QCI-1001 Internal Audit Assessment

Questions and Answers

What is the primary purpose of the audit report?

To guarantee that the audit results are useful and drive improvement activities

Within what timeframe must the closing meeting be held after the completion of the audit?

30 days

Who determines the type of corrective action and time for completion?

Auditee / Process Owner

What is included in the audit report?

Audit summary and objective evidence

Where is the final audit report uploaded for approval?

In the current ERP system

What is required for all confirmed noncompliances?

A corrective action

What is the minimum duration for which records relevant to CDC's internal audit program must be stored electronically in the current ERP system?

10 years

What is the primary purpose of retaining Corrective Actions records in the current ERP system?

To ensure QMS compliance and facilitate continuous improvement

What is the primary purpose of Management Review records in the context of CDC's internal audit program?

To ensure top-level commitment to QMS compliance and continuous improvement

What is the characteristic of a qualified auditor in CDC's internal audit program?

They must have sufficient authority and organizational freedom to make the audit process meaningful and effective

What is the purpose of evaluating auditors' competency annually?

To assess their understanding and competency of CDC's internal audit program and QMS compliance requirements

Who is responsible for approving audit reports and corrective actions in the ERP system?

Quality Assurance Manager

What is a requirement for lead auditors conducting nuclear audits?

They must meet the requirements outlined in ASME NQA-1 Part 1, Quality Assurance Requirements for Nuclear Facility Applications, Requirement 2 - Quality Assurance Program

What is the purpose of documenting the effectiveness of internal audits?

To validate internal audits are carried out in accordance with the published plan and this procedure

What is the focus of CDC's QMS compliance requirements?

AS9100 and ISO 9001 standards

What is the primary purpose of reviewing the audit report with stakeholders and area management?

To ensure the accuracy of the findings

What is included in the audit summary?

The effectiveness of the audited process and frequency of the next audit

What is the significance of including both positive and negative observations in the audit report?

To provide a balanced view of the audited process

What is the purpose of citing specific requirements or applicable standards in the audit report?

To provide the evidence used in compliance determination

What is the primary focus of compliance in the context of an audit?

Determining whether the audited processes meet the requirements of the applicable standards and documented QMS procedures

What action should be taken immediately when high-risk observations are made during an audit?

Report the findings to the Quality Assurance Manager and the management of the audited area

What is the purpose of fully investigating observed deviations from the requirements during an audit?

To determine the severity and risk it presents to the QMS

What is the purpose of performing internal audits?

To verify compliance and effectiveness of the Quality Management System

What is the primary role of an auditor during an audit?

To gather objective evidence that the QMS requirements are being met

Who is responsible for notifying the auditee of the schedule, criteria, scope, and procedure for the audit?

Lead Auditor

What is the primary responsibility of the auditee during an audit?

To provide timely access to processes, products, and documentation needed by the auditor

What is the primary role of Top Management in the internal audit program?

To review audit results and subsequent corrective actions

What is the primary purpose of the audit closing meeting?

To review audit results and subsequent corrective actions

Who is responsible for initiating corrective action records and assigning actions?

Lead Auditor

Who is responsible for taking prompt action to investigate, correct, and resolve reported noncompliances?

Auditee

Study Notes

Audit Compliance

• Compliance is when interviews, processes, and evidence meet requirements in applicable standards and QMS procedures (quality manual, process maps, work instructions, etc.)
• Documents for compliance determination are included in the audit plan and should be carefully reviewed throughout the audit process

Audit Report

• A written audit report is required for all planned internal audits
• The report includes:
  • Audit scope, participants, and processes observed
  • Compliance documentation, audit observations, objective evidence, and audit summary
• The report ensures audit results are useful, understandable, and drive improvement activities
• The audit report is drafted and reviewed with stakeholders and area management to ensure accuracy of findings during the closing meeting
• The final audit report is uploaded to the audit plan in the current ERP system for approval by the Quality Assurance Manager

Audit Closing Meeting

• A closing meeting is held within 30 days of audit completion with persons responsible for and management over the audited process and QMS in attendance
• The lead auditor presents the audit team's conclusions to ensure clearly understood and agreed upon by all participants
• All confirmed noncompliances require a corrective action to bring the process into compliance
• The type of corrective action and time for completion are determined by attendees of the closing meeting, considering severity of noncompliance and risk level to CDC's QMS
• The lead auditor creates the corrective action record in the current ERP system detailing the agreed upon completion time and closure criteria

Record Retention

• All records relevant to CDC's internal audit program are stored electronically in the current ERP system for a minimum of ten years

Internal Auditing

• Internal auditing is an independent and objective activity aimed at improving Continental Disc Corporation's (CDC) operations.
• The primary goal of internal auditing is to verify compliance and effectiveness of the Quality Management System (QMS) using a systematic and disciplined approach.
• Internal process audits have three main objectives:
  • Identify areas for improvement
  • Mitigate identified risks
  • Ensure company objectives are being met

Roles and Responsibilities in Audit Process

Auditor / Audit Team Member

• Maintain objectivity, impartiality, and independence from the activity being audited.
• Review internal documentation, previous audits, process corrective actions, and published standards prior to the audit.
• Conduct audit in accordance with the scheduled scope and procedure.
• Gather objective evidence by asking questions, observing activities, and reviewing records, documents, and performance metrics.
• Provide support for the audit report, closing meeting, and assigned corrective actions.

Lead Auditor

• Organize and direct audit team members.
• Notify the auditee of the schedule, criteria, scope, and procedure for the audit.
• Prepare and distribute the audit report to responsible management representatives.
• Lead the audit closing meeting with process owners and key management stakeholders.
• Initiate corrective action records, assign actions, and verify noncompliances are resolved as scheduled.

Auditee / Process Owner

• Inform area personnel of the audit schedule and scope.
• Provide timely access to processes, products, and documentation needed by the auditor(s).
• Attend the audit closing meeting.
• Take prompt action to investigate, correct, and resolve reported noncompliances and detail actions in the corrective action record.

Top Management

• Review audit results and subsequent corrective actions during management review meetings.
• Analyze identified trends to ensure the internal audit program is effective, and the QMS continues to be effective and maintained.

Improvement

• The organization shall select opportunities for improvement and implement actions to meet customer requirements and enhance customer satisfaction.
• Improvement opportunities can include:
  • Correcting, preventing, or reducing undesired effects
  • Improving the performance and effectiveness of the quality management system
  • Meeting future needs and expectations

Nonconformity and Corrective Action

• When a nonconformity occurs, the organization shall:
  • React to the nonconformity and take action to control and correct it
  • Evaluate the need for action to eliminate the cause(s) of the nonconformity
  • Determine the causes of the nonconformity, including those related to human factors
  • Implement any necessary action
  • Review the effectiveness of any corrective action taken
  • Update risks and opportunities determined during planning, if necessary
  • Make changes to the quality management system, if necessary

Corrective Action Management

• The organization shall maintain documented information that defines the nonconformity and corrective action management processes
• Corrective actions shall be appropriate to the effects of the nonconformities encountered
• The organization shall retain documented information as evidence of:
  • The nature of the nonconformities and any subsequent actions taken
  • The results of any corrective action

Continual Improvement

• The organization shall continually improve the suitability, adequacy, and effectiveness of the quality management system
• Continual improvement opportunities can include:
  • Lessons learned
  • Problem resolutions
  • The benchmarking of best practices
• The organization shall consider the results of analysis and evaluation, and the outputs from management review, to determine if there are needs or opportunities that shall be addressed as part of continual improvement

Improvement

• The organization shall select opportunities for improvement and implement actions to meet customer requirements and enhance customer satisfaction.
• Improvement opportunities can include:
  • Correcting, preventing, or reducing undesired effects
  • Improving the performance and effectiveness of the quality management system
  • Meeting future needs and expectations

Nonconformity and Corrective Action

• When a nonconformity occurs, the organization shall:
  • React to the nonconformity and take action to control and correct it
  • Evaluate the need for action to eliminate the cause(s) of the nonconformity
  • Determine the causes of the nonconformity, including those related to human factors
  • Implement any necessary action
  • Review the effectiveness of any corrective action taken
  • Update risks and opportunities determined during planning, if necessary
  • Make changes to the quality management system, if necessary

Corrective Action Management

• The organization shall maintain documented information that defines the nonconformity and corrective action management processes
• Corrective actions shall be appropriate to the effects of the nonconformities encountered
• The organization shall retain documented information as evidence of:
  • The nature of the nonconformities and any subsequent actions taken
  • The results of any corrective action

Continual Improvement

• The organization shall continually improve the suitability, adequacy, and effectiveness of the quality management system
• Continual improvement opportunities can include:
  • Lessons learned
  • Problem resolutions
  • The benchmarking of best practices
• The organization shall consider the results of analysis and evaluation, and the outputs from management review, to determine if there are needs or opportunities that shall be addressed as part of continual improvement

Description

This quiz assesses your understanding of audit compliance and report requirements in quality management systems. It covers the importance of documentation and analysis in the audit process.