(Remarks) This presentation is not affiliated with any company I have been associated with, either now or in the past. Additionally, no copyrights have been violated. However, I cannot guarantee the accuracy of this information, and it may be subject to updates.
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
ISO20000-1 Auditors note 【My Continuous Learning】
1. 1
Jerimi (Yuko) Soma
Auditors Notes for ISO20000-1 : Hypothetical Enterprise XYZ Inc.
Client Name XYZ Inc.
Contact
Person
Ms. Ichiro Tanaka (Service Manager) +81 3 1111 2222
Audit
Objectives
To access the implementation status and its effectiveness of
the audit criteria; in view to evaluate the organization, for
their potential in the growing educational market in JAPAN
and other areas.
Audit scope
Technical Scope:
- Providing platforms and applications on clouds for virtual live
courses, e-learning contents for their own educational
institutions for 24365 continuously.
Physical Location(s):
- Headquarters in the JAPAN including their office, server
rooms.
People:
- Executive Director, BRM, Service Manager, Internal Auditor
and other all employees in JAPAN
Audit Criteria XYZ service management system, ISO20000-1 and intended
outcomes
Audit
Conclusion
The audit findings are listed below:
Major NC: 0 item
Minor NC: 1 item
OFI: 4 items
・Based on the results of this audit, XYZ is recommended for
certification to the ISO 20000-1:2018 by Better Life Japan
Certification Corporation
Positive
Findings
・Top management well prepared for the SMS audit and his
explanation was clear and convincing enough to the auditors.
Agreed
Actions
・XYZ shall respond against 1 Minor nonconformity in the next
surveillance visit.
2. 2
Jerimi (Yuko) Soma
・They closely work together for the SMS cycle’s continuous
improvement.
・The Organization Process for Managing IT services were
very detailed and it adequately showed their resiliency to
their business.
・This entity may respond against 4 opportunities for
improvement in the next surveillance visit, but these are optional
for XYZ and not mandatory.
AUDIT FIDINGS
Ref.
Number
Report
ing
Date
NC Description Correction
Root Cause
Analysis
Corrective Action Plans(s)
Revie
w of
CAP
by
Team
Lead
Revie
w
Date
Verific
ation
of CAP
by
Team
Lead
Verific
ation
Date
Action Item Resp.
Target
Date
Minor NC
Ref.
Number
#0001
2019/
SEP/2
Finding:
2 Internal Audits have not been conducted
as planned for Business relationship and
agreement processes even once since the
last audit.
Requirement of Standard: (Clause 9.2.1.b)
The organization shall conduct internal
audits at planned intervals to provide
information whether the SMS: b) is
effectively implemented and maintained.
Evidence:
・Interview with Ms. Marry Suzuki (BRM)
Will be
reviewed in
next Cycle
Will be
reviewed in
next Cycle
Will be
reviewed in
next Cycle
2019/JUL
/10
2019/J
UL/10
3. 3
Jerimi (Yuko) Soma
・XYZ Operation Manual v1.2 page 40
“Updated Internal Audit Program 20xx”
OFI Ref.
Number
#0002
2019/
SEP/2
Finding:
Internal Audit has not conducted as
planned for Continual improvement and
Supply and demand processes, (it is held
only once each since last year)
Requirement of Standard: (Clause 9.2.1.b)
The organization shall conduct internal
audits at planned intervals to provide
information whether the SMS: b) is
effectively implemented and maintained.
Evidence:
・Interview with Ms. Amy Torii(BRM)
・Interview with Mr.IchiroTanaka(Service
Manager)
・XYZ Operation Manual v1.2 page 40
“Updated Internal Audit Program 20xx”
Will be
reviewed in
next Cycle,
but correction
is optional.
Will be
reviewed in
next Cycle, but
correction is
optional.
Will be
reviewed in
next Cycle,
but
correction is
optional.
OFI Ref.
Number
#0003
2019/
SEP/2
Finding:
Internal Audit results were not
documented as minutes for all process
even though “Procedure for Internal Audit”
said as follows.
Conducting Audit:
Will be
reviewed in
next Cycle,
but correction
is optional.
Will be
reviewed in
next Cycle, but
correction is
optional.
Will be
reviewed in
next Cycle,
but
correction is
optional.
4. 4
Jerimi (Yuko) Soma
All audit findings are documented on the
Audit Report.
Requirement of Standard: (Clause 9.2.2 e)
The organization shall: a) plan, establish,
implement and maintain an audit
programme(s), including the frequency,
methods, responsibilities, planning
requirements and reporting, which shall
take into consideration: e) retain
documented information as evidence of
the implementation of the audit
programme(s) and the audit results.
Evidence:
・XYZ Operation Manual v1.2 page 38
“Procedure for Internal Audits”
OFI Ref.
Number
#0004
2019/
SEP/2
Finding:
・“Critical: 4 hours” in SLA was not
accurate. Anyone working on weekdays
and after hours and there was no
exception regarding after hours and
weekends was found in those documents.
Requirement of Standard: (Clause 8.3.3)
The organization and the customer shall
agree the services to be delivered. For
each service delivered, the organization
Will be
reviewed in
the next
Cycle, but
correction is
optional.
Will be
reviewed in the
next Cycle, but
correction is
optional.
Will be
reviewed in
the next
Cycle, but
correction is
optional.
5. 5
Jerimi (Yuko) Soma
includes service level targets, workload
limits and exceptions.
Evidence:
・XYZ Operation Manual v1.2 page 117
“Service Level Agreement (Extract)”
・Interview with Mr. Ichiro Tanaka(Service
Manager)
・Interview with Ms. Marry Suzuki(BRM)
OFI Ref.
Number
#0005
2019/
SEP/2
Finding:
None of upper management except for the
Executive director involved in
Management review.
Requirement of Standard: (Clause 5.1)
Top management shall demonstrate
leadership and commitment with respect
to the SMS by promoting continual
improvement of the SMS and the services
Evidence:
・XYZ Operation Manual v1.2 page10
“Organization Chart”
・XYZ Operation Manual v1.2 page35
“Management review record Oct. 20xx”
・XYZ Operation Manual v1.2 page 36
“Minutes”
Will be
reviewed in
next Cycle,
but correction
is optional.
Will be
reviewed in
next Cycle, but
correction is
optional.
Will be
reviewed in
next Cycle,
but
correction is
optional.
6. 6
Jerimi (Yuko) Soma
Check List
No
.
Clauses Items to check What to look for GAPs/Findings from Document
Reviews
#1 Clause 9.2.1.b
The organization shall conduct
internal audits at planned
intervals to provide information
whether the SMS: b) is
effectively implemented and
maintained.
・Do you have any reasons why Internal
Audits have not conducted for Business
relationship and agreement processes
even once since last audit?
・If those are not conducted even once,
do you think there are any risks for that?
・XYZ Operation Manual
v1.2 page 40 “Updated
Internal Audit Program 20xx”
・Interview with Ms. Marry
Suzuki (BRM)
・2 Internal Audits have not
conducted as planned for Business
relationship and agreement processes
even once since last audit.
#2 Clause 9.2.1.b)
The organization shall conduct
internal audits at planned
intervals to provide information
whether the SMS: b) is
effectively implemented and
maintained.
・Do you have any reasons why Internal
Audits have not conducted as planned for
Continual improvement and Supply and
demand processes?
・If those are not conducted as planned,
do you think there are any risks by that?
・Interview with Ms. Marry
Suzuki (BRM)
・Interview with Mr. Ichiro
Tanaka(Service Manager)
・XYZ Operation Manual
v1.2 page 40 “Updated
Internal Audit Program 20xx”
・Internal Audit has not conducted as
planned for Continual improvement
and Supply and demand processes, (it
is held only once each since last year)
#3 Clause 9.2.2 e)
The organization shall: a) plan,
establish, implement and
maintain an audit
programme(s), including the
frequency, methods,
responsibilities, planning
requirements and reporting,
which shall take into
consideration: e) retain
documented information as
evidence of the implementation
・Could you please show me minutes of
Internal Audit results?
“Procedure for Internal Audit” said as
follows.
Conducting Audit:
All audit findings are documented on the
Audit Report.
・Don’t you think “Updated Internal Audit
Program” on page 40 is not enough to
align your organization policies written in
“Procedure for Internal Audit”?
・XYZ Operation Manual
v1.2 page 38 “Procedure for
Internal Audits”
・ Internal Audit results were not
documented as minutes for all
process even though “Procedure for
Internal Audit” said as follows.
Conducting Audit:
All audit findings are documented on
the Audit Report.
7. 7
Jerimi (Yuko) Soma
of the audit programme(s) and
the audit results.
・Don’t you think there are any risks by
that?
#4 Clause 8.3.3
The organization and the
customer shall agree the
services to be delivered. For
each service delivered, the
organization include service
level targets, workload limits
and exceptions.
・Do Anyone work on weekdays and after
hours for incident?
・Is “Critical: 4 hours” in SLA was in XYZ
Operation Manual v1.2 page 117
accurate?
・Didn’t you try to add exception for after
afterhours and weekends?
・Have you ever discussed about update
this discrepancy about SLA for emergency
with business units?
・If no one work for weekends, how did
you maintain SLA for e-learning
customers?
・Don’t you think there are any risks by
that?
・XYZ Operation Manual
v1.2 page 117 “Service Level
Agreement (Extract)”
・Interview with Mr. Ichiro
Tanaka (Service Manager)
・Interview with Ms. Marry
Suzuki (BRM)
・“Critical: 4 hours” in SLA was not
accurate. Anyone works on weekdays
and after hours and there was no
exception written regarding after
those was found in that documents.
#5 Clause 5.1 k)
Top management shall
demonstrate leadership and
commitment with respect to the
SMS by promoting continual
improvement of the SMS and
the services
・Could you please explain why those 4
people were chosen to attend
Management Review after last audit?
・Don’t you think they are not enough for
attending MR?
・When I refer your organization chart, I
can see there are 2 Vice Provosts and 6
process owners. Don’t you think those
business units require to take leadership
for Service Management?
・XYZ Operation Manual
v1.2 page10 “Organization
Chart”
・XYZ Operation Manual
v1.2 page35 “Management
review record Oct. 20xx”
・XYZ Operation Manual
v1.2 page 36 “Minutes”
None of upper management expect
for Executive director involved to
Management review.
of the documents