Internal Audits
COPY
COPY
Revision History
This table shows changes to this controlled document over time. The most recent version
is presented in the top row of the table. Previous versions of the document are
maintained by the SESD Field Quality Manager.
History
Effective Date
SESDPROC-008-R1, Internal Audits of the October 19, 2007
Quality System, Replaces SESDPROC-
008-R0
General
Due to extensive revisions made by Laura
Ackerman, author was changed to Laura Ackerman.
Signature Page
Changed Antonio Quinones title from “Chief,
Environmental Investigations Branch” to “Chief,
Enforcement and Investigations Branch”
Section 1.1
Added “Field Branches” to the sentence.
Section 1.2
Added “Field Branches” and other editorial
changes.
Section 1.3
Updated to reflect that current version of procedure
is maintained on the H: drive of the SESD LAN.
Section 1.4
Added definitions for audit criteria, audit evidence,
auditee, auditor, and audit team.
Section 1.5
Deleted references to the Management Review
Procedure, Internal Audit Checklist Form, Internal
Audit Report Form, Corrective Action Request, ISO
10011-1-1994, ISO 10011-2-1994, and ISO 10011-
3-1994. Added references to SESD Operating
Procedure for Preventive Action and Quality
Improvement, ISO 19011:2002(E), and the Audit
Schedule.
Section 2.1
Eliminated bulleted text. Absorbed into first
paragraph.
Section 2.2
Reformatted information in Section 2.2. Subdivided
SESD Operating Procedure
Page 2 of 11
Internal Audits
SESDPORC-008-R1
Internal
Audits_AF(008).R1
Effective Date: October 19, 2007
COPY
some information into other sections for clarity.
Section 2.8
Moved discussions of Corrective Action and
Preventive Action before discussion of internal
auditor training.
Section 2.7
Information about records was moved from Section
2.7 to Section 2.9 due to information that was
moved from Section 2.2 into other sections.
Expanded information about records.
Figure 1
Streamlined flowchart to reflect changes in body of
procedure. Eliminated last half of chart on second
page that dealt with corrective action. Referenced
corrective action procedure instead.
SESDPROC-008-R0, Internal Audits of the February 5, 2007
Quality System, Original Issue
SESD Operating Procedure
Page 3 of 11
Internal Audits
SESDPORC-008-R1
Internal
Audits_AF(008).R1
Effective Date: October 19, 2007
COPY
TABLE OF CONTENTS
1
General Information................................................................................................. 5
1.1 Purpose............................................................................................................... 5
1.2 Scope/Application ............................................................................................. 5
1.3 Documentation/Verification............................................................................. 5
1.4 Definitions.......................................................................................................... 5
1.4.1
Audit ............................................................................................................... 5
1.4.2
Audit Criteria ................................................................................................. 5
1.4.3
Audit Evidence ............................................................................................... 5
1.4.4
Auditee............................................................................................................ 5
1.4.5
Auditor............................................................................................................ 5
1.4.6
Audit Team ..................................................................................................... 6
1.4.7
Nonconformance............................................................................................ 6
1.5
References.......................................................................................................... 6
2
Methodology .............................................................................................................. 7
2.1
Summary of Procedure..................................................................................... 7
2.2 Audit
Schedule .................................................................................................. 7
2.3 Audit
Tracking .................................................................................................. 7
2.4 Audit
Team ........................................................................................................ 8
2.5
Conducting an Audit......................................................................................... 8
2.6 Corrective
Action .............................................................................................. 9
2.7 Preventive
Action .............................................................................................. 9
2.8
Internal Auditor Training................................................................................ 9
2.9 Records............................................................................................................... 9
FIGURES
Figure 1: Internal Audits Flowchart ................................................................................ 10
SESD Operating Procedure
Page 4 of 11
Internal Audits
SESDPORC-008-R1
Internal
Audits_AF(008).R1
Effective Date: October 19, 2007
COPY
Contents
1 General
Information
1.1 Purpose
This document defines the procedures used to conduct internal audits of the SESD Field
Branches Quality System and technical operations in order to identify areas requiring
corrective action, areas that would benefit from quality improvements, and commendable
practices.
1.2 Scope/Application
This procedure applies to SESD personnel who conduct work within or conduct audits of
the SESD Field Branches Quality System.
1.3 Documentation/Verification
This procedure was prepared by persons deemed technically competent by SESD
management, based on their knowledge, skills and abilities. The official copy of this
procedure resides on the H: drive of the SESD local area network. The Field Quality
Manager (FQM) is responsible for ensuring the most recent version of the procedure is
placed on the H: drive and for maintaining records of review conducted prior to its
issuance.
1.4
Definitions
1.4.1 Audit
Systematic, independent and documented process for obtaining audit evidence
and evaluating it objectively to determine the extent to which the audit criteria are
fulfilled.
1.4.2 Audit Criteria
Set of policies, procedures or requirements.
1.4.3 Audit
Evidence
Records, statements of fact or other information, which are relevant to the audit
criteria and verifiable
1.4.4 Auditee
Organization or individuals being audited.
1.4.5 Auditor
Person with the competence to conduct an audit.
SESD Operating Procedure
Page 5 of 11
Internal Audits
SESDPORC-008-R1
Internal
Audits_AF(008).R1
Effective Date: October 19, 2007
COPY
1.4.6 Audit Team
One or more auditors conducting an audit.
1.4.7 Nonconformance
Departure from or absence of a specified requirement.
1.5
References
USEPA Region 4 Environmental Investigations Standard Operating Procedures and
Quality Assurance Manual (EISOPQAM), November 2001
SESD Operating Procedure for Corrective Action, SESDPROC-009, most recent version.
SESD Operating Procedure for Preventive Action and Quality Improvement,
SESDPROC-017, most recent version.
ISO 19011: 2002(E), Guidelines for quality and/or environmental management systems
auditing
Audit Schedule (SESDFORM-032, most recent version)
SESD Operating Procedure
Page 6 of 11
Internal Audits
SESDPORC-008-R1
Internal
Audits_AF(008).R1
Effective Date: October 19, 2007
COPY
2 Methodology
2.1
Summary of Procedure
The goal of the internal auditing program is to provide a means of evaluating the
adequacy, implementation, and effectiveness of the SESD Quality System. The adequacy
of the quality system is evaluated by determining if the applicable policies, procedures,
guidance documents, practices, facilities, equipment, and materials are adequate for the
task. The implementation of the quality system is evaluated to determine if the
applicable policies, procedures, and guidance documents are implemented as intended.
The effectiveness of the quality system is evaluated to determine if the applicable
policies, procedures, and guidance documents are achieving intended results.
This procedure discusses how internal audits will be conducted in order to determine if
quality management and technical operations within the field branches are in compliance
with requirements of the SESD Field Branches Quality System. Figure 1 provides a
flowchart of the internal audit process. Internal audits will be scheduled annually by the
FQM. An internal audit that has not been scheduled can be requested by management,
quality staff, internal auditors or external auditors. Internal audits will be conducted by
trained staff who are, whenever possible, independent of the activity to be audited. Each
audit can produce findings of nonconformances requiring quality improvements and/or
corrective action as well as commendable practices. In the event that audit findings cast
doubt on the correctness and/or validity of reported results, the FQM will initiate
corrective action to address those audit findings, including notifying the customer whose
work has been affected in a timely manner.
2.2
Audit Schedule
In December of each year, the FQM will develop and maintain an audit schedule for the
upcoming year. The schedule will address both internal and external audits. The focus
of internal audits will be the components of the Field Branches Quality System and
technical operations, previous audit findings and corrective action requests. All
components will be audited each year. Additional audits may be scheduled based on
requests and/or recommendations from management and the Branch Quality Assurance
Officers. The FQM will update the audit schedule if audits are added.
2.3
Audit Tracking
Audits will be uniquely identified to facilitate tracking. Audit tracking numbers will
begin with IA for Internal Audits and EA for external audits, followed by a seven digit
number. The first four digits will represent the calendar year. The last three digits will
begin at 001 and increase sequentially with each additional audit. The last three digits
will start over at 001 at the beginning of each calendar year (Ex. IA2007-001). The FQM
will track audits using the Audit Schedule (SESDFORM-032).
SESD Operating Procedure
Page 7 of 11
Internal Audits
SESDPORC-008-R1
Internal
Audits_AF(008).R1
Effective Date: October 19, 2007
COPY
2.4
Audit Team
The FQM in consultation with management will assemble an audit team and designate an
audit team leader. A team can consist of one or more individuals as needed. The audit
team leader will be responsible for preparing the audit plan, facilitating the audit and
preparing the audit report. The FQM will assist the audit team in defining the audit
objectives, scope and criteria. The audit objectives define what is to be accomplished by
the audit. The audit scope describes the extent and boundaries of the audit such as the
activities and processes to be audited. The audit criteria are used as a reference against
which conformity is determined and may include applicable policies, procedure,
standards, and management system requirements.
The audit team will prepare an audit plan that will describe:
1. the audit objectives;
2. the audit criteria;
3. the audit scope;
4. the dates and place where the audit activities will be conducted;
5. the expected time and duration of the audit; and
6. the roles and responsibilities of the audit team members.
The audit team will present the plan to the FQM, the affected management for approval.
2.5
Conducting an Audit
Internal audits will include interviews, examination of documents and records, and
observation of pertinent facilities, equipment, and activities. Audits will be scheduled
and announced in advance of the actual audit. The audit team will be responsible for
preparing a checklist in order to facilitate complete coverage of the important aspects of
the area/process being audited. The audit checklist will address:
1. The subject to be evaluated.
2. The document(s)/activity upon which the audit is based.
3. The questions asked and responses received.
4. The information provided by the personnel that were audited
After the audit is conducted, the team will brief the auditees, the FQM and affected
management regarding the results. This discussion will include nonconformances,
suggestions for improvement, and commendable practices. This meeting provides an
opportunity for reviewing, clarifying, and verifying information gathered during the
audit. A written report will be prepared by the audit team leader within 30 days of
completion of the audit. The report will identify any problem areas with specific
reference to the document(s) used as the basis for conducting the audit (e.g. accreditation
standard, quality management plan, policy, procedure, guidance document, training
manual) and will include commendable findings.
SESD Operating Procedure
Page 8 of 11
Internal Audits
SESDPORC-008-R1
Internal
Audits_AF(008).R1
Effective Date: October 19, 2007
COPY
The report will be transmitted to the FQM. The FQM will evaluate the report to
determine if there is a need for a corrective action, preventive action or quality
improvement. The FQM will then distribute the report along with any actions to be taken
to management and the Branch QAOs.
2.6
Corrective Action
Corrective actions resulting from an audit will be handled in accordance with the SESD
Operating Procedure for Corrective Action (SESDPROC-009). The FQM will monitor
progress of the corrective actions and conduct follow-up audits as necessary to ensure the
issue has been resolved.
2.7
Preventive Action
Any area of concern, not meeting the definition of a nonconformance, which results from
an audit, should be reviewed as a candidate for preventive action or quality improvement
to be undertaken by SESD management. Preventive actions and quality improvements
will be handled in accordance with the SESD Operating Procedure for Preventive Actions
and Quality Improvements (SESDPROC-017).
2.8
Internal Auditor Training
Audits will be conducted by the FQM and other trained auditors. The FQM and
management are responsible for identifying training opportunities for SESD Internal
Auditors. The training will address the basics needed to plan, conduct, record, and report
audits of the SESD Quality Management System and technical operations and their
associated documentation. The FQM will keep a record for each auditor showing
training and experience accumulated by conducting audits.
In order to maintain status as an internal auditor, an individual must participate in at least
one internal audit within two years or attend auditor training. An individual must attend
auditor training in order to regain status as an auditor once status is lost.
2.9 Records
Records associated with the implementation of this procedure will be maintained by the
FQM. These records include but are not limited to:
1.
Audit Schedule
2.
Audit Plans
3.
Audit Reports
4.
Corrective Action Records
5.
Preventive Action Records
6.
Quality Improvement Records.
SESD Operating Procedure
Page 9 of 11
Internal Audits
SESDPORC-008-R1
Internal
Audits_AF(008).R1
Effective Date: October 19, 2007
COPY
Figure 1: Internal Audits Flowchart
SESD Operating Procedure
Page 10 of 11
Internal Audits
SESDPORC-008-R1
Internal
Audits_AF(008).R1
Effective Date: October 19, 2007
COPY
Figure 1 (Continued)
SESD Operating Procedure
Page 11 of 11
Internal Audits
SESDPORC-008-R1
Internal
Audits_AF(008).R1
Effective Date: October 19, 2007
