How to Prepare Your Organization for the Transition to ISO 13485:2016
T410 iso 19011
1. Using ANSI/ASQ QE 19011S
for QMS and EMS Auditing – a
Practitioner’s Perspective
Gary L. Johnson
U.S. EPA
Research Triangle Park, NC 27711
May 2004
2. Today We Will Cover
• What is QE 19011S and its benefits?
• How will QE 19011S be used?
• Why supplemental guidance is needed?
• What is the structure of QE 19011S?
• What is the status of QE 19011S?
3. What is QE 19011S?
• An consensus-based American National Standard
for use with ISO 19011 in auditing management
systems.
• Provides specific guidelines for auditing:
– Quality Management Systems
– Environmental Management Systems
• Applicable to ISO 9001:2000 QMS and ISO
14001:1996 EMS.
4. QE 19011S
• Supplements ISO standard by
addressing full range of auditing
activities, including:
- Internal audits – first party
- Supplier audits – second party
- Certification and other third party
audits
- Use by small organizations
5. International Standard
• ISO published the final approved ISO
19011 standard in October 2002.
• U.S. adopted ISO 19011 as American
National Standard (QE 19011:2004)
in spring 2004.
• American National Standard is
identical to ISO version.
6. Benefits of ISO 19011
• Replaced six existing standards with one:
– Quality Auditing Standards - ISO 10011
Parts 1, 2, and 3
– Environmental Auditing Standards - ISO
14010, ISO 14011, ISO 14012
• Accepted for registration/certification
audits in U.S. (ANSI-RAB NAP).
7. U.S. Concerns about ISO
19011 Limitations
• ISO 19011 guidance on auditor
competence was insufficient:
– Implied minimum levels
– Not based on sound science
• ISO standard did not adequately address:
- Internal Audits
- Supplier Audits
- Use by Small Organizations
8. U.S. Concerns contd.
• ISO 19011 text largely reflected 3rd Party
and Certification Audits.
– ISO 19011 JWG experience was strongest for
3rd Party Audits.
– U.S. efforts to broaden guidance were
rejected.
• ISO 19011 text was often too burdensome
for 1st and 2nd Party audits and small
organization users.
9. U.S. Solution
• Developed Supplement to ISO
19011:2002
• Added to ISO text to supply needed
guidance.
• Supplement format is modeled after
ISO 9004:2000.
• Supplement contains complete ISO
text with added guidance.
10. U.S. Supplement
• ANSI/ASQ QE 19011S:2004 was
developed by ANSI ASC Z1
Committee Joint Task Group.
• Ballot for approval as American
National Standard is in progress.
• Approval is expected – Summer
2004.
11. QE 19011S Format
• ISO 19011:2002 text presented in boxes.
– Unchanged from ISO
– Cannot be changed unless standard is
revised. JTG had no authority to do so.
• When ISO text is inadequate, Supplement
text follows to add guidance as needed
for:
– Internal (1st Party) audits
– Supplier (2nd Party) audits
– Use by small organizations
12. QE 19011S Format
• When ISO 19011:2002 text needs no
change:
– Supplement notes that no additional
text is needed.
• Supplement text generally builds on
the ISO text to augment the
guidance.
13. Structure of QE 19011S
• 0 Introduction
• 1 Scope
• 2 Normative References
• 3 Terms and Definitions
• 4 Principles of Auditing
• 5 Managing an Audit Program
• 6 Audit Activities
• 7 Competence and Evaluation of
Auditors
14. 0 Introduction
• Provides background on why the ISO
Standard and U.S. Supplement are
needed.
• Provides a general outline of how the
Supplement is structured and how its
contents should be used.
• Briefly outlines the use of the Supplement
for different audit programs.
15. 1 Scope
• Brief statement of the intent and
application of the standard, including
internal and external audits, and use by
small organizations.
• Emphasizes flexibility and broad range of
users.
• Notes that the standard may be applied to
other types of audits as well (OHS?).
• Few additions made by the Supplement.
16. 2 Normative References
• Identifies other documents whose
provisions are included in ISO 19011:2002
by reference and which apply to the
Supplement.
• There are two normative references:
– ISO 9000:2000 QMS Vocabulary
– ISO 14050:1998 EMS Vocabulary
17. 3 Terms and Definitions
• Provides for additional definitions not specifically
covered in normative references or elsewhere.
• Key terms in ISO 19011 include:
– Audit criteria
– Audit findings
– Audit team leader
– Audit program
– Competence (of Auditors)
• No additional terms/definitions were
included.
18. 4 Principles of Auditing
• Provides basic auditing principles for
auditors, including:
– Ethical conduct
– Fair Presentation
– Due professional care
• For audits, including:
– Independence
– Evidence-based approach
19. 5 Managing an Audit
Program
• Provides guidance on establishing
and maintaining an effective audit
program
– For one, few, or many audits,
– Includes consideration of internal and
external audits,
– Introduces guidance on combined or
joint audits.
20. 5 Managing an Audit
Program
• Key elements include:
– Implementing the audit program.
– Monitoring and reviewing the audit program.
– Establishing the authority for the audit
program.
– Improving the audit program.
– Establishing the audit program.
• Expands guidance on audit program
performance beyond ISO text, particularly
for internal audits.
21. 5 Managing an Audit
Program - Example
• Clause 5.2.1 – Objectives of an Audit
Program
– See Handout 1
22. 6 Audit Activities
• Auditing process includes:
– Initiating the audit
– Conducting document reviews
– Preparing for on-site audit activities
– Conducting on-site audit activities
– Preparing, approving, and distributing the
audit report
– Completing the audit
– Conducting audit follow-up (if in audit plan)
23. 6 Audit Activities
• Uses “graded approach” in applying
activities to particular audits, not
“one size fits all.”
• Reflects major differences between
internal and external audits for:
– Opening/closing meetings
– Auditor competence needed
– Reporting audit results
24. 6 Audit Activities
• Guidance is applicable to auditing the
process approach in ISO 9001.
– Also applies to ISO 14001 audits.
• Guidance applies to combined and joint
audits.
– Combined - auditing QMS and EMS in one
audit.
– Joint – two parallel audits at the same time.
25. 6 Audit Activities -
Example
• Clause 6.5.1 – Conducting the
Opening Meeting
– See Handout 2
26. 7 Competence and
Evaluation of Auditors
• Auditor – person competent to conduct an audit.
• Competence of an auditor is based on:
– Personal attributes.
– Ability to apply sufficient knowledge and skills
gained through education, work experience,
auditor training, and audit experience.
• Audit team leaders need additional knowledge
and skills, work experience, auditor training, and
audit experience specific to leadership.
27. 7 Competence and
Evaluation of Auditors
• Competence of auditors needed:
– Should be left to audit program managers.
– Should fit the needs of the audit program.
– Should be maintained through appropriate
methods.
• Guidance is provided on:
– Selecting auditors for a particular audit
program,
– Evaluating auditors and audit team leaders.
28. Knowledge and Skills
• Generic knowledge and skills on:
– Audit principles and techniques.
– Relevant management systems reference
documents.
– Organizational situations.
– Applicable laws, regulations, and
requirements.
• Specific knowledge and skills on:
– QMS or EMS methods and techniques.
– Related processes, science, and technology.
– Technical aspects of operations.
29. Demonstrated Credentials
• Demonstrated evidence of:
– Education
– Work experience
– Auditor training
– Audit experience
• Supplement does not set levels.
– Levels should be based on Audit Program
needs.
– Table 1 in ISO 19001:2002 is specific to
registration audits.
30. Other Considerations
• Audit team leader.
• Auditor for both QMS and EMS.
– What is needed to audit in both
disciplines.
• 1st, 2nd, and/or 3rd party audit
situations.
– What differences exist.
31. Maintenance and
Improvement of Competence
• Maintaining competence needs:
– Continual professional development.
– Regular participation in audits.
• Reflects “graded approach” in application.
32. Auditor Evaluation
• Evaluation process has four general steps:
– Identify needed personal attributes and
knowledge and skills.
– Set the evaluation criteria.
– Select an appropriate evaluation method.
– Conduct the evaluation.
• Guidance is provided on different
evaluation methods and techniques.
33. Summary
• QE 19011S offer a complete, process
approach to QMS and EMS auditing.
• ISO 19011 as written appears to be
best suited for 3rd Party/Certification
audits.
• QE 19011S provides more complete
guidance on 1st and 2nd Party audits.
34. Summary
• ISO 19011 and QE 19011S will be
useful to QMS and EMS auditors and
audit programs in the U.S. and
elsewhere.
• ISO 19011:2002 is available now.
• QE 19011S should be available this
summer.