Management and monitoring
- internal audits,
- external audits (eg supplier),
- process audits and
- system audits according to the requirements of system standards, especially ISO 9001, 14001, ISO / IEC 20000-1, 27001, OHSAS 18001, ISO 50001, TS 16949, etc., and the recommendations of the ISO 19011 standard (Guidelines for auditing management systems),
- process audits according to VDA standard 6.3.
Management of the audit process in phases of
- planning and preparation of a long-term audit program,
- planning and preparation of the plan of individual audits (creation of an audit plan and simple creation of an audit questionnaire using a pre-prepared map and audit template for the type of audited unit),
- making records of audit findings (filling in audit questionnaires, generating an audit report),
- issuance and management of finding cards (for various types and categories of findings – recommendations, nonconformities, including the possibility of defining remedies, corrective measures, or preventive measures),
- closing individual audits.
Workflow management according to the recommendations of the ISO 19011 standard
- The person managing the audit program defines the program incl. its name and scope, and shall enter the approver.
- The person managing the audit program defines the specific audit, its expected date, the audit team and the requirement for the principal to be audited. It also defines the reference standard, the type and objective of the audit, information on whether the audit is a regular or an extraordinary audit, and, if applicable, the link to a previous audit.
- After saving the basic scheme of the audit plan, its schedule is generated, which defines the time plan and specific steps of the audit, incl. members of the audit team (the audit team includes the roles of lead auditor, auditor, technical expert and observer) and auditees. Individual audit steps can be easily added as audit or auxiliary items.
- After saving, the created audit plan is sent to users who are interested in the audit.
- Furthermore, the auditor has the option to create an audit questionnaire using an audit map and an audit questionnaire template (the map and questionnaire can be prepared in advance and used for multiple audits), which will be combined to generate an audit questionnaire for a specific audit. If necessary, the questionnaire can be modified manually (adding / removing questions, method of evaluation, etc.). The audit map is used to define the areas that are examined in individual types of organizational units. The audit questionnaire template is then used to specify the questions for the individual audited areas.
- During the actual implementation of the audit, the auditors fill in the prepared questionnaires in electronic form. It is possible to use several forms of answers (eg YES / NO, number, text) to evaluate individual questions. The result of the audit is evaluated on a point scale, which indicates the issuance of a recommendation card or findings for specific point values of the result of the evaluation of the question.
- Audits according to the VDA 6.3 standard are managed similarly to other audits, but with respect to the specific requirements of this standard. It is possible to specify elements and sub-elements, process steps and product groups to be audited. In the audit questionnaire, individual questions are evaluated by 0, 2, 4, 6, 8 or 10. If some questions are unevaluated, reasons must be given. The system automatically validates that there are no more than a third of unevaluated questions in each element and sub-element. If the rating is lower than 10, a Nonconformity Card must be created. The evaluation of audits according to VDA 6.3 considerates also star questions, rules of subordination, etc.
- The noncomformity card established within the audit is marked with the card’s serial number, date and time of generation. The auditor also has the option to choose
– type of detection (can be set according to internal terminology, eg discrepancy, deviation, weak point),
– source of findings (or its closer identification),
– the reference standard to which the finding relates,
– the person responsible for the area in which the non-compliance was found.
Furthermore, the auditor defines his own description of the nonconformity, which he substantiates with evidence (related document, photograph), or insert a direct reference to the non-compliance. After defining the nonconformity, the auditor sends the card for acceptance to the person responsible for the area in which the nonconformity was identified. The auditor has the option to cancel the card (eg in the case of an additional finding of compliance). The mismatch card can be generated in pdf or xls format for easy saving or printing. The person responsible for the area in which the finding was identified has the option of accepting, not accepting and returning the finding to the auditor for editing (eg for the general wording of the finding) or rejecting it (eg for irrelevance). In the case of acceptance, the responsible person registers the analysis of the cause of non-compliance, defines corrective measures (or also corrective and preventive measures) and submits for the implementation of defined measures. The person responsible for the implementation of the measure confirms the receipt of work on the measure upon receipt of the card and records the result of the measure after the completion of the implementation. Compliance is verified by the person responsible for the area in which the finding was identified. This person again has the option of returning the card to the implementer of the measure (eg for insufficient fulfillment of the subject of the measure), or confirmation of verification of the implemented steps and thus closing of the card.
The recommendation card established within the audit is marked with the serial number of the card, the date and time of generation. The auditor also has the option to choose
- type of detection (can be set according to internal terminology),
- source of findings (or its closer identification),
- reference standard to which the recommendation relates,
- person responsible for the area in which the recommendation was identified.
Furthermore, the auditor defines his own description of the recommendations. After defining the recommendation, the auditor sends the card for acceptance to the person responsible for the area. The auditor has the option to cancel the card (eg in the case of an additional finding of compliance). The recommendation card can be generated in pdf or xls format for easy saving or printing. The person responsible for the area in which the finding was identified has the option to accept it, not to accept it, and return it to the auditor for editing (eg for the general wording of the finding) or to reject it (eg for irrelevance). In the case of acceptance, the responsible person defines the remedy in the card and passes it on for the implementation of the defined measures. If the remedy has already been implemented, this person has the option not to pass the recommendation card to another user, but to confirm the implementation of the remedy in one step. In the case of handing over to the person responsible for implementation, this person will confirm the start of work on the measure and after the completion of the implementation will record the result of the measure. Compliance is verified by the person responsible for the area in which the finding was identified. This person again has the option of returning the card to the implementer of the measure (eg for insufficient fulfillment of the subject of the measure), or confirmation of verification of the implemented steps and thus closing of the card.
