03:00

9. Workshop 3- Auditing Planning and Support 03:00 04:30

10. Summary and close of Day 3 04:30 05:00

Jul-19 Integrated Management System – Auditor Course 3 of 4

Course Timetable Bureau Veritas

DAY FOUR

Session Title Start Finish

1. Workshop 4 – Auditing Operations and 09:00 10:00

Monitoring

2. Coffee Break 10:00 10:15

3. Workshop 5 – Improvement 10:15 11:15

4. Workshop 6 – Auditing Leadership (Role Play) 11:15 12:15

5. Workshop 7 – Audit Plan Matrix 12:15 01:00

6. Lunch Break 01:00 02:00

7. Workshop 7 – Audit Plan Matrix (Contd) 02:00 02:30

8. Workshop 8 Audit Plan 02:30 04:30

9. End of course summary/ appraisal forms 04:30 05:00

Jul-19 Integrated Management System – Auditor Course 4 of 4

 Chapter 1
Course Introduction

Welcome to our Integrated

Management Systems (QHSE)
Auditor Course!
 Bureau Veritas at a Glance

Broad Geographic Presence1

► Created in 1828 Africa 5%
Americas
18%
► A global leader in conformity Asia Pacific &
Middle East
assessment services in the areas of 22%
quality, health and safety, environment
and social responsibility (QHSE)
France
 Network of more than 700 offices in 33%
140 countries Europe
22%
 Over 26,000 skilled employees
Eight Global Businesses1
► Eight global businesses providing
a complete set of services Government Services 8% Marine 11%

 Services include: Inspection, testing, audit, Consumer Products Industry

certification, classification, risk management, 14% 13%
outsourcing, consulting and training services

Certification
► Servicing 280,000 customers across a Inspection &
11% In-Service
wide range of end markets Verification
13%
Construction
HSE
20%
10%
1. 2006 revenue breakdown.

Jul-19 Integrated Management System (QHSE) – Auditor Course 2

 Our Profession : QHSE Compliance

Reference Standard Action Deliverable

Assessment

Full Independence
from any
Design / Manufacturing / Contracting / Insurance

Jul-19 Integrated Management System (QHSE) – Auditor Course 3

 A Balanced Portfolio of Activities

Marine ► Ship classification, ship and marine equipment certification, technical assistance and outsourcing services

► Conformity assessment of industrial equipment and installations to regulatory or client specifications from
feasibility stage to de-commissioning
Industry ► Services include design review, shop inspection, site inspection, asset integrity management, product
certification and related testing services such as non-destructive testing

► Periodic inspection of equipment and installations to assess conformity with regulations or client-specific
Inspection & In-Service requirements
Verification (IVS) ► Services apply to electrical installations, fire safety systems, lifts, pressure and lifting equipment, and machinery

► Inspection, audit, measurement and testing services in the areas of environment and health and safety
Health, Safety and ► Technical assistance and consultancy services to help companies define their HSE management strategy and
Environment (HSE) improve their performances

► Conformity assessment of construction projects to local regulations and construction standards, from design
stage to completion
Construction ► Services include design review, code compliance, technical control, on-site safety coordination, testing
of construction materials, asset management and technical due diligence services

► Certification of management systems and processes in the areas of quality, health and safety, environment
Certification and social responsibility based on public standards
► Second party auditing services based on customer-specific or Bureau Veritas standards

► Testing, inspection and certification of consumer goods including textile, hardlines, toys, electrical and
Consumer Products electronics
► Factory audits, social responsibility audits and training services

Government Services ► Government Services: Pre-Shipment Inspection, X-Ray Scanning, Verification of Conformity of imported
and International Trade products
(GSIT) ► International Trade: Commodity quantity/quality assurance, automotive services

Eight global businesses providing strong growth and cross-selling opportunities

Jul-19 Integrated Management System (QHSE) – Auditor Course 4

 Extensive Geographic Footprint

Americas Europe (excl. France)

 130 offices, including  195 offices, including
26 laboratories 19 laboratories
 4,700 staff  5,500 staff

France
 175 offices, including
6 laboratories
 6,400 staff

Asia & Middle East

 150 offices, including
31 laboratories
 8,700 staff

Africa
 50 offices, including
5 laboratories
 1,000 staff

Global network comprising more than 700 locations across 140 countries

Jul-19 Integrated Management System (QHSE) – Auditor Course 5

 Bureau Veritas History

Wendel makes Merger Wendel gains IPO

initial investment with CEP full control of
in Bureau Veritas (France) Bureau Veritas

GSIT

Building
Construction global HSE
Consumer platform
Certification Products
Industry
Marine

1828 1910 1929 1984 1988 1993 1995 1996 1998 2001 2002 2004 2006 2007

Expansion I&F Consumer I&F I&F I&F

to Africa China Products UK USA Australia
US and China

Expansion to Asia I&F

and Eastern Europe Germany

Reputation, network and portfolio of businesses built over 180 years

Note: I&F = Industry & Facilities division.

Jul-19 Integrated Management System (QHSE) – Auditor Course 6

 Course Timing
Day 1 09:00 to 17:00
Day 2 09:00 to 17:00
Day 3 09:00 to 17:00
Day 4 09:00 to 17:00

Lunch breaks: 13:00 – 14:00

Coffee breaks: mid morning & mid afternoon

Jul-19 Integrated Management System (QHSE) – Auditor Course 7

 House rules
►Facilities

►Safety rules & evacuation routes

►Courtesy (mobile phones, pagers)

►Local arrangements

Jul-19 Integrated Management System (QHSE) – Auditor Course 8

 Delegate Manual

► Chapters represent tuition

sessions
► Text for future reference

► Copies of slides to take notes

► Note taking is important auditor’s

skill

Jul-19 Integrated Management System (QHSE) – Auditor Course 9

 Successful delegates will be able to:
► Understand the background of integrated management systems

► Understand the requirements of the standards used

► Understand principles and practices of integrated management

system auditing
► Plan and prepare for the integrated management system audit

► Gather and analyse objective evidence

► Perform the audit and report its results

Jul-19 Integrated Management System (QHSE) – Auditor Course 10

 Course structure:
• Tutor led sessions
• Discussions
• Exercises
• Workshops
• Case study

Jul-19 Integrated Management System (QHSE) – Auditor Course 11

 Delegate feedback – Course appraisal
► The course appraisal form is included in delegate
manual.
► Your feedback is important information for further
improvement of our training services.
► Summaries are prepared for each course and are an
important input to the management review.
► Please fill it as the course progresses

Jul-19 Integrated Management System (QHSE) – Auditor Course 12

 Exercise 1 - Delegate Introduction
Interview in pairs (6 minutes per interview / presentation up to 2 minutes)

Information to be obtained
► Full name, Name of organisation for which they work

► Position and role within that organisation

► Career background

► Their knowledge of QHSE standards ranked from 1 to 10

► Auditing experience - first, second or third party

► Personal objective for attending the course

► Any valuable information allowing successful communication

Records will be used for team allocation

Jul-19 Integrated Management System (QHSE) – Auditor Course 13

Jul-19 Integrated Management System (QHSE) – Auditor Course 14
 Chapter 2
Introduction to Quality, Health, Safety and
Environmental Issues
The Quality Challenge
 What is Quality after all?

Jul-19 Integrated Management System (QHSE) – Auditor Course 3

 ISO 9000:2015 defines quality as:

“degree to which a set of inherent characteristics

fulfils requirements”

Jul-19 Integrated Management System (QHSE) – Auditor Course 4

 Which is of a better quality?

Jul-19 Integrated Management System (QHSE) – Auditor Course 5

 Grade

Grade
Category or rank given to
different quality
requirements for
products, processes or
systems having the same
functional use
Grade is inherent in the
Ref.: ISO 9000:2015 product and may be
altered by changes in
specification

Jul-19 Integrated Management System (QHSE) – Auditor Course 6

 Dimensions of Quality
► Performance

 basic operating characteristics of a product; how well a car is handled.

► Features

 “extra” items added to basic features, such as a stereo CD or a leather interior

in a car

► Reliability

 probability that a product will operate properly within an expected time frame;
that is, a TV will work without repair for about seven years

Jul-19 Integrated Management System (QHSE) – Auditor Course 7

 Dimensions of Quality (Cont’d)

► Conformance

 degree to which a product meets pre–established standards

► Durability

 how long product lasts before replacement

► Serviceability

 ease of getting repairs, speed of repairs, courtesy and competence of

repair person

Jul-19 Integrated Management System (QHSE) – Auditor Course 8

 Dimensions of Quality (Cont’d)

► Aesthetics

 how a product looks, feels, sounds, smells, or tastes

► Safety

 assurance that customer will not suffer injury or harm from a product; an
especially important consideration for automobiles

► Perceptions

 subjective perceptions based on brand name, advertising, and the like

Jul-19 Integrated Management System (QHSE) – Auditor Course 9

 Examples of Quality Dimensions
Dimension (Product) (Service)
Automobile Auto Repair
1. Performance Everything works, fit & All work done, at agreed
finish Ride, handling, priceFriendliness,
grade of materials used courtesy, Competency,
quickness
2. Aesthetics Interior design, soft touch Clean work/waiting area

3. Special features Gauge/control placement Location, call when ready

Cellular phone, CD Computer diagnostics
player

Jul-19 Integrated Management System (QHSE) – Auditor Course 10

 Examples of Quality Dimensions (Cont’d)
Dimension (Product) (Service)
Automobile Auto Repair
5. Reliability Infrequency of breakdowns Work done correctly,
ready when promised

6. Durability Useful life in miles, resistance Work holds up over

to rust & corrosion time

7. Perceived Top-rated car Award-winning service

quality department

8. Serviceability Handling of complaints and/or Handling of complaints

requests for information

Jul-19 Integrated Management System (QHSE) – Auditor Course 11

Dimensions of Quality: Service

► Time and Timeliness

 How long must a customer wait for service, and is it completed on time?
 Is an overnight package delivered overnight?

► Completeness:

 Is everything customer asked for provided?

 Is a mail order from a catalogue company complete when delivered?

Jul-19 Integrated Management System (QHSE) – Auditor Course 12

 Dimensions of Quality: Service
► Courtesy:

 How are customers treated by employees?

 Are catalogue phone operators nice and are their voices pleasant?

► Consistency

 Is the same level of service provided to each customer each time?

 Is your newspaper delivered on time every morning?

Jul-19 Integrated Management System (QHSE) – Auditor Course 13

 Dimensions of Quality: Service
► Accessibility and convenience

 How easy is it to obtain service?

 Does a service representative answer you calls quickly?

► Accuracy

 Is the service performed right every time?

 Is your bank or credit card statement correct every month?

Jul-19 Integrated Management System (QHSE) – Auditor Course 14

 Dimensions of Quality: Service
► Responsiveness

 How well does the company react to unusual situations?

 How well is a telephone operator able to respond to a customer’s questions?

Jul-19 Integrated Management System (QHSE) – Auditor Course 15

 Challenges with Service Quality
► Customer expectations often change

► Different customers have different expectations

► Each customer contact is a “moment of truth”

► Customer participation can affect perception of quality

► Fail-staffing must be designed into the system

Jul-19 Integrated Management System (QHSE) – Auditor Course 16

 Determinants of Quality

► Quality of design

 Intension of designers to include or exclude features in a

product or service:

Different car models with different features

• size
• Appearance
• Roominess
• Fuel economy
• Comfort
• Material used

Jul-19 Integrated Management System (QHSE) – Auditor Course 17

 Determinants of Quality (cont’d)

►Quality of Conformance

 Making sure a product or service is produced according to

design:
• if new tires do not conform to specifications, they
wobble
• if a hotel room is not clean when a guest checks in, the
hotel is not functioning according to specifications of its
design

Jul-19 Integrated Management System (QHSE) – Auditor Course 18

 Determinants of Quality (cont’d)

►Ease of Use

• Instruction manuals
• Guide the customer for proper used
• good labeling

►Service after Delivery

Jul-19 Integrated Management System (QHSE) – Auditor Course 19

The Environmental Challenge
 Environmental Issues
 Universal significance
 Complex
 Link with economic conditions

Jul-19 Integrated Management System (QHSE) – Auditor Course 21

Global Warming

International
Human activities Convention on Climate
have altered the Change signed in Rio in
chemical 1992
composition of the
atmosphere
through the
buildup of
greenhouse gases.
Primarily carbon
dioxide, methane,
and nitrous oxide.

Jul-19 Integrated Management System (QHSE) – Auditor Course 22

Global Warming

Jul-19 Integrated Management System (QHSE) – Auditor Course 23

Global Warming

The Greenhouse
Effect

Jul-19 Integrated Management System (QHSE) – Auditor Course 24

Global Warming

Jul-19 Integrated Management System (QHSE) – Auditor Course 25

Ozone Depletion

► Loss 6-8% in Northern

Hemisphere
► Levels critical in Southern
Hemisphere

Montreal Protocol is an
international agreement to
reduce releases of ODSs,
ratified by 85 countries

Jul-19 Integrated Management System (QHSE) – Auditor Course 26

Ozone Depletion

Jul-19 Integrated Management System (QHSE) – Auditor Course 27

Ozone Depletion

Jul-19 Integrated Management System (QHSE) – Auditor Course 28

Ozone Depletion

Remember: 100 Dobson Units are equal to 1 mm thick layer of Ozone under Standard
Temperature and Pressure (STP)
Jul-19 Integrated Management System (QHSE) – Auditor Course 29
Loss of Biodiversity ► Diversity allows eco-systems to adapt
to changes
► Tropical forests important sources of
medicinal compounds
► Diversity also decreasing in developed
countries

CITES - Convention on
International Trade in
Endangered Species
Rio Biodiversity Convention

Jul-19 Integrated Management System (QHSE) – Auditor Course 30

 Air Pollution
One fifth of the world’s population
breath air contaminated by
pollutants in excess of WHO limits

Transboundary air pollution

convention
Local and regional controls

Jul-19 Integrated Management System (QHSE) – Auditor Course 31

 Water Pollution
Water is used to support life, create energy and as a disposal area
for wastes

Marpol Convention on
pollution from ships
Local legislation

Jul-19 Integrated Management System (QHSE) – Auditor Course 32

 Soil and Land Pollution
Degradation of the land due to activities carried out by humans

Local legislation

Jul-19 Integrated Management System (QHSE) – Auditor Course 33

 Toxic Chemicals

► Concentrations of DDT in Central

Americans are 11 times higher than
those of North Americans
► Toxic chemicals may bio-accumulate

Jul-19 Integrated Management System (QHSE) – Auditor Course 34

 Nuclear Issues
► Weapons

► Power generation

► Wastes

Jul-19 Integrated Management System (QHSE) – Auditor Course 35

 Depletion of Natural Resources

Eco-capital is unevenly
distributed
 Desertification
 Deforestation
 Population growth
 Distribution of land,
water, fuels and
minerals

Jul-19 Integrated Management System (QHSE) – Auditor Course 36

 Quality of Life

► Nuisance

► Noise

► Access to countryside

► Visual impact

► Littering

► Traffic congestion

► Light pollution

Jul-19 Integrated Management System (QHSE) – Auditor Course 37

 Sustainable Development

Resource depletion < Resource regeneration

Meeting the needs of the current generation without

compromising the ability of future generations to
meet their needs (Brundtland commission, 1987)

Jul-19 Integrated Management System (QHSE) – Auditor Course 38

The Health and Safety Challenge
 What is Health and Safety?
► The dictionary defines the words health and safety as follows:

 Health - the condition of body or mind

 Safety - not being exposed to danger or risks

► In industry, Health and Safety means preventing accidents

and work related ill health.

Jul-19 Integrated Management System (QHSE) – Auditor Course 40

 For the purpose of risk management SAFETY OR
SECURITY needs to be defined as:
“not being exposed to an unacceptable risk”

Occupational Health and Safety means preventing as

far as possible accidents and work related ill health.

Jul-19 Integrated Management System (QHSE) – Auditor Course 41

 Incidents

occurrence arising out of, or in the course of,

► Incident:
work that could or does result in injury and ill health (ISO
45001:2018 3.35)

► Incidents in which injury, ill health or fatality occurred are

commonly called ACCIDENTS
► Where no injury or loss happens, the ‘incident‘ is considered a
"NEAR MISS“ (close call, dangerous occurrence, etc.)

Jul-19 Integrated Management System (QHSE) – Auditor Course 42

 H. W. Heinrich’s Ratio

H. W. Heinrich : Industrial Accident

1
Prevention (first Published in 1931 Major Injury
Based on study of 75,000 accidents

29
Minor Injuries

300
No- Injury Incidents

Unsafe Acts or Conditions ???

Jul-19 Integrated Management System (QHSE) – Auditor Course 43

 Injury and Ill Health

►Injury and ill health is:

“adverse effect on the physical, mental or cognitive condition

of a person”
►Injury and ill health may be temporary or permanent

Jul-19 Integrated Management System (QHSE) – Auditor Course 44

 Human Costs

► The ILO estimates that there are over 250 million work-related
accidents which result in time-off occur every year 685,000 per
day, or 475 per minute, 8 per second.
► 3000 people are killed at work per day, or 2 per minute.

► 160 Million new cases of work related ill health every year.

Jul-19 Integrated Management System (QHSE) – Auditor Course 45

 Financial Costs

► ILO expert says that “while it is impossible to place a value on

human life, compensation figures indicate that approximately 4
per cent of the world’s gross domestic product disappears with
cost of diseases through absences from work, sickness
treatment, disability and survivor benefits.
► The GDP lost in work related injuries and diseases are more than
that the total GDP in Africa, Arab States and South Asia together
and more than the development assistance to the world’s
developing countries

Jul-19 Integrated Management System (QHSE) – Auditor Course 46

 Source: Global Trends in Occupational
Accidents and Diseases

Jul-19 Integrated Management System (QHSE) – Auditor Course 47

 Distribution of Work-related Mortality

Source: Global Estimates of Occupational

Accidents and Work-related Illnesses
2017

Jul-19 Integrated Management System (QHSE) – Auditor Course 48

 Distribution of Work-related Mortality-Nigeria

Accident
Gross causing at Accident
domestic Gross national least 3 days' causing at
Economically product GDP income GNI Fatal accidents absence, least 4 days' Deaths caused
active Total (USD mil.) (USD mil.) reported to the reported to the Fatal accident absence Work-related Work-related by dangerous
Country population employment 2003 2003 ILO (2003) ILO (2003) 2003 Average 2003 diseases mortality substances
Nigeria 55,670,000 56,900 42,984 13,439 12,634,711 49,797 63,236 16,673

Jul-19 Integrated Management System (QHSE) – Auditor Course 49

 Chapter 3
Overview Of Management System Standards
 Management System Standard

• Quality – ISO 9001:2015

• Environmental – ISO 14001:2015

• Occupational Health and Safety – ISO 45001:2018

Mar-08 Integrated Management System (QHSE) – Auditor Course 2

Overview Of Quality Management System Standards
ISO 9001:2015
 2/ Quality Management and ISO 9001:2015
High Level Structure

ISO 9001:2015 Quality management systems –

Requirements (shall)

main sections (processes)

Mar-08 Integrated Management System (QHSE) – Auditor Course 4

 2/ Quality Management and ISO 9001:2015
0.2 Quality system model

Mar-08 Integrated Management System (QHSE) – Auditor Course 5

 2/ Quality Management and ISO 9001:2015
“risk-based thinking”?

 Risk-based thinking

• already part of process approach

• makes preventive action part of the routine

 Risk often seen as negative

 Risk-based thinking can also help identify opportunities =
positive risk

Mar-08 Integrated Management System (QHSE) – Auditor Course 6

 2/ Quality Management and ISO 9001:2015
The process (and systems) approach

Mar-08 Integrated Management System (QHSE) – Auditor Course 7

 2/ Quality Management and ISO 9001:2015
The Plan, Do, Check, Act Cycle

•Act: take actions to •Plan: establish

continually improve objectives and processes
process performance necessary to deliver
results in accordance
with customer
requirements and the
•Check: monitor and organisation’s policies
measure processes and
product against policies,
objectives and requirements
for the product and report
the results •Do: implement the
processes

•A permanent objective of the

organisation
Mar-08 Integrated Management System (QHSE) – Auditor Course 8
 2/ Quality Management and ISO 9001:2015
Process Approach

•PROCESS
EFFECTIVENESS
•Extent to which planned
•CONTROLS activities are realised and
planned results achieved

•PROCESS
•“set of interrelated or
•INPUT •interacting activities
•OUTPUT •PRODUCT
•which transforms
•inputs into outputs •PROCESS EFFICIENCY
•Relationship between the
•RESOURCES result achieved and the
resources used

•A desired result is achieved more efficiently

when activities and related resources are
managed as a process
Mar-08 Integrated Management System (QHSE) – Auditor Course 9
 2/ Quality Management and ISO 9001:2015
System approach to management

•Identifying,
understanding and
managing interrelated •R •R

processes as a •O
•I •Process •O •I •Process
system contributes to
•A •B
the organisation’s •I •R
•I
•R

effectiveness and •C •C
•Process •Process •O
efficiency in •I
•C •D
achieving its • I =
•O •I

objectives INPUT
• O = •C •C
OUTPUT
• R =
RESOURCE
S
• C =
CONTROLS
Mar-08 Integrated Management System (QHSE) – Auditor Course 10
 2/ Quality Management and ISO 9001:2015
4.Context of the organization

•4.1 Understanding the organization and its context

•4.2 Understanding the needs & expectations of interested parties

•4.3 Determining the scope of the QMS

•4.4 Quality management system and its processes

Mar-08 Integrated Management System (QHSE) – Auditor Course 11

 2/ Quality Management and ISO 9001:2015
5 Leadership & 6. Planning

5.1 Leadership and commitment

 5.1.1 Leadership and commitment with respect to the QMS

 5.1.2 Customer focus

5.2 Quality policy

5.3 Organizational roles, responsibilities & authorities

6.1 Actions to address risks and opportunities

6.2 Quality objectives and planning to achieve them
6.3 Planning of changes

Mar-08 Integrated Management System (QHSE) – Auditor Course 12

 2/ Quality Management and ISO 9001:2015
7. Support

•7.1 Resources
• 7.1.1 General
• 7.1.2 People
• 7.1.3 Infrastructure
• 7.1.4 Environment for the operation of processes
• 7.1.5 Monitoring and measuring resources
• 7.1.6 Organizational knowledge

•7.2 Competence
• 7.3 Awareness
• 7.4 Communication
• 7.5 Documented information
• 7.5.1 General
• 7.5.2 Creating and updating
• 7.5.3 Control of documented information

Mar-08 Integrated Management System (QHSE) – Auditor Course 13

 2/ Quality Management and ISO 9001:2015
8. Operations

•8.1 Operational planning and control

•8.2 Determination of requirements for products and services
•8.3 Design and development of products and services
• 8.3.1 General
8.3.2 Design and development planning
8.3.3 Design and development inputs
8.3.4 Design and development controls
8.3.5 Design and development outputs
8.3.6 Design and development changes

•8.4 Control of externally provided processes, products & services

• 8.4.1 General
• 8.4.2 Type and extent of control
• 8.4.3 Information for external providers

Mar-08 Integrated Management System (QHSE) – Auditor Course 14

 2/ Quality Management and ISO 9001:2015
8. Operations

•8.5 Production and service provision

• 8.5.1 Control of production and service provision
8.5.2 Identification and traceability
• 8.5.3 Property belonging to customers or external providers
• 8.5.4 Preservation
• 8.5.5 Post delivery activities
• 8.5.6 Control of changes

•8.6 Release of goods and services

•8.7 Control of nonconforming outputs

Mar-08 Integrated Management System (QHSE) – Auditor Course 15

 2/ Quality Management and ISO 9001:2015
9. Performance Evaluation & 10.Improvement

•9.1 Monitoring, measurement, analysis and evaluation

• 9.1.1 General
9.1.2 Customer satisfaction
• 9.1.3 Analysis and evaluation

•9.2 Internal audit

•9.3 Management review

•10.1 General

•10.2 Nonconformity and corrective action

•10.3 Continual Improvement

Mar-08 Integrated Management System (QHSE) – Auditor Course 16

Overview Of Environmental Management System Standards
ISO 14001:2015
 Introductory Clauses 0.1 through 0.5
0.1 BACKGROUND
 achieve a balance between environmental,
social and economic sub-systems within the
global system.
 Sustainable Development
 Societal expectations for sustainable
development
 Better transparency and accountability

0.2 Aim of an EMS

 Provide organizations with a framework to
protect the environment
 respond to changing environmental conditions
 Provide a balance with socio-economic needs
 Specifies requirements for organization to
achieve intended outcomes from EMS

Mar-08 Integrated Management System (QHSE) – Auditor Course 18

 Introductory Clauses 0.1 through 0.5
0.3 Success factors (Contd-)

Top Management Leadership

Commitment from all functions & Levels
Exploring Risks and Opportunities
Integrating EMS with Business Policies
Incorporating Env. Governance throughout

Mar-08 Integrated Management System (QHSE) – Auditor Course 19

 Introductory Clauses 0.1 through 0.5

0.4 Plan, Do, Check and Act approach

►The basis for the approach underlying an environmental management system is founded on
the concept of Plan-Do-Check-Act (PDCA). The PDCA model provides an iterative process used
by organizations to achieve continual improvement. It can be applied to an environmental
management system and to each of its individual elements. It can be briefly described as follows.
►Plan: establish environmental objectives and processes necessary to deliver results in
accordance with the organization’s environmental policy.
►Do: implement the processes as planned.

►Check: monitor and measure processes against the environmental policy, including its
commitments, environmental objectives and operating criteria, and report the results.
► Act: take actions to continually improve. .

Mar-08 Integrated Management System (QHSE) – Auditor Course 20

 Introductory Clauses 0.1 through 0.5

•NOTE The numbers given in brackets refer to the clause numbers in this document
•Figure 1 — Relationship between PDCA and the framework in this document

Mar-08 Integrated Management System (QHSE) – Auditor Course 21

 Introductory Clauses 0.1 through 0.5
0.5 Contents of this International Standard

- includes revisions to meet environmental challenges facing organizations and provide value to
both new and existing users.
- includes revisions to conform to ISO’s requirements for management system standards.
- requirements include a high level structure, identical core text, and common terms with core
definitions, designed to benefit users implementing multiple ISO management system
standards.
- The body of this International Standard, Clauses 4 through 10, contains the requirements
used to assess conformity.
- Annex A provides informative explanations to prevent misinterpretation of ISO/FDIS
14001:2015 requirements.
- Annex B identifies broad technical correspondence between ISO 14001:2004 and this edition.
- Implementation guidance on EMSs is included in ISO 14004.
- See the ISO/IEC Directives, Part 1, Consolidated ISO Supplement, Procedures specific to
ISO, Fifth edition, 2015,Annex SL, Appendices 2 and 3.
- Revision of ISO 14004 is ongoing

Mar-08 Integrated Management System (QHSE) – Auditor Course 22

 Introductory Clauses 0.1 through 0.5
0.5 Contents of this International Standard

Clause 1 to 3 cover the scope, normative references and the terms and definitions

Clauses 4 to 10 contain the requirements that can be used to assess conformity with this
standard.

Annex A provides informative explanations to assist in the interpretation of those requirements.

In this standard, following verbal forms are used:

“shall” indicates a requirement;

“should” indicates a recommendation;
“may” indicates a permission;
“can” indicates a possibility or a capability.

Information marked as "NOTE" is for guidance in understanding or clarifying the associated requirement.
“Notes to entry” used in Clause 3 provide additional information that supplements the terminological data and
can contain provisions relating to the use of a term.

The terms and definitions in Clause 3 are arranged in conceptual order, with an alphabetical index provided at
the end of the document.

Mar-08 Integrated Management System (QHSE) – Auditor Course 23

 Clause 1 to 3

► 1 Scope

•This International Standard is applicable to any organization

•Regardless of size, type and nature and applies to the environmental aspects that the organization determines it can
either control or can influence considering a life cycle perspective.

•It does not state specific environmental performance criteria, nor does it increase or change an organization’s legal
obligations.

•This International Standard can be used in whole or in part to improve environmental management, but all the
requirements are intended to be incorporated into an EMS and fulfilled, without exclusion, if an organization claims it
complies with this International Standard

Mar-08 Integrated Management System (QHSE) – Auditor Course 24

 Clause 1 to 3

ISO 14001:2015

•2 Normative reference

• No reference…

•3 Terms and definitions

•definition of 33 terms

•(3.1 to 3.33)

Mar-08 Integrated Management System (QHSE) – Auditor Course 25

 4.Context of the organization

•4.CONTEXT OF THE ORGANIZATION

•4.1 Understanding the organization and its context

•4.2 Understanding the needs and expectations of interested parties

•4.3 Determining the scope of the EMS

•4.4 Environmental management system

Mar-08 Integrated Management System (QHSE) – Auditor Course 26

 5.Leadership

•5.Leadership
• 5.1 Leadership & commitment

• 5.2 Environmental policy

• 5.3 Organization roles, responsibilities & authorities

Mar-08 Integrated Management System (QHSE) – Auditor Course 27

 6.Planning

•6. PLANNING
•6.1 Actions to address risks and opportunities
► 6.1.1 General

► 6.1.2 Environmental aspects

► 6.1.3 Compliance obligations

► 6.1.4 Planning action

•6.2 Environmental objectives and planning to achieve them

► 6.2.1 Environmental objectives

► 6.2.2 Planning to achieve environmental objectives

Mar-08 Integrated Management System (QHSE) – Auditor Course 28

 7.Support

•7. SUPPORT
•7.1 Resources

•7.2 Competence

•7.3 Awareness

•7.4 Communication

► 7.4.1 General

► 7.4.2 Internal Communication

► 7.4.3 External Communication

•7.5 Documented information

► 7.5.1 General

► 7.5.2 Creating and updating

► 7.5.3 Control of documented information

Mar-08 Integrated Management System (QHSE) – Auditor Course 29

 8.Operation

•8.OPERATION

•8.1 Operational planning & control

•8.2 Emergency preparedness and response

Mar-08 Integrated Management System (QHSE) – Auditor Course 30

 9.Performance evaluation

• 9.PERFORMANCE EVALUATION
•9.1 Monitoring, measurement analysis and evaluation

► 9.1.1General

► 9.1.2 Evaluation of compliance

•9.2 Internal Audit

► 9.2.1 General

► 9.2.2 Internal audit programme

•9.3 Management Review

•10.IMPROVEMENT
► 10.1 General

► 10.2 Nonconformity & corrective action

► 10.3 Continual improvement

Mar-08 Integrated Management System (QHSE) – Auditor Course 31

Overview Of Occupational Health & Safety
Management System Standard
ISO 45001:2018
 Introductory Clauses 0.1 through 0.5
•0.1 Background
•An organization is responsible for the health and safety of workers and others who may be affected by its activities, including
promoting and protecting their physical, psychological and mental health.

•The adoption of an occupational health and safety (OH&S) management system is intended to enable an organization to improve
its OH&S performance to prevent work-related injury and/or ill health to workers and to provide safe and healthy workplaces.
•
•OC :It is estimated by the International Labour Organization (ILO) that there are 2,34 million deaths every year as a result of work activities (based on data
released in 2014). The adoption of an occupational health and safety (OH&S) management system is intended to enable an organization to manageits
OH&S risks and improve its OH&S performance in the prevention of injury and ill health.

•0.2 Aim of an OH&S MS

•The purpose of an OH&S MS is to provide a framework for managing OH&S risks. The intended outcomes of the OH&S MS are
to prevent injury and/or ill health to workers and to provide safe and healthy workplaces; consequently, it is critically important for
the organization to eliminate or minimize OH&S risks by taking effective preventive and protective measures.

•When these measures are applied by the organization through its OH&S MS, they improve its OH&S performance. It can be
more effective and efficient to take early action to address opportunities for improvement of OH&S performance.

•An OH&S management system enables an organization to improve its OH&S performance by implementing the requirements of
this document.

•An OH&S MS can assist an organization to fulfil its legal requirements and other requirements.
Mar-08 Integrated Management System (QHSE) – Auditor Course 33
 Introductory Clauses 0.1 through 0.5
0.3 Success factors
The implementation of an OH&S MS is a strategic and operational decision for an organization. The success of
the OH&S MS depends on leadership, commitment and participation from all levels and functions of the
organization.

The implementation and sustainability of an OH&S MS, its effectiveness and its ability to achieve its intended
outcomes are dependent on a number of key factors which can include:

a) top management leadership, commitment, responsibilities and accountability;

b) top management developing, leading and promoting a culture in the organization that supports the intended
outcomes of the OH&S MS;
c) communication;
d) consultation and participation of workers, and where they exist, workers’ representatives;
e) allocation of the necessary resources to maintain it
f) clear OH&S policies, which are compatible with the overall strategic objectives and direction of the
organization;
g) effective process(es) for identification of hazards, control of the OH&S risks and taking advantage of OH&S
opportunities;
h) the continual performance evaluation and monitoring of the OH&S MS to improve OH&S performance;
i) the integration of the OH&S MS into the organization's business processes;
j) OH&S objectives that align with the OH&S policies and take into account the organization's hazards, OH&S
risks and OH&S opportunities;
k) compliance with its legal requirements and other requirements.

Mar-08 Integrated Management System (QHSE) – Auditor Course 34

 Introductory Clauses 0.1 through 0.5
0.3 Success factors (Contd-)
Demonstration of successful implementation of this document can be used by an organization to give
assurance to workers & other interested parties that an appropriate OH&S MS is in place.

Adoption of this document, however, will not in itself guarantee optimal prevention of work-related injury and/or
ill health to workers and optimal provision of safe and healthy workplaces.

The level of detail, the complexity, the extent of documented information, and the resources needed to ensure
the success of an organization's OH&S MS will depend on a number of factors, such as:

-the organization’s context (its size, its geography, its culture, its social conditions, its legal and other
requirements);
-the scope of its OH&S MS;
-the nature of its activities, its services, and its OH&S risks.

Mar-08 Integrated Management System (QHSE) – Auditor Course 35

 Introductory Clauses 0.1 through 0.5

0.4 Plan, Do, Check and Act approach

The OH&S MS approach applied in this document is founded on the concept of Plan-Do-Check-
Act (PDCA).

The PDCA concept is an iterative process used by organizations to achieve continual

improvement. It can be applied to a management system and to each of its individual elements,
as follows:

- Plan: identify risks and opportunities, establish OH&S objectives and processes necessary to deliver results
in accordance with the organization’s OH&S policy;

- Do: implement the processes as planned;

- Check: monitor and measure activities and processes with regard to the OH&S policy and objectives,
and report the results;

- Act: take actions to continually improve the OH&S performance to achieve the intended outcomes.

This document incorporates the PDCA concept into a new framework, as shown in Figure 1.

Mar-08 Integrated Management System (QHSE) – Auditor Course 36

 Introductory Clauses 0.1 through 0.5

•NOTE The numbers given in brackets refer to the clause numbers in this document
•Figure 1 — Relationship between PDCA and the framework in this document

Mar-08 Integrated Management System (QHSE) – Auditor Course 37

 Introductory Clauses 0.1 through 0.5
0.5 Contents of this International Standard

ISO 45001:2018 conforms to ISO’s requirements for management system standards. These
requirements include a high level structure, identical core text, and common terms with core
definitions, designed to benefit users implementing multiple ISO MS standards.

ISO 45001 does not include requirements of other management systems, such as those for
quality, social responsibility, environmental, security, or financial management, though its
elements can be aligned or integrated with those of other management systems.

ISO 45001 contains the requirements used to assess conformity. An organization that wishes to
demonstrate conformity with this document can do so by:

making a self-determination and self-declaration, or

seeking confirmation of its conformance by parties having an interest in the organization, such as
customers, or

seeking confirmation of its self-declaration by a party external to the organization, or

seeking certification/registration of its OH&S MS by an external organization

Mar-08 Integrated Management System (QHSE) – Auditor Course 38

 Introductory Clauses 0.1 through 0.5
0.5 Contents of this International Standard

Clause 1 to 3 cover the scope, normative references and the terms and definitions

Clauses 4 to 10 contain the requirements that can be used to assess conformity with this
standard.

Annex A provides informative explanations to assist in the interpretation of those requirements.

In this standard, following verbal forms are used:

“shall” indicates a requirement;

“should” indicates a recommendation;
“may” indicates a permission;
“can” indicates a possibility or a capability.

Information marked as "NOTE" is for guidance in understanding or clarifying the associated requirement.
“Notes to entry” used in Clause 3 provide additional information that supplements the terminological data and
can contain provisions relating to the use of a term.

The terms and definitions in Clause 3 are arranged in conceptual order, with an alphabetical index provided at
the end of the document.

Mar-08 Integrated Management System (QHSE) – Auditor Course 39

 Clause 1 to 3

► 1 Scope
•This document specifies requirements for an occupational health and safety (OH&S) management system,
with guidance for its use, to enable an organization to provide safe and healthy workplace(s), by preventing
work-related injury and/or ill health, as well as by proactively improving its OH&S performance.
•This document is applicable to any organization that wishes to establish, implement and maintain an OH&S
MS to improve occupational health and safety, eliminate hazards and minimize OH&S risks (including
system deficiencies), take advantage of OH&S opportunities, and address OH&S MS nonconformities
associated with its activities.
•This document helps an organization achieve the intended outcomes of its OH&S MS.

•Consistent with the organization’s OH&S policy, the intended outcomes of an OH&S MS include:

•a) continual improvement of OH&S performance;

•b) fulfilment of legal requirements and other requirements;

•c) achievement of OH&S objectives.

Mar-08 Integrated Management System (QHSE) – Auditor Course 40

 Clause 1 to 3

► 1 Scope

- This document is applicable to any organization regardless of its size, type and activities and applies to the
OH&S risks under the organization’s control, taking into account factors such as the context in which the
organization operates and the needs and expectations of its workers and other interested parties.
- This document does not state specific criteria for OH&S performance, nor is it prescriptive about the design
of an OH&S MS.
- This document enables an organization, through its OH&S MS, to integrate other aspects of health and
safety, such as worker wellness/wellbeing.
- This document does not address issues such as product safety, property damage or environmental impacts,
beyond the risks they provide to workers and other relevant interested parties.
- This document can be used in whole or in part to systematically improve OH & S management. However,
claims of conformity to this document are not acceptable unless all its requirements are incorporated into an
organization's OH&S MS and fulfilled without exclusion.

Mar-08 Integrated Management System (QHSE) – Auditor Course 41

 Clause 1 to 3

ISO 45001:2018

•2 Normative reference

• No reference…

•3 Terms and definitions

•definition of 37 terms

Mar-08 Integrated Management System (QHSE) – Auditor Course 42

 4.Context of the organization

•4.CONTEXT OF THE ORGANIZATION

•4.1 Understanding the organization and its context

•4.2 Understanding the needs and expectations of workers and other interested parties

•4.3 Determining the scope of the OH&SMS

•4.4 OH&S management system

Mar-08 Integrated Management System (QHSE) – Auditor Course 43

 5.Leadership & Worker Participation

•5.Leadership & worker participation

• 5.1 Leadership & Commitment

• 5.2 OH & S Policy

• 5.3 Organization roles, responsibilities & authorities

•5.4 Consultation and participation of workers

Mar-08 Integrated Management System (QHSE) – Auditor Course 44

 6.Planning

•6. PLANNING
•6.1 Actions to address risks and opportunities
► 6.1.1 General

► 6.1.2 Hazard Identification and assessment of risks & opportunities

•6.1.2.1 Hazard Identification

•6.1.2.2 Assessment of OH&S risks & other risks to OH&SMS

•6.1.2.3 Assessment of OH&S opportunities and other opportunities to the OH&SMS

► 6.1.3 Determination of legal requirements and other requirements

► 6.1.4 Planning Action

•6.2 OH&S objectives and planning to achieve them

► 6.2.1 OH&S Objectives

► 6.2.2 Planning to achieve OH&S objectives

Mar-08 Integrated Management System (QHSE) – Auditor Course 45

 7.Support

•7. SUPPORT
•7.1 Resources

•7.2 Competence

•7.3 Awareness

•7.4 Communication

► 7.4.1 General

► 7.4.2 Internal Communication

► 7.4.3 External Communication

•7.5 Documented information

► 7.5.1 General

► 7.5.2 Creating and updating

► 7.5.3 Control of documented information

Mar-08 Integrated Management System (QHSE) – Auditor Course 46

 8.Operation

•8.OPERATION

•8.1 Operational planning & control

•8.1.1 General

•8.1.2 Eliminating Hazards and reducing OH&S Risks

•8.1.3 Management of Change

•8.1.4 Procurement
•8.1.4.1 General

•8.1.4.2 Contractors

•8.1.4.3 Outsourcing

•8.2 Emergency preparedness and response

Mar-08 Integrated Management System (QHSE) – Auditor Course 47

 9.Performance evaluation

• 9.PERFORMANCE EVALUATION
•9.1 Monitoring, measurement analysis and evaluation

► 9.1.1General

► 9.1.2 Evaluation of compliance

•9.2 Internal Audit

► 9.2.1 General

► 9.2.2 Internal audit programme

•9.3 Management Review

•10.IMPROVEMENT
► 10.1 General

► 10.2 Incident, Non Conformity & corrective action

► 10.3 Continual Improvement

Mar-08 Integrated Management System (QHSE) – Auditor Course 48

 Chapter 4
Concept of Integration
 Concept of integration

IMS

Quality Environment

Health & Safety

An integrated system covers two or more

separate issues within the same system.

Jul-19 Integrated Management System (QHSE) – Auditor Course 2

 Concept of integration

Integrated management system (IMS) management

system that integrates multiple aspects of an
organization’s systems and processes to one
complete framework, enabling an organization to
meet the requirements of more than one
management system standard (PAS 99:2012 3.1)

Jul-19 Integrated Management System (QHSE) – Auditor Course 3

 Concept of integration

To optimize the cost and efforts in;

 System development
 System documentation
 System implementation
 Monitoring and measurement
 Review and improvement
 Certification

Jul-19 Integrated Management System (QHSE) – Auditor Course 4

  High-Level Structure

Jul-19 Integrated Management System (QHSE) – Auditor Course 5

The New Structure of ISO MS Standards

 ISO/IEC Directives, Part 1 Consolidated ISO Supplement

— Procedures specific to ISO
 Annex SL (normative) Proposals for management system
standards
 Mandatory structure of management system standards
Appendix 2:
 Appendix 3 - High level structure, identical core text and
common terms and core definitions for use in
Management Systems Standards

Jul-19 Integrated Management System (QHSE) – Auditor Course 6

  High-Level Structure

 Common main structure

 Common sub-clauses
 Common terms and definitions
 Risk managment approach

Jul-19 Integrated Management System (QHSE) – Auditor Course 7

  Alignment of management systems standards

•ISO 14001
•Environmental
Management
Systems

Jul-19 Integrated Management System (QHSE) – Auditor Course 8

  Generic basic vocabulary

Jul-19 Integrated Management System (QHSE) – Auditor Course 9

  High-Level Structure (HLS)

Jul-19 Integrated Management System (QHSE) – Auditor Course 10

 Common/specific requirements

Common/specific requirements ISO 9001:2015 ISO 14001:2015 ISO 45001:2018

Context of the organization 4.1 4.1 4.1

Interested parties 4.2 4.2 4.2

Scope of the management system 4.3 4.3 4.3

Quality management and its processes/ 4.4 4.4 4.4

EMS/OHSMS

Leadership and commitment 5.1.1 5.1 5.1

Customer focus 5.1.2 - -

Policy 5.2 5.2 5.2

Organizational roles, responsibilities and 5.3 5.3 5.3

authorities

Jul-19 Integrated Management System (QHSE) – Auditor Course 11

 Common/specific requirements

Common/specific requirements ISO 9001:2015 ISO 14001:2015 ISO 45001:2018

Consultation and participation of workers - - 5.4

Action to address risks and opportunities 6.1.1 6.1.1 6.1.1

Environmental aspects - 6.1.2 -

Hazard identification and assessment of

- - 6.1.2
risks and opportunities
Compliance obligations/Legal and other 5.1.2a 6.1.3 6.1.3
requirements

Planning action 6.1.2 6.1.4 6.1.4

Objectives and planning to achieve them 6.2 6.2 6.2

Planning of changes 6.3 8.1.3

Resources 7.1.1 7.1 7.1

Continued…
Jul-19 Integrated Management System (QHSE) – Auditor Course 12
 Common/specific requirements

Common/specific requirements ISO 9001:2015 ISO 14001:2015 ISO 45001:2018

People 7.1.2 - -

Infrastructure 7.1.3 - -

Environment for the operation of

7.1.4 - -
processes

Monitoring and measuring resources 7.1.5 - -

Organizational knowledge 7.1.6 - -

Competence 7.2 7.2 7.2

Awareness 7.3 7.3 7.3

Communication 7.4 7.4.1 7.4.1

Continued…
Jul-19 Integrated Management System (QHSE) – Auditor Course 13
 Common/specific requirements

Common/specific requirements ISO 9001:2015 ISO 14001:2015 ISO 45001:2018

Internal Communication - 7.4.2 7.4.2

External Communication - 7.4.3 7.4.3

Documented information 7.5 7.5 7.5

Operational planning and control 8.1 8.1 8.1.1

Eliminating hazards and reducing OH&S

- - 8.1.2
risks
Emergency preparedness and response - 8.2 8.2

Customer communication 8.2.1 - -

Determining the requirements for products 8.2.2 - -

and services
Review of requirements for products and 8.2.3 - -
services

Continued…
Jul-19 Integrated Management System (QHSE) – Auditor Course 14
 Common/specific requirements

Common/specific requirements ISO 9001:2015 ISO 14001:2015 ISO 45001:2018

Changes to requirements for products and 8.2.4

services - -

Design and development of products and

services
8.3 8.1a -
Control of externally provided processes,
8.4.1 8.1b 8.1.4
products and services

Type and extent of control 8.4.2 8.1b 8.1.4

Information for external providers 8.4.3 8.1c 8.1.4

Control of production and service 8.5.1 - -

provision
Identification and traceability 8.5.2 - -

Property belonging to customer and 8.5.3 - -

external providers
Preservation 8.5.4 - -

Continued…
Jul-19 Integrated Management System (QHSE) – Auditor Course 15
 Common/specific requirements

Common/specific requirements ISO 9001:2015 ISO 14001:2015 ISO 45001:2018

Post-delivery activities 8.5.5

8.1.3
Control of changes 8.5.6 -

Release of products and services 8.6

Control of nonconforming outputs 8.7

Monitoring, measurement, analysis and

9.1.1 9.1.1 9.1.1
evaluation

Customer satisfaction 9.1.2 - -

Evaluation of compliance - 9.1.2 9.1.2

Analysis and evaluation 9.1.3 - -

Continued…
Jul-19 Integrated Management System (QHSE) – Auditor Course 16
 Common/specific requirements

Common/specific requirements ISO 9001:2015 ISO 14001:2015 ISO 45001:2018

Internal audit 9.2 9.2 9.2

Management review 9.3 9.3 9.3

Opportunities for improvement 10.1 10.1 10.1

Incident, nonconformity and corrective

10.2 10.2 10.2
action

Continual improvement 10.3 10.3 10.3

Continued…
Jul-19 Integrated Management System (QHSE) – Auditor Course 17
 Levels of Integration

Policy and System Level Low

(QHSE Policy and IMS Manual integrated)
+
Function / Process level
(System level procedures integrated)
• Management review procedure
• Internal auditing
• Corrective & preventive actions Medium
• Control of documents & records
• Risk assessment (for QMS, EMS & OH&S)
• Emergency response (for EMS & OH&S) etc.
+
Activity Level
• Operational controls
• Measurement & monitoring
High

Jul-19 Integrated Management System (QHSE) – Auditor Course 18

Integration of Documentation

Policy

Manual/System Description

Common Quality Environmental OH&S

Procedures Procedures Procedures Procedures

Instructions

Jul-19 Integrated Management System (QHSE) – Auditor Course 19

 Integration of Operational Controls / Process Controls

Operations - Activities- Processes

Associated with Associated with

Directly Affecting
Significant significant OH&S
Quality
Environmental Aspects Aspects

ALL CARRIED OUT UNDER CONTROLLED SPECIFIED

CONDITIONS

Jul-19 Integrated Management System (QHSE) – Auditor Course 20

 Common Operational Control Procedures - Example

Storage & Handling of Chemicals

Quality  Control of storage duration / shelf-life.
 Prevention of damage in storage (temperature
control, prevention of contamination etc).

Health and Safety  Hazard labeling of containers

 Use of PPE

 Receipt & Storage of Safety Data

Environmental  Spill prevention/control

 Receipt & Storage of environmental data.

Jul-19 Integrated Management System (QHSE) – Auditor Course 21

Chapter 05 – Audit Management
 Session Plan

Format: Tutor led training & open discussion

Objectives: Understand the importance of managing the audit in line with ISO 19011
Understand the various stages of the audit and their function

Understand the importance of effective planning and preparations for the

audit including the necessity of precise determination of audit scope

Feb 2020 IMS Internal Auditor Training Course 2

 Who manages the audit?

►The audit team leader has overall responsibility for the

audit. Audit team members assist the team leader.
►Good audit management requires:
 Planning and Preparation
 Communications (Client, Auditees and Auditors)
 Accurate and Objective Fact Finding

Audits MUST be well managed

to provide good VALUE.

Feb 2020 IMS Internal Auditor Training Course 3

 Audit types

► First Party Audit (internal audit) (Process defined in ISO 19011)

• Internal audits, sometimes called first party audits, are conducted by,
or on behalf of, the organization itself.
• Can form the basis for an organizations self declaration of conformity.
• Independence can be demonstrated by freedom from bias and conflict
of interest.
► Second Party Audit (external audit) (Process defined in ISO 19011 )

• Conducted by parties having an interest in the organization, such as

customers of by other persons on their behalf. Audit by an interested
body (like a customer).
► Third Party Audit (Process defined in ISO 19011)

• Conducted by an independent auditing organization and sector

specific qualified auditors, such as regulators or certification bodies.

Feb 2020 IMS Internal Auditor Training Course 4

 ISO 19011:2018 – an overview

►ISO 19011 provides good guidelines for auditing

management systems including:
 Section 1: Scope
 Section 2: Normative references
 Section 3: Terms and definitions
 Section 4: Principles of auditing
 Section 5: Managing an audit programme
 Section 6: Conducting an audit
 Section 7: Competence and evaluation of auditors

Feb 2020 IMS Internal Auditor Training Course 5

 Audit Programme in ISO 19011 –
more than just an audit plan!
►ISO 19011 Section 3.4 – Definition of audit programme
 Set of one or more audits,
 Planned for a specific timeframe and
 Directed towards a specific purpose.
 Note: it includes all activities necessary for planning, organizing and
conducting the audits.

►ISO 19011 Section 5 Managing an audit programme

 It covers all steps like a computer programme.

►ISO 19011 Section 6 –Conducting an audit

 Includes planning and conducting specific audit activities as a part of
an audit program

Feb 2020 IMS Internal Auditor Training Course 6

The different phases of an audit

Time
6.2 Initiating the audit

?
6.3 Preparing for on-site activities

6.4 Conducting On site audit ?

6.5 Audit reporting

?
6.6 Completing the audit

6.7 Audit Follow-up ?

Reference:ISO19011 Section 6

Feb 2020 IMS Internal Auditor Training Course 7

 Audit management
Initiating the Audit
► Establishing contact with auditee
 Confirm communication channels with the auditee’s representatives
 Confirm the authority to conduct the audit;
 Provide relevant information on the audit objectives, scope, criteria,
methods and audit team composition
 Request access to relevant information
 Determine applicable statutory and regulatory requirements and
other requirements
 Confirm the agreement with the auditee on confidentiality
 Make arrangements for the audit
 Agree on the attendance of observers, guides or interpreters
 Resolve issues and arrangements for quality, safety and security
 Determine any areas of interest or concern

Ref: ISO 19011-6.2

Feb 2020 IMS Internal Auditor Training Course 8

 Audit management

Initiating the Audit

► Determine feasibility of the audit
The determination of feasibility should take into consideration factors
such as the availability of the following:
a) sufficient and appropriate information for planning and
conducting the audit;
b) adequate cooperation from the auditee;
c) adequate time and resources for conducting the audit

Ref: ISO 19011-6.2

Feb 2020 IMS Internal Auditor Training Course 9

 Audit management

Initiating the Audit

Audit Criteria Audit Scope
Reference against which
Extent and boundaries of the
conformity is determined audit including:
► Standard
► Contractual Specification
Locations
► IMS Documentation Organisational units
► IMS Planning
Activities and processes
► Legislation or other
covered
requirements

Team Composition ?
Ref: ISO 19011-6.2 & ISO 17021

Feb 2020 IMS Internal Auditor Training Course 10

 Audit management

Audit Plan Working Documents

► Scope Checklists
► Criteria Forms
► Dates & duration Standard
► Audit team
Guidelines
► Detailed timetable

► Matrix plan

► Audit team requirements

► Remember to cover shifts

Feb 2020 IMS Internal Auditor Training Course 11

 Audit management

Notify the auditee and audit team

 Audit plan
 Timetable
 Matrix plan
 What else ?

Feb 2020 IMS Internal Auditor Training Course 12

 Audit management

Conducting on-site Audit Activities

►Conducting the opening meeting

►Communication during the audit

►Collecting and verifying information

►Generating audit finding

►Preparing audit conclusions

►Conducting the closing meeting

Ref:ISO 19011-6.4 & ISO/IEC 17021

Feb 2020 IMS Internal Auditor Training Course 13

 Applicable audit methods Reference:ISO19011

Extent of involvement Location of the auditor Location of the auditor

between the auditor
and the auditee On-site Remote

Human - Conducting interviews Via interactive communication

- Completing checklists and means:
interaction questionnaires with auditee — conducting interviews;
participation — observing work performed with
- Conducting document review with remote guide;
auditee participation — completing checklists and
- Sampling questionnaires;
— conducting document review with
auditee participation.

No human - Conducting document review (e.g. - Conducting document review

records, data analysis). (e.g. records, data analysis).
interaction - Observation of work performed. - Observing work performed via
- Conducting on-site visit. surveillance means, considering
- Completing checklists. social and statutory and
- Sampling (e.g. products). regulatory requirements.
- Analysing data.

Feb 2020 IMS Internal Auditor Training Course 14

 Audit management

Conducting On-site Audit Activities

Meetings, Communications and Field Visits

Opening and Closing meetings are formal

communications.

Wash-up meetings report ongoing status,

findings and progress.

Team liaison meetings help coordinate and

focus the audit team.

Regular feedback to auditees provides

ongoing communication

Ref:ISO 19011-6.4

Feb 2020 IMS Internal Auditor Training Course 15

 Audit management

Opening meeting agenda:

►Introduce the team ►Grading of NCR’s

►Reason, scope & criteria ►Confirm staff aware &

available
►Review audit plan and
methods ►Confirm logistics

►Explain about sampling ►Confirm guides

►Confidentiality ►Safety requirements

►Method of reporting ►Questions

Ref:ISO 19011-6.4.3

Feb 2020 IMS Internal Auditor Training Course 16

 Audit management

Closing Meeting Agenda

►Thank the auditee and ►Disclaimer
reintroduce the team
►Overall summary
►Recap reason, scope & criteria
►Questions & answers
►Review audit plan and methods
►Corrective actions & time-
►Report the observations, positive scale
& negative
►Recommendation

►Follow-up

Ref:ISO 19011-6.4.9

Feb 2020 IMS Internal Auditor Training Course 17

 Audit management

Follow-up action Documentary Evidence

 At agreed time Records

 Review of documentary Training certificates

evidence
Amended procedures
 Re-audit on the site Photographs
 Only review of corrective Videos
actions

 Don’t start it all over again

Ref: ISO 19011-6.7

Feb 2020 IMS Internal Auditor Training Course 18

Chapter 06 – Conducting an audit
Session Plan

Format: Tutor led training & open discussion

Objectives: Understand the methods for gathering the information and
audit evidence, and requirements of ISO 19011
Understand the importance of observation during the audit
and in particular observation of production and service
provision processes
Understand the importance of process focus during the audit
and in particular the need to verify every time if the audited
process is producing intended outputs
Understand the concept of process mapping and its benefits
in preparation for auditing a process

Feb 2020 IMS Internal Auditor Training Course 2

 Performing an audit

How do auditors find evidence ?

• Reviewing documents

• Looking at records

• Interviewing people at all levels

• Observing practices and physical

environment

NOTE: Can/should the auditor cover all people,

documents and records during the audit?

What should be the sampling methodology and sampling size?

Feb 2020 IMS Internal Auditor Training Course 3

 Performing an audit

What documents should be reviewed as part

of ‘Document review’…?
►IMS manual

►Procedures

►Work instructions

►Other documents

►Records

Should all documents be reviewed ?

Feb 2020 IMS Internal Auditor Training Course 4

 Performing an audit

Observation.
Auditor’s Proverb: “Seeing is believing”
Visit the field! See the 'real world'!!!

Observation – What to Look for

 Actual Operations  Emergency exits

 Housekeeping  Fire fighting equipment

 Barriers and guards  Communications Postings

 Behaviour  Signage

 Adherence to PPE requirements  Awareness Reminders

 Communication routes  Calibration Tags

 Evacuation routes  Infrastructure

Keen observation is one of the keys to successful audit
Feb 2020 IMS Internal Auditor Training Course 5
 Performing an audit Auditing using Process Approach

4. With What? 5. With Who?

(Materials/Equipment/People) (Competence/Skills/Training)

3. Inputs 1. UTILITY Process 2. Outputs

(Activities)

7. How Effective? 6. How?

(Measurable Objective) (Methods/Procedures/Techniques)

Feb 2020 IMS Internal Auditor Training Course 6

 Performing an audit

Why Prepare a “Checklist” before an Audit?

► to assist memory
► to ensure covering all issues and control points
► to ensure depth & continuity of the audit
► help in time management
► organise note taking
► part of audit report

Feb 2020 IMS Internal Auditor Training Course 7

 Performing an audit

Checklist Format
Inquiries Evidence and
► Leave space for notes Finding

► Allow space for time control Facilities Area (6.2.2, 8.1)

Interview HVAC technician
and recording about energy reduction
program. Plan, results.

► Reference the requirements of Observe equipment and

settings
audit criteria
Employee interviews (5.2, 7.3
8.2)
► Reference the control
Are you aware of the
documents environmental policy?
How does the policy relate to
► Reference verifying what you do?
What type of training have
documents (records) you had on EM?
What do you do if there is an
emergency?

Feb 2020 IMS Internal Auditor Training Course 8

 Performing an audit

Checklists should: Checklists should NOT:

 Be specific for a given IMS. • Narrow the vision or limit
evaluation.
 Be prepared using IMS
documentation. • Obstruct communication.
 Be clear about evaluation criteria.
• Be too strict or constraining.
 Note documents to review.
• Be a script of exact questions.
 Identify records to sample (and
sample size). • Restrict auditor’s inquiry.

 Identify key people to interview. • Be yes/no lists.

 Include some key questions for • Be completely generic.

interviews.
 Note physical evidence you
expect to see.

Feb 2020 IMS Internal Auditor Training Course 9

 Performing an audit

Follow Audit Trails

As you audit you will find
interesting opportunities for
follow-up (audit trails).
Pick promising audit trails:
►Follow it through

►Interact with team

Feb 2020 IMS Internal Auditor Training Course 10

 Interview Top Management

Obtain evidence of leadership and commitment

 Observe attendance and interest in opening, closing and

feedback meetings
 Review documents:
IMS policy
Objectives
Management reviews records
 Interview members of top management:
Do they know “their” system?
Do they monitor, analyse data, draw conclusions, define actions?
 Interview personnel at other levels:
Do they understand what top management is trying to communicate?

Feb 2020 IMS Internal Auditor Training Course 11

 Performing an audit

Always take notes

►Explain the need to take notes to auditee

►Make your notes:

 Comprehensive
 Accurate
 Precise
 Legible

Feb 2020 IMS Internal Auditor Training Course 12

 Performing an audit

Time management
► Time is always short

► Plan well

► Do not allow your audit to get

side-tracked
► Do not dig too much (beware
false audit trails)
► Do not focus on trivia

► Remember an audit is a
sampling

Recap the discussion on sampling done in earlier slides….!!!

Feb 2020 IMS Internal Auditor Training Course 13

Chapter 07 – Reporting
 Reporting

Format: Tutor led training & open discussion

Objectives: Understand the importance of effective reporting of the
audit results, and requirements of ISO 19011
View the reporting as a continual process of
communicating the audit findings
Be able to identify the characteristics of an audit report
that bear on its quality
Understand the need and importance of positively
reporting the audit results

July’19 IMS Internal Auditor Training Course 2

 Reporting

Process of communicating the outcome of the audit

► Not limited to preparation of final report

► Continual verbal and written reporting

► Report outcome completely

 Validation and confirmation of conformance

 and nonconformities

► Reports should add value to IMS

► Report as per the procedures of the organisation on behalf

of which the audit is conducted.

July’19 IMS Internal Auditor Training Course 3

 Reporting

Verbal Reports are generally given to:

►Direct auditees

►Management representative

►Line managers

►Auditee top management

Note: Each person wants information related to them.

Tailor your verbal presentations to the audience’s needs.

July’19 IMS Internal Auditor Training Course 4

 Reporting

Written ‘Reports’ are sent to persons designated by

the organization and may include:

►Direct auditees

►Auditee management

►Your fellow auditors

July’19 IMS Internal Auditor Training Course 5

 Reporting

Quality characteristics of a report

Contents Form
►Informative ►Conciseness
►Factual ►Legibility
►Complete
►Transparency
►Accurate &
precise ►Clarity

Reality Test: Is the report easy to understand and useful?

July’19 IMS Internal Auditor Training Course 6

 Reporting

Tips on Writing Style

►Use simple words

►Precise wording

►Use reported speech,

(where applicable)
►Avoid abbreviations

►Avoid acronyms

July’19 IMS Internal Auditor Training Course 7

 Reporting

Report without delay!

►Normal practice = report
completed on site and presented
to the client.
►Time never becomes available.

►Prepare NCR’s there and then.

►Timely reporting adds value.

July’19 IMS Internal Auditor Training Course 8

 Reporting

Typical Contents of Final Audit Report

► Audit scope & objectives

► Audit plan, identification of auditors & auditees

► Audit criteria

► Audit team judgement of conformance of the IMS with

audit criteria
► Nonconformances

► System’s ability to achieve defined objectives

► Distribution list

► Attachments: Completed Notes & Checklists,

Nonconformance Reports, Matrix Analysis
Ref: See ISO19011 section 6.5

July’19 IMS Internal Auditor Training Course 9

Chapter 08 – NCRs and Corrective Actions
 Session Plan

Format: Tutor led training & open discussion

Objectives: Understand the nonconformity
Understand the need of positive approach to nonconformity
Understand the importance of proper reporting of
nonconformity
Understand the roles and responsibilities for handling the
nonconformity detected during the audit

July’19 IMS Internal Auditor Training Course 2

 Nonconformity reports

What is a Nonconformity?
ISO 14001:2015 clause 3.4.3, ISO 9001:2015
3.6.9, ISO 45001:2018 3.34

“Non-fulfillment of a requirement”

Objective evidence exists showing that:

• a requirement has not been addressed
(intent)
• practice differs from the defined system
(implementation)
• the practice is not effective
(effectiveness)

July’19 IMS Internal Auditor Training Course 3

 Non-conformity reports

Communicating Findings of Nonconformity

►Do not view non-conformance in a negative way. This
is NOT like a speeding fine. It is NOT a punishment.

►Uncovering a non-conformance is a previously

undiscovered opportunity for improvement.

►Be positive, be professional, be precise.

July’19 IMS Internal Auditor Training Course 4

 Nonconformity reports

Nonconformity Report
No set rules; however all have these three parts:

► The system element that has not been effectively

implemented (Focus on the process which is not not
effective)

► The requirement (what was supposed to be)

► The verifiable evidence (what actually is)

Different organizations have different formats

 Use the format chosen by your client or firm

July’19 IMS Internal Auditor Training Course 5

 Nonconformity reports

A Nonconformity Must Also Be...

► Factual

► Precise

► Objective

► Traceable

► Concise

Will someone else be able to trace back and find the

same evidence you found, based on what you wrote?

July’19 IMS Internal Auditor Training Course 6

 Nonconformity reports

What is an audit finding..?

What is positive finding..?

What is observation?

What is an opportunity for improvement (OFI) ?

July’19 IMS Internal Auditor Training Course 7

 Nonconformity reports

Examples of Objective Evidence

 Factual evidence of differences between procedures
and working practices

 Lack of evidence to support implementation of

various standard clauses

 Lack of evidence to show continuous

implementation of various parts of the system

July’19 IMS Internal Auditor Training Course 8

 Example

►Maintenance department, morning shift

 Acetylene gas delivered but left in unsecured area.
 WI4-01, clause 6, requires that on delivery all flammable
gases must be immediately stored in secure storage area.

July’19 IMS Internal Auditor Training Course 9

 NCR for the Example

IRCA ENVIRONMENTAL AUDITS Incident Number

…....................
NONCONFORMITY REPORT
Company under Audit: XYZ plc
Area under review: MAINTENANCE ISO 14001 Clause Number

► Area
………………………………………. …………………………
(8.1)
Non Conformity
Process of Operation Control is not
► Clause effectively managed
► Problem Objective Evidence

Evidence was available that ACETYLENE

► Requirement GAS was left in a non-secure area
Requirements

► Signature Refer to WI4-01, clause 6

Clause 8.1 of ISO 14001 requires :

Delegates to state the requirement..?

A. U. Ditor
Auditor

July’19 IMS Internal Auditor Training Course 10

 Nonconformity reports

A word of Caution
Be cautious, do not not be over conclusive!
Don’t judge on face value!
Make sure you have complete evidence!
Make sure your evidence is objective!
When in doubt, investigate!
Identify the leads for further investigation.

July’19 IMS Internal Auditor Training Course 11

 Nonconformity reports

Matrix or cluster
analysis
 Is the system
fundamentally sound?
 Are there any problem
areas?
 Are there weak
elements in the
system?

July’19 IMS Internal Auditor Training Course 12

 Corrective Actions vs Preventive Actions

Corrective Action Preventive Action

“Action to eliminate the
“Action to eliminate the
cause of a potential
cause of a detected
nonconformity”
nonconformity or other
undesirable situation”

Don’t cure symptoms only!

Hit the cause!
Effective Corrective Action

What is Correction…?

July’19 IMS Internal Auditor Training Course 13

 Corrective action process

Auditor Auditee
Identify, note
& communicate Agreement

Acknowledge
Prepare
Prepare NCR
NCR
& investigate

Explain Cause/Propose
Agreement
Corrective Action

Review Implement,
effectiveness verify & notify

July’19 IMS Internal Auditor Training Course 14

 Corrective action Process

Corrective Action Request

Example: Company:

Auditor: Auditee:
Date: NCR
Number:

Nonconformity and Standard & Clause Major: Minor

Auditors Report: of non-conformance (requirement & evidence)
Corrective Action
Request Form Signed:
Date:
Cause & Proposed Corrective Action:

Note area for review of

Proposed Completion Date:

Date: Signature
effectiveness of corrective Verification of Corrective Actions:

actions.
Date : Signature
What should be entered Review of effectiveness of Corrective Actions:

here? By whom?
Date: Signature

July’19 IMS Internal Auditor Training Course 15

Chapter 09 – Approach to the audit
 Approach to the Audit
Session Plan
Format: Tutor led training & open discussion

Objectives: Understand how positive approach to be followed for any audits

Understand relationship between auditor and auditee
Understand the soft skills required for an auditor for making audit a
successful process
Understand and develop interviewing skills for people at avarious
levels of hierarchy
Understand various cultural, and psychological issues involved during
an audit and develop behavioural aspects during the audit

July’19 IMS Internal Auditor Training Course 2

 Approach to the Audit

Team spirit & co-operation = successful audit

Auditors set the “TONE” for the audit.

July’19 IMS Internal Auditor Training Course 3

 Approach to the Audit

Key Success Factor: Auditor Attitude

MUST BE POSITIVE/VALUE-ADD
 I really am here to help.

 I am not here to find fault.

 We are on the same team.

 Together we can find

opportunities.
 This benefits the business.

July’19 IMS Internal Auditor Training Course 4

 Approach to the Audit

Relations between auditors and auditees

are critical for a successful audit. The
auditor influences these relationships by:

1. Understanding the communications process

2. Minimizing barriers to communication
3. Creating the climate for good communications
4. “LISTENING” carefully to auditees

July’19 IMS Internal Auditor Training Course 5

 Approach to the Audit

Communications Process
Sender
encodes
Message

Recipient
decodes &
Feedback interprets

July’19 IMS Internal Auditor Training Course 6

 Approach to the Audit

Barriers to effective communication

Physical
Intellectual
Psychological

Find example for each of them

July’19 IMS Internal Auditor Training Course 7

 Approach to the Audit

Create a Climate for Good Communications:

Space (where are you auditing?)

Timing (what time of day?)
Eye contact (how much?)
Body language (watch and control)
Cultural sensitivities (research if necessary)

July’19 IMS Internal Auditor Training Course 8

 Approach to the Audit

Space and Place considerations:

►Allow “personal” space

►Right location (auditees work space or

conference room?)
►Seating plan

►Minimum physical distraction

►Desk between people may be a barricade

►Auditor & auditees should be one team

July’19 IMS Internal Auditor Training Course 9

 Approach to the Audit

Time Considerations:
► Leave auditees some time before you
arrive
► Respect auditees’ time & stay on
schedule
 Never too far ahead of schedule
 Never LATE

► Consider:
customary timings
meals
siesta
closing time

July’19 IMS Internal Auditor Training Course 10

 Approach to the Audit

How much eye contact?

►Western communication culture requires a lot of
eye contact
►Elsewhere close eye contact may be offensive or
impolite
►Lack of eye contact doesn’t have to mean
attempt to hide information

July’19 IMS Internal Auditor Training Course 11

 Approach to the Audit

70% of Communication is NON-VERBAL

Body language
► Postures, gestures, facial expressions

► Communicates mass of information

► Uncontrolled messages may upset auditee

► Common meanings

► Cultural differences

July’19 IMS Internal Auditor Training Course 12

 Approach to the Audit

Cultural Sensitivities
►Audits may be carried out in
multi-cultural environment
►Be aware of cultural
differences & sensitivities
►Research specific issues

►Understand how to establish

rapport with auditees

July’19 IMS Internal Auditor Training Course 13

 Approach to the Audit

Cultural Sensitivities - examples

What is the private
Do I shake
hands with space?
everyone?

Beware of offensive
gestures!
July’19 IMS Internal Auditor Training Course 14
 Approach to the Audit

Good Listening is ESSENTIAL

►Eliminate distractions

►Listen for content

►Suspend judgement

►Listen for themes

►Use spare time

►Seek clarification

July’19 IMS Internal Auditor Training Course 15

 Approach to the Audit

Bad habits to avoid (i.e. not listening)

 Faking attention

 Pre-occupation

 Over-reaction ¡NO!
 Interrupting the speaker

 Listening without looking

 Listening only to what we want to hear

 Using listening time to collect the thought

July’19 IMS Internal Auditor Training Course 16

 Approach to the Audit

Interviewing – A CRITICAL Audit Step

Interviews provide essential objective evidence.
Good communications are essential to good
interviews.
So, put the auditee AT EASE.
• Be Friendly.
• Explain why you are here.
• Ask for their help.
• Ask if they have questions.
• Show an interest in what THEY do.
• Explain your observations.

July’19 IMS Internal Auditor Training Course 17

 Approach to the Audit

Interviewing Technique
►Interviews are not interrogations. Objectives?!

►Ask questions in conversational

manner.
►Weave questions into general
conversation.
►Do not cross question.

►Avoid question answer exercise.

July’19 IMS Internal Auditor Training Course 18

 Approach to the Audit

Questioning Technique for Interviews

Questions should: Three Question types:
►yield relevant ►open questions
►closed and direct
information
questions
►not suggest answers ►clarifying questions
►not contain emotive
words or implications
Avoid leading questions
Don’t ask antagonising questions

July’19 IMS Internal Auditor Training Course 19

 Approach to the Audit

Open Questions - auditor friends

What? Why? Where? Who? When? How?

► Yield informative answer
► Limits - conversation may get side-tracked!
► One way to avoid diluting:

Show me!

July’19 IMS Internal Auditor Training Course 20

 Approach to the Audit

Closed and direct questions

►Closed questions - answer: Yes/No

►Direct questions - answer: few words

►Intended to yield very specific information

►Disadvantages:
 do not bring much information
 if used too often may create impression of cross -
examination

July’19 IMS Internal Auditor Training Course 21

 Approach to the Audit

Clarifying Questions
►Intended to clarify, retrieve full information and
prevent misunderstanding
►Allow to grasp full picture

►Disadvantages:
 if used too often may create impression that you were
not listening
 are time-consuming
 if you are not prepared to listen in full don’t ask them

July’19 IMS Internal Auditor Training Course 22

 Chapter 10 –
Auditor – Roles and Competence
Roles and responsibilities

Auditor’s responsibility Lead auditor`s responsibility

► Comply with audit requirements ► Gather all information required for
planning
► Follow audit plan & procedures
► Assist in selecting team and
► Communicate and clarify audit Represent audit team
requirements
► Prepare overall plan
► Plan and carry out individual tasks
effectively ► Assign individual tasks

► Collect and analyse evidence ► Ensure working documents are

prepared
► Co-operate with & support the team
leader ► Documentation review

► Retain and maintain records & ► Chair opening and closing

documentation meetings
► Maintain confidentiality ► Ensure liaison meetings are held
regularly
► Act in ethical manner

► Verify corrective actions

Feb 2020 IMS Internal Auditor Training Course
2
Roles and responsibilities

Role and responsibilities Role and responsibilities of

of the Audit client observers
► Accompanies the audit
► Communicate the Audit agenda
► Ensure that interview partners are ► Does not audit and not involved in
available Interview
► Assist the auditor by providing ► Does not influence or interfere with
evidence the conduct of the audit
► Cooperate with audit process ► Can be a regulator or other interested
party who witnesses the audit.
► Be open and honest
► Liaise with auditors to arrange audit
Role and responsibilities of
► Initiate and implement corrective guides
actions on findings ► Person appointed by the auditee
► Provide resources for corrective ► Assist in making arrangements
actions
► Guide auditors to records,
documents, people, process etc.,
► Take care for Health and Safety
Feb 2020 IMS Internal Auditor Training Course
3
Auditors Competence according to ISO 19011

Discipline & QHSE

Generic
sector specific knowledge specific
knowledge and skills knowledge
and skills and skills

Work Auditor Audit

Education
experience training experience

Personal attributes

Feb 2020 IMS Internal Auditor Training Course

4
Specific knowledge and skills
of QMS auditors
► Knowledge and skills related to the discipline and the application of discipline-
specific methods, techniques, processes and practices should be sufficient to
enable the auditor to examine the management system and generate
appropriate audit findings and conclusions.. Examples are as follows:
 terminology relating to quality, management, organization, process and product,
characteristics, conformity, documentation, audit and measurement processes;
 customer focus, customer-related processes, monitoring and measuring of customer
satisfaction,
 complaints handling, code of conduct, dispute resolution;
 leadership – role of top management, managing for the sustained success of an
organization – the quality management approach, realizing financial and economic
benefits through management of quality, quality management systems and excellence
models;
 involvement of people, human factors, competence, training and awareness;
 process approach, process analysis, capability and control techniques, risk treatment
methods;
 system approach to management (rationale of quality management systems, quality
management systems and other management system focuses, quality management
system documentation), types and value, projects, quality plans, configuration
management;
 continual improvement, innovation and learning;
 context of the organization

Feb 2020 IMS Internal Auditor Training Course

5
Specific knowledge and skills
of QMS auditors

 factual approach to decision making, risk assessment techniques (risk identification,

analysis and
 evaluation), evaluation of quality management (audit, review and self-assessment),
measurement and monitoring techniques, requirements for measurement processes
and measuring equipment, root cause analysis, statistical techniques;
 characteristics of processes and products, including services;
 mutually beneficial supplier relationships, quality management system requirements and
requirements for products, particular requirements for quality management in different
sectors.

Feb 2020 IMS Internal Auditor Training Course

6
Specific knowledge and skills
of EMS auditors
► Knowledge and skills of EMS auditors should be sufficient to enable the auditor
to examine the management system and generate appropriate audit findings
and conclusions. Examples are as follows:
 environmental terminology;
 environmental metrics and statistics
 measurement science and monitoring techniques;
 interaction of ecosystems and biodiversity;
 environmental media (e.g. air, water, land, fauna, flora);
 techniques for determining risk life cycle assessment;
 environmental performance evaluation;
 pollution prevention and control
 source reduction, waste minimization, reuse, recycling and treatment practices and
processes;
 use of hazardous substances;
 greenhouse gas emissions accounting and management;
 management of natural resources (e.g. fossil fuels, water, flora and fauna, land);
 environmental design;
 environmental reporting and disclosure;
 product stewardship;
 renewable and low carbon technologies

Feb 2020 IMS Internal Auditor Training Course

7
Specific knowledge and skills
of OHSMS auditors
► Knowledge and skills related to the discipline and the application of discipline-
specific methods, techniques, processes and practices should be sufficient to
enable the auditor to examine the management system and generate
appropriate audit findings and conclusions. Examples are as follows:
 hazard identification, including those and other factors affecting human performance in
the workplace (such as physical, chemical and biological factors, as well as gender,
age, handicap or other physiological, psychological or health factors);
 risk assessment, determining controls, and risk communication [the determining of
controls should be based on the “hierarchy of controls”
 the evaluation of health and human factors (including physiological and psychological
factors) and the principles for assessing them;
 method for exposure monitoring and assessment of occupational health and safety risks
(including those arising out of the human factors mentioned above or relating to
occupational hygiene) and related strategies for eliminating or minimizing such
exposures;
 human behaviour, person-to-person interactions and the interaction of humans to
machines, processes and the work environment (including workplace, ergonomic and
safe design principles, information and communication technologies);
 the evaluation of the different types and levels of occupational health and safety
competence required across an organization and the assessment of that competence;
 methods to encourage employee participation and involvement;

Feb 2020 IMS Internal Auditor Training Course

8
Specific knowledge and skills
of OHSMS auditors
 methods to encourage employee wellness or well-being and self-responsibility (in
relation to smoking, drugs, alcohol, weight-related issues, exercise, stress, aggressive
behaviour, etc.), both during working hours and in their private lives;
 the development, use and evaluation of proactive and reactive performance measures
and metrics;
 the principles and practices for identifying potential emergency situations and for
emergency planning, prevention, response and recovery;
 methods for incident (including accident and work-related illnesses) investigation and
evaluation;
 the determination and use of health-related information (including work-related exposure
and illness monitoring data) – but giving special consideration to the confidentiality over
particular aspects of such information;
 understanding of medical information (including medical terminology sufficient to
understand data related to the prevention of injury and ill-health);
 systems of “occupational exposure limit” values;
 methods for monitoring and reporting on occupational health and safety performance;
 understanding legal and other requirements relevant to occupational health and safety
sufficient to enable the auditor to evaluate the occupational health and safety
management system.

Feb 2020 IMS Internal Auditor Training Course

9
 Example: Education, work experience, auditor training
and audit experience*
Parameter Auditor Auditor in both Audit team
disciplines leader
Education Secondary Same as for auditor Same as for
education (with the auditor
possibility to enter
a university)
Total work 5 years Same as for auditor Same as for
experience 4 years after study auditor
Work experience At least 2 years of Two years in the second Same as for
in quality or EM the total five years discipline (overlap auditor
field possible)
Auditor training 40h of audit 24h of training in the Same as for
training second discipline auditor
Audit experience 4 complete audits 3 complete audits for at 3 complete audits
for at least 20 days least 15 days under for at least 15 days
under guidance of guidance of a competent under guidance of
a competent audit audit team leader a competent audit
team leader team leader
* Example from ISO 19011:2011. Although ISO 19011:2011 is not valid anymore the contents of this table
form Section 7.4 are still partly adopted by local accreditation bodies and by IRCA.
(see irca-1000-auditor-certification-requirements). Therefore the criteria still remain important
Feb 2020 IMS Internal Auditor Training Course
10