1.General: Auditors are looking for indications that your system (business) and its processes/departments are planned, have objectives as to how they should perform and controls in place where necessary to assure that the process conforms to both internal and external requirements. The weakest area is usually the link/communication between one process/department and another. For instance, the contract review process identifies a requirement that materials for the job must be purchased from a certain vendor but fails to communicate that requirement to the purchasing department so they fail to meet that customer requirement.
2.Document Control: Auditors want to see that any document that can affect customer service, or meeting customer quality, delivery, Health & Safety, Environmental Concerns, and legal or special requirements, is controlled. For instance, training for any employee that affects one of these categories would need to be recorded on a controlled form. Any procedures, forms or work instruction involving how to perform at the jobsite, in purchasing, sales, estimating, design, or any of the subjects listed in this overview would need to be controlled. The auditor will also see if you are actually doing what your documents say you do.
3.Control of Records: Auditors mostly interview personnel and look at records. They want to see that records are retrievable, stored in planned locations, and remain legible for whatever you have documented as the required retention period.
4.Management Commitment and Responsibility: Auditors look for signs that management is committed to the Quality, Environmental, Health & safety Management system. They achieve this by looking at records of Management Reviews of the system, confirming that management provides adequate resources, and that management communicates to personnel the importance of the system and meeting customer and legal requirements. The auditor will make sure that management is assessing risk to the environment, to health and safety, to meeting customer requirements and review actions taken to mitigate any unacceptable risk.
5.Human Resources: Auditors are looking for evidence that personnel have been reviewed to evaluate their competency at their position/job description. They verify that training has been given and recorded to fill in any gaps where employees were found to be less than competent and that management or HR has evaluated whether or not the training was effective. If it is determined that the training wasn’t effective, the auditor will want to see a record of new training given until it was found to be effective. The auditor will also want to review the onboarding process to make sure that there is a record of training on the basics of the management system including the policies, objectives, document control, health & safety and environmental aspects. The auditor will check to see that annual evacuation or other emergency drills that are applicable are being performed. The auditor will check to see that scheduled safety meetings are being held and a record of those meetings is being created. The auditor will verify that any required periodic training is scheduled and given.
6.Maintenance & Housekeeping: The auditor will walk through the facility to review it for good housekeeping, safe conditions, environmental impacts, and that facilities and equipment are being maintained. The auditor will also review where appropriate that environmental conditions like temperature, humidity, etc. are being controlled when they can affect meeting customer or legal requirements.
7.Planning: The auditor will check that work affecting the product or service to the customer is planned out under controlled conditions to assure that all customer and legal requirements are fulfilled.
8.Contract Review: The auditor will want to see that a review of any customer contracts or purchase orders is being performed to catch all customer and legal requirements and communicate them to the departments/processes that need the information in order to assure that those requirements are met.
9.Design & Development: The auditor will check to see that the design & development effort is planned, recorded and verified to meet requirements. The auditor will want to see records showing that the design was validated to verify that it fulfills functional and performance requirements. All stages of the design process must be recorded.
10.Purchasing: The auditor will review the purchasing process to assure that you have methods for approving suppliers and vendors in place. That you only use those suppliers and vendors that have been approved. That you communicate all information necessary for that supplier/vendor to meet requirements on the contract or purchase order. The auditor will check to see that you verify that the product or service that you ordered was provided (verification of purchased product). The auditor will verify that any subcontractors/vendors you use meet the Quality, Environmental, Health & Safety requirements that apply to them or as they can affect the Quality, Environment, or Health & Safety of your operations.
11.Production/Service Control: the auditor will review the production or service process to see that it is planned and controlled to meet customer, legal, environmental, health & safety requirements. This includes assuring that any equipment that is used to monitor or measure the product or service is calibrated when necessary. The auditor will make sure that the results of production processes are validated. That all product and its status is identified. That those products are traceable to manufactures lot if required by the customer. That customer owned property is protected. That all product and materials are stored and handled in a manner to protect them. The auditor will verify that where applicable, operational controls are in place to prevent injury, ill health and/or environmental escapes.
12.Customer Satisfaction: The auditor will verify that methods are in place and utilized to obtain customer perception data and that the data is used and acted upon in order to improve customer satisfaction. The auditor will look to see that any customer complaints are being recorded and responded to unless there is a documented decision by management not to respond. The auditor will also want to see that customer feedback is being recorded and considered for continual improvement.
13.Monitoring & Measuring of Processes: the auditor will want to see that you have methods in place for measuring the performance of your core processes. The auditor will want to see that targets are set and that actions are taken when objectives are not met in order to correct any deficiencies in the process metrics. These metrics are often called “Key Performance Indicators or KPI’s”.
14.Inspection/Quality Control: The auditor will look for evidence that you are inspecting the product or service in order to assure that it meets customer requirements prior to delivery to the customer.
15.Internal Audits: The auditor will verify that you have complete system audits for all standards to which you subscribe and that the audits are effective and performed by a qualified party or qualified personnel.
16.Nonconforming Product: The auditor will make sure you have a process in place to assure that any nonconforming product is identified and controlled in a manner that prevents it from being delivered to the customer without prior concession obtained from the customer.
17.Continual Improvement: The auditor will review your corrective and preventive actions and improvement projects to see that when something goes wrong, you determine the root cause and fix it so that it won’t happen again or at least that it will be less likely to happen again. The auditor will want to see evidence that you verify that your corrective actions are effective. The auditor will check to see that you take action to prevent issues before they occur or to improve the effectiveness and/or efficiency of your system.
18.Summary: Auditors are looking to see that you “Say what you do”, “Do what you say”, and “Can prove it”. Records and interviews create the objective evidence that auditors need to verify that your business is conforming to internal requirements, customer requirements, and legal requirements.