|
Step 1 - Memorandum from the Co-ordinator, Quality
Systems
You have received a Memorandum from the Quality
Co-ordinator, advising the department / unit to be
audited, the month of the planned audit, the activities
and/or procedures to be reviewed, and any outstanding
Corrective / Preventive action Requests to be verified.
The Memo will be based on this template: Notification
of Internal Audit
Step 2 - Familiarise yourself with the Activity
/ Procedure
Go to the BMS site and familiarise yourself with
the activities / procedures to be reviewed. Procedures
are located at: http://www.infotech.monash.edu.au/bms/secure/doc_bms.html
If you wish, print off a hard copy or download to
your computer. Read them through so you have a general
understanding of what you are auditing.
Step 3 - Send a Memorandum to the Auditee
Think about what might be involved in the audit,
including:
· the purpose and scope of the audit
· if necessary, break up the audit into manageable
sections
· estimate the risk to business of the activities
· request previous audits from the Co-ordinator,
Quality Systems
· request previous Corrective / Preventive
Action Requests from the Co-ordinator, Quality Systems
· estimate how long you think the audit might
take to conduct the Internal Audit
· check your diary (and the diaries of other
members of your team)
· identify which reference documents you will
need to check
· identify what records you may need to check
Prepare a Memorandum for the Auditee setting out
this information. Include a Checklist and date for
the Auditee to confirm the review arrangements with
you.
Your Memo will be based on this template: Notification
to Auditee of Internal Audit
Step 4 - Prepare an Internal Audit Plan
Think about the kinds of questions you might wish
to ask the auditee in relation to an activity and/or
a procedure. A risk assessment will help you to prioritise
your questions. Include questions which are open ended
such as "please explain how you would do this?"
Also include questions which will provide tangible
evidence such as "please show me".
Document your questions, actions to observe, and records
to sight next to each activity / procedure in the
Audit Plan.
Your Internal Audit Plan will be based on this template:
Internal
Audit Plan
Step 5 - Conduct the Internal Review
Introduce yourself and your team to the auditee(s).
Outline how long you think it may take to conduct
the audit. Identify the purpose and scope of the audit,
and explain that you have a series of questions to
ask, and records that you wish to sight. Attempt to
put the auditee at ease by making them feel as comfortable
as possible.
Keep your manner professional, and don't personalise.
Remember, you are not judging an individual's performance,
you are reviewing whether an activity / process meets
the required standard as set out in the procedure
/ ISO standard.
As the review proceeds, make notes of:
· answers to questions
· specific details of records or manuals which
you have sighted
· whether records are electronic or hard copy
· good practice which is observed
· anything that does not comply with requirements
· areas that may require further investigation
· possible improvement opportunities
Step 6 - Providing Informal Feedback to the Auditee
Provide informal feedback throughout the audit.
Remember - No surprises! As you make your notes, explain
what you are writing down. The auditee should understand
exactly what is being noted.
Once you have completed the audit, sum up how you
think the audit went, including any corrective / preventive
action requests which have been identified. Also make
sure that you highlight the positives.
Organise a formal feedback meeting with the Unit
/ Department Manager at a date in the near future.
Step 7 - Prepare the Internal Audit Report
You may decide to prepare your report based on
an activity that includes a number of different procedures,
or you may prefer to report separately on each procedure
that has been reviewed.
Stick to the facts, and note all sources of evidence
/ records sighted. The report should be comprehensive
but concise. It is important to highlight efficient
and effective processes as well as noting any "Opportunities
for Improvement" or "Corrective / Preventive
Action Requests".
Your Internal Audit Report will be based on this
template: Internal
Audit Report
Step 8 - Corrective / Preventive
Action Requests
Check the Procedure for Corrective / Preventive
Action Requests at: http://www.infotech.monash.edu.au/bms/secure/doc_bms.html
It is essential that the Co-ordinator, Quality Systems
is immediately informed if a CAR / PAR is raised.
Information must be documented on a separate Corrective
/ Preventive Action Request Form based on this template:
Corrective
/ Preventive Action Request Form
Step 9 - Formal Feedback Meeting / Sign Off the
Internal Audit
The purpose of the formal feedback meeting is
to present the findings of the audit via the Internal
Audit Report. This is usually done with the Department
/ Unit Manager. The Department/Unit Manager may request
the auditees to be present. If a Corrective / Preventive
Action Request has been identified in the Report,
refer to Step 8.
After presenting the findings, the Internal Audit
Report is "signed off" by the Department
/ Unit Manager and the auditor. The original report
is forwarded to the Co-ordinator, Quality Systems,
and a copy is retained by the Department / Unit Manager.
Step 10 - Follow Up a Corrective / Preventive Action
Request
Schedule a meeting with the Department / Unit
Manager to follow up outstanding Corrective / Preventive
Action Requests. If you can verify that the immediate
action required to address the issue has been successfully
completed (as outlined in the Corrective / Preventive
Action Request Form), "sign off" the CAR/PAR,
and forward to the Co-ordinator, Quality Systems.
If the action has not been successful or if no action
has been taken, it is essential that another date
be set with the Department / Unit Manager, and recorded
on the CAR / PAR Form. Schedule another meeting date
to follow up.
|
