manage internal audit qhse [quality-health-safety-environment]

2

Pelatihan ini bersifat non jenjang (non gelar) dan non sertifikasi kompetensi,

namun bersifat semi struktur yang dirancang sedemikian rupa agar dengan

terstruktur materi, durasi waktu , dan tujuan pelatihan sebagai bekal bagi calon

auditor baru, atau auditor untuk meningkatkan skill audit.

Apabila anda tertarik untuk mendalami pelatihan ini, dapat menghubungi kami:

Email : [email protected]

Facebook: [email protected]

Phone: +(62)821- 3466-0998

Address: Perum Dinar Mas, Blok N3, No 2, Tembalang, Semarang

This training is non grade, nor competency certification, but this training is semi structured which

designed with such structured material, time duration, and their objectives as provision competency for

new auditor, or as additional competency to improve auditor skill.

If you are insterested to get involving in this training, please don’t hesitate to contact me:

Email : [email protected]

Facebook: [email protected]

Phone: +(62)821- 3466-0998

3

Audit ISO 9001, ISO 14001, OHSAS 18001 (ISO 45001) bukan lagi masalah

yang sulit dipelajari, dan dijalankan.

Yang penting adalah ada kemauan, komitmen yang kuat.

Dengan contoh materi yang kami berikan semoga bermanfaat. Namun apabila

anda menemui kendala dan ingin memperoleh benefit pemahaman yang lebih

besar, anda dapat menghubungi kami.

4

• Harga pelatihan, atau pendampingan yang kompetitif.

• Harga dapat dikomparasi dengan penyedia yang lain.

Harga

• Kami tidak mempertaruhkan Kualitas hanya demi harga. Kepuasan, dan kepercayaan adalah modal & kepuasan kami.

• Pengalaman kami yang banyak terlibat secara langsung dalam proses sertifikasi, maupun konsultasi.

Kualitas

• Bermacam jenis pelatihan sistem manajemen serta template yang kami sediakan akan menghemat pengeluaran, waktu, & tenaga.

Variasi

Sebagai pengguna, calon pembeli, sebaiknya mempertimbangkan

masak-masak sebelum anda kecewa.

Berikut indikator yang harus anda pertimbangkan,

dan kami memiliki keunggulan yang menjadi pertimbangan anda:

[ Qu ali ty man agement s ystems fo r au tomotive

p roduction an d re levant s ervice p ar t o rganizat ions ]

Persyaratan TS 16949

Dokumentasi

Implementasi, special characteristic, dan lain lain

Core Tools

SPC

FMEA

MSA

Rules 4 TS 16949

Internal Audit

Preparation certification

Kami memberikan solusi perusahaan anda dalam pelatihan, persiapan audit dan

sertifikasi ISO/TS 16949

6

0 Menggantikan ISO 10011-1:1990, ISO 10011-2: 1991, ISO 10011- 3:1991, ISO 14010:1996, ISO 14011:1996 & ISO 14012:1996.

ISO 19011:2011 as 2nd edition

• Efektif per 15/11/2011

ISO 19011:2002 as 1st edition

• Efektif per 01/10/2002

Evolusi ISO 19011:2011

1

2

7

• Audit: systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which agreed criteria are fulfilled

(audit: proses yang sistematis, independen, dan terdokumentasi untuk

memperoleh bukti audit dan mengevaluasi bukti tersebut secara obyektif

untuk menentukan tingkat kesesuaiannya dengan kriteria audit)

Introduction to IA

8

• Audit criteria: set of policies, procedures or requirements used as a reference (kriteria audit: suatu set kebijakan, prosedur atau persyaratan yang

digunakan sebagai referensi dalam kegiatan audit)

• Audit evidence: records, statement of fact or

other information which are relevant to the audit criteria and verifiable (bukti audit: catatan / pernyataan dari suatu fakta / informasi lain yang dapat

diverifikasi & relevan dengan kriteria audit, dan dapat diverifikasi

Introduction to IA

9

1. Compliance Sides 1. Input for Management Review

2. CSR (customer specific requirement)

2. Beneficial Sides 1. Research from Industry & University, e.g.:

Title Author Variable & Indicator

Contribution

of the ISO

9001

internal

audit to

business

Performance

[January 2010]

Milena Alic [Mercator, d.d.,

Ljubljana,

Slovenia]

Borut Rusjan [Faculty of

Economics,

University of

Ljubljana,

Ljubljana,

Slovenia]

Internal audits contribute to the achievement of a company’s business goals and thus to business efficiency

1. Assessment of how the IA is affecting work with customers - Communication with customers - Products and services mix - Quality of goods and services - Meeting regulation‟s requirements

2. Assessment of how the IA is affecting the implementation of processes - Visibility of procedures - Organisation of work - Containing work disruptions - Worker productivity

3. Assessment of how the IA is affecting learning & development - Skills of workers and sharing of good practices - Communication and relations among employees - Stimulus for improvements

4. Assessment of how the IA t is affecting performance from the financial view - Decrease in actual and potential business damage resulting from inappropriately implemented activities that were discovered in the IA - Savings resulting from proposed improvements

Internal audits have more positive than negative effects on business performance.

Partial indirect assessments of how positive effects from the IA contribute to the achievement of business goals

10


Managerial

relevance of

internal

Audit

Business

benefits of

using ISO 9000

internal

audit as a

managerial

tool

[November

2009]

Milena Alic [Mercator, d.d.,

Ljubljana,

Slovenia]

Borut Rusjan [Faculty of

Economics,

University of

Ljubljana,

Ljubljana,

Slovenia]

Internal audits stimulate workers to work better (following the procedures and rules, more effective and more efficient work)

Communication with customers Products and services mix Quality of goods and services Meeting regulation‟s requirements

Internal audits represent a means to exchange knowledge and spread good practices.

Visibility and clearness of work procedures Work organisation and work conditions Decrease in work interruptions and deficiencies and their

improved management Worker productivity

Internal audits represent a means to stimulate business improvements.

Skills of workers and sharing of good practices Communication and relations among employees Stimulus for improvements

Internal audits help managers attain the business objectives of the company

Decrease in actual and potential business damage resulting from inappropriately implemented activities that were discovered in the IA

Savings resulting from proposed improvements


11


THE RELATION OF

RISK MANAGEMENT

AND INTERNAL

AUDIT FUNCTION –

THE CASE OF

CROATIA

[November 2009]

Ivana POKROVAC, B. Sc. [Teaching and Research Assistant]

Boris TUŠEK, Ph. D. [Full Professor]

Ana OLUIĆ, B. Sc. [Assistant]

University of Zagreb,

Faculty of Economics and

Business

J. F. Kennedy 6, 10 000

Zagreb, Croatia

Participation of internal audit in the process of risk management

contributes to improvement of the overall process of risk management;

Efficiency and effectiveness of the internal audit professional

engagement in a company increases through its involvement in the

risk management process


12

Accreditation Body

1st party audit

3rd party audit

Accreditation audit

2nd party audit

ISO 19011

Old - ISO 19011:2002 [1st edition]

New - ISO/IEC 17021:2011

13

INTERNAL AUDIT

• The 6 Principles of Audit

Audit

Principle

14

• Perform their work with honesty, diligence & responsibilities.

• Observe & comply with applicale legal requirement

• Demonstrate their competence in audit

• Performing work in impartial manner

• Sensitive to any influence that may excerted on their judgement while carying audit

1. Integrity: the foundation of Profesionalism

• Audit findings, audit conclusions and audit reports should reflect truthfully and accurately the audit activities. Significant obstacles encountered during the audit and unresolved diverging opinions between the audit team and the auditee should be reported. The communication should be truthful, accurate, objective, timely, clear and complete

2. Fair presentation: the obligation to report truthfully and accurately

3

6

1-2 of 6

Audit

Principle

15

• Exercise due care in accordance with the Importance of the task they perform and the confidence placed in them by the audit client and other interested parties. An important factor in carrying out their work with due professional care is having the ability to make reasoned judgements in all audit situations.

3. Due professional care: the application of diligence and judgement in auditing

• exercise discretion in the use and protection of information acquired in the course of their duties. Audit information should not be used inappropriately for personal gain by the auditor or the audit client, or in a manner detrimental to the legitimate Interests of the auditee. This concept Includes the proper handling of sensitive or confidential information

4. Confldentiality: security of information

6

3-4 of 6

6

Audit

Principle

16

• should be independent of the activity being audited wherever practicable, and should in all cases act in a manner that is free from bias and conflict of interest. For internal audits, auditors should be independent from the operating managers of the function being audited. Auditors should maintain objectivity throughout the audit process to ensure that the audit findings and conclusions are based only on the audit evidence..

5. Independence: the basis for the impartiality of the audit and objectivity of the audit conclusions

• Audit evidence should be verifiable. It will in general be based on samples of the information available, since an audit is conducted during a finite period of time and with finite resour, es. An appropriate use of sampling should be applied, since this is closely related to the confidence a can be placed in the audit conclusions.

6. Evidence-based approach: the rational method for reaching reliable and reproducible audit conclusions in a systematic audit process

6

5-6 of 6

Audit

Principle

17

INTERNAL AUDIT

(5.1 – 5.6) Basic activity :

– Objective & Extent [Tujuan & Cakupan Program Audit]

– Responsibilities, Resources, & Procedures [Tanggungjawab,

Sumberdaya, & Prosedur]

– Implementation [Penerapan Program Audit]

– Monitoring & Reviewing [Pemantauan & Peninjauan Program Audit]

• Audit Program [ISO 9000:2005, part 3.9.2]: “set of one or more audits planned for a specific time frame and directed towards a specific purpose”

[Satu kesatuan dari satu atau lebih audit yang direncanakan untuk jangka waktu tertentu dan ditujukan untuk tujuan tertentu]

Audit

Program

18

ISO 9001-2008

An audit programme shall

be planned, taking into

consideration :

- the status and importance

of the processes and areas to

be audited,

- as well as the results of

previous audits.

existing

ISO 9001-2015 DIS

Plan, establish, implement and maintain an audit programme(s) including the frequency, methods, responsibilities, planning requirements and reporting, which shall take into consideration:

- The quality objectives, the importance of the processes concerned,

- customer feedback,

- changes impacting on the organisation,

- and the results of previous audits

predict

Audit

Program

19

ISO 14001-2014

Audit program shall be planned, established, implemented & maintained by the organization, taking into consideration :

- the environmental importance of the operation (s) concerned

- and the results of previous audits.

existing

ISO 14001-

2015 DIS

Plan, establish, implement and maintain an audit programme(s), including the frequency, methods, responsibilities, planning requirements and reporting, which shall take into consideration

- the environmental importance of the processes concerned,

- risk associated with threats and opportunities

- and the results of previous audits;

Predict

Audit

Program

20

Audit programme(s) shall be planned,

established, implemented and maintained by

the organization, based on:

- the results of risk assessments of the

organization‟s activities,

- and the results of previous audits.

Audit

Program

21

Audit Program Objectives can be based on consideration :

a) management priorities;

b) commercial and other business intentions;

c) characteristics of processes, products and projects, and any changes to them;

d) management system requirements;

e) legal and, contractual requirements and other requirements to which the organization

is committed

f) need for supplier evaluation

g) needs and expectations of interested parties, including customers

h) auditee's level of performance as reflected in the occurrence of failure or incidents or

customer complaints

i) risks to the auditee

j) results of previous audits

k) level of maturity of the management being audited.

Audit

Program

22

ensure that the audit programme objectives are established to direct the planning and

conduct of audits,

should ensure the audit programme is implemented effectively

assign one or more competent persons to manage audit programme

s

Audit

Program

3

establish the extent of the audit programme;

identify and evaluate the risks for the audit programme;

establish audit responsibilities;

establish procedures for audit programmes;

determine necessary resources;

ensure the implementation of the audit programme, including the establishment of audit

objectives, scope and criteria of the individual audits, determining audit methods & selecting

the audit team & evaluating auditors;

ensure that appropriate audit programme records are managed and maintained.

monitor, review and improve the audit programme.

inform the top management of the contents of the audit programme, (where necessary)

request its approval

23

Audit

Program

Example :

to contribute to the improvement of a management system & its

performance

To fullfil external requirement, e.g.: certification 3rd party, code of

conduct/customer audit, etc.

To verify conformity with contractual requirement

To obtain & maintain confidence in the capability of supplier.

To determine the effectiveness of management system

to evaluate the compatibility and alignment of the management system

objectives with the management system policy and the overall

organizational objectives.

24

Audit

Program

25

The different risks associated with establishing, implementing, monitoring, reviewing and

improving an audit programme that may affect the achievement of its objectives, such as:

planning, e.g. failure to set relevant audit objectives and determine the extent of the audit

programme;

resources, e.g. allowing insufficient time for developing the audit programme or Conducting

an audit;

selection of the audit team, e.g. the team does not have the collective competence to conduct

audits effectively;

implementation, e.g. Ineffective communication of the audit program

records and their controls. e.g. failure to adequately protect audit records to demonstrate

audit program effectiveness.

monitoring, reviewing and improving the audit program, e.g. Ineffective monitoring of audit

programme outcomes.

Audit

Program

26

Planning

• Sample of Internal Audit Program

• Audit Plan Exercise (form)

1 2 3 4 5 6 7 8 9 10 11 12

Human Resource HR High

Training & Competence Technical Development Low

All Inspection Areas High

Production Planning Low

Production Area High

Non-conformance Incoming Inspection High

Procedure Material Warehouse Low

Production Areas High

Finished Product Store Low

Process A, B, C, …

Issue 01

Approved by QMR

Y 2005Process / Activity Department & Critically

Audit

Program

Exercise/CMC 015 Audit Plan rev 2.doc

27

INTERNAL AUDIT

6.3.1 • Performing document review in preparation of audit

6.3.2 • Preparing the audit plan

6.3.3 • Assigning work to the audit team

6.3.4 • Preparing work document

28

Performing

Audit

6.3.2 Preparing the audit plan

To prepare an audit plan based on the information contained in the audit

programme and in the documentation provided by the auditee.

Audit Plan consider the effect of the audit activities on the auditee's processes &

provide the basis for the agreement among the audit client, audit team and the

auditee regarding the conduct of the audit.

The plan should facilitate the efficient scheduling and coordination of the audit

activities in order to achieve the objectives effectively.

The amount of detail provided in the audit plan should reflect the scope & complexity of

the audit, as well as the effect of uncertainty on achieving the audit objectives.

In preparation of audit plan :

the appropriate sampling techniques

the composition of the audit team and its collective competence

the risks to the organization created by the audit

2

Performing

Audit IA – Persiapan Audit Audit Preparation

– The auditors need to understand the roles & responsibilities allocated to each individual (setiap auditor mempunyai tugas dan

tanggung jawab dalam proses audit)

– The auditee needs to be advised of the plan to ensure that relevant staff of the activities of the organization required for audit interview / discussion will be available (auditee memastikan

keberadaan staf and manajemen dari fungsi yang diaudit)

• Coverage – Date & duration (tanggal & durasi waktu)

– Scope (ruang lingkup)

– Area / activity / QMS/EMS/OH&S elements (area / aktivitas /

elemen SMM/SML/K3)

– Name of auditor(s) & roles (nama auditor & tugasnya)

30

Model – Business Process

[1] GAVRIEL SALVENDY, “HANDBOOK OF INDUSTRIAL ENGINEERING Technology and Operations Management”, Third Edition, Third Edition, Canada, PP. 286 - 290

ISO 9001 part 4.1 General requirements:

The organization shall:

determine the processes needed for the quality management system and

their application throughout the organization (see 1.2),

determine the sequence and interaction of these processes,

[1] Corporate mission statements entail the production and utilization of material output

and services by combining production factors. Multiple entities and devices are

responsible for fulfilling these tasks. In accordance with corporate objectives,

their close collaboration must be ensured.

Performing


31

Performing


Proses : Penanganan Order Baru [New Order] Penjualan Manager Direktur

Menerima

order

Mengelola

feasibility

study

Kajian final

order &

persetujuan

32

Perencanaan Audit

1. Product Audit

2. Process Production Audit

Layout inspection & function testing [uji kualitas produk – dimensi & atribut yg dipersyaratkan].

Defect rate, handling, dll Status keberterimaan produk jadi atau process. MSA, SPC

Kemampuan proses, konsistensi proses Deteksi permasalahan yg terjadi Deteksi parameter proses berdasarkan PPAP atau

quality plan. Variansi proses selama pergantian shift

Pertimbangkan pergantian SHIFT

Alokasikan waktu lebih panjang untuk special proses, atau proses yang vital.

Internal Audit [System]

IA – Persiapan Audit Audit Preparation Performing

Audit

Performing


DAY 1

DAY 1

Process Start Time Auditor

Process Start Time Auditor

Review of change to Client QMS,

Customer Complaint, any new or

discontinued customer, etc

09.00 Basuki

Review of change to Client QMS,

Customer Complaint, any new or

discontinued customer, etc

09.00 TBA

On site review of corrective

action arising from previous

audit.

10.00 On site review of corrective action

arising from previous audit. 10.00

Lunch Break 12.00 Lunch Break 12.00

Opening meeting 13.00 Opening meeting 13.00

Top Management (incl.

management responsibility &

commitment)

13.30

Marketing & Sales (incl. order

handling, handling of complaint,

monitoring customer perception)

13.30

QMR (Management review &

Internal Audit) 13.30

Production 1 & 2 (incl. production

planning, process, NC product,

monitoring process-product, etc)

16.00

18.00

- Data analysis & improvement

- Document & record control

Production – 3 and Final

Inspection (incl. production

planning, process, NC product,

monitoring process-product, etc)

16.00

18.00

2nd Shift Audit 19:00

22:00 2nd Shift Audit

19:00

22:00

(Production – 3, QC,

Maintenance)

(Production – 1 & 2, QC,

Maintenance)

Closing (wash-up/final) meeting

Closing (wash-up/final) meeting

34

• Sampling – An audit cannot look at 100% of the objective Evidence available

[audit tidak dapat memeriksa 100% bukti audit yang ada]

– There are no Sampling Plans for audits [OLD], in 2nd edition there are 2 methods:

[tidak ada standard sampling untuk audit untuk versi 1st, untuk versi 2 terdapat 2 metode pendekatan sampel]

– The depth of sampling is dependent upon the auditor’s skills and experience

[sampling tergantung keahlian dan pengalaman auditor]

– The Depth and Amount of sampling should be Proportionate to the Criticality of the activity

[kedalaman dan jumlah sampling harus sesuai / proporsional dengan tingkat kritis sebuah aktivitas – semakin kritis sebuah aktifitas, harus lebih sering dan lebih dalam untuk diaudit]

Prinsip Audit: Pendekatan Berdasar Bukti


Audit

35

• Sampling – Once the auditor believe that the audit sampling has established a level of understanding of the

extent of Conformance then the audit is completed and it is time to move on

[bila auditor telah yakin bahwa sampling telah memadai untuk menunjukkan bahwa tingkat kesesuaian telah diketahui, lanjutkan ke proses audit selanjutnya]

– Level of sampling is reflected in Checklist [Tingkat kedalaman sampling terlihat di Checklist] - New 2008; Records of audits

• Auditor mencari bukti untuk mengkaji: [Auditor is looking for

evidence to evaluate the]

– “Effectiveness” – extent to which planned activities are realized and planned results achieved

[efektifitas – sejauh mana aktifitas yang direncanakan telah terealisasi dan hasil yang diharapkan telah diperoleh] [ISO 9000 part

3.2.14]

– “Efficiency” – relationship between the result achieved and the resources used

[efisiensi – hubungan antara hasil yang dicapai dengan sumber daya yang digunakan] [ISO 9000 part 3.2.15]


Audit

36

Sampling

Statistical Sampling

Judgment-based sampling

1

2


Audit

37

• Termasuk dalam dokumen kerja audit [Working documents include]:

rencana / metode sampling [Sampling plans]

formulir [Forms]

ringkasan peraturan / perundangan [Summary of legislation]

daftar periksa [Checklists, etc]

daftar periksa merupakan sebuah dokumen kerja yang digunakan dalam setiap jenis audit [The checklist is a working document that is applicable to all internal audits]


Audit

38

• Why do auditors need Checklists? – Ensure all areas are audited

– Guide auditor to the evidence

– Prompt the auditor to ask appropriate questions

– Direct the auditor to interrelated activities (Process Approach)

– Checklist becomes a record of what was viewed & level of conformance (New 2008; Records of audits & their result)

– Aids factual reporting

– Important record of Audit Process

• Always remember: Auditor worksheet & audit evidence!


Audit

39

Proses penyiapan daftar periksa : [The following is the key information utilized when preparing checklists]

– Evaluasi prosedur, standard, persyaratan, dsb [Review the procedures, standard, requirements, etc]

– identifikasi input, proses, & output yang dijelaskan di prosedur dsb di area audit tertentu [Identify auditable areas / activities within the procedures etc regarding Inputs, Actions and Outputs]

– input & output membantu menentukan efektifitas dari interaksi dan interrelasi proses [Inputs and Outputs helping to determine the effectiveness of the interaction and interrelationships]

– Sarikan pokok-pokok audit tersebut di sebuah daftar periksa [Extract these auditable items and put them on a checklist]


Audit

40

• Salah satu keahlian / skill yang harus dimiliki oleh auditor

adalah penyiapan daftar periksa yang „useful‟ & „usable‟ [The preparation of useful and usable checklists is a skill that auditors have to master]

• Auditor harus mempertimbangkan hal berikut ini dalam membuatan sebuah daftar periksa yang efektif dan efisien

[The auditor shall consider the following to assist in assembling an effective and efficient

checklist]

– Valid

– Traceable

– Complete


Audit

41

Model Cakupan Checklist

Implementasi

Rekaman

Dokumen

• Proses produksi yg dijalankan (product audit)

• QC onsite

• Rekaman hasil proses yang sudah dijalankan atau sedang berjalan

• Prosedur atau W/I

• Eksternal dokumen

• Informasi terbatas Ya atau tidak

• Informasi lebih luas tapi tak bisa akses kondisi proses

• Informasi lebih luas & akses kondisi proses, termasuk alat & faktor lain.

Pendekatan checklist

Proses yang dicheck

Akses Informasi

Ba

ck

off

ice

/k

an

tor

La

pa

ng

an

/ f

ield

acti

vit

y


Audit

42

INTERNAL AUDIT

(6.5) Tahapan Kegiatan Dasar [Basic activity steps]

– rapat pembukaan [Opening meeting]

– Proses audit yang dilaksanakan Auditor [Auditor Observation]

– Rapat Tim Auditor/Persiapan Pelaporan [Auditor team meeting]

– Rapat Penutupan [closing meeting]

43

• Topik Bahasan [Agenda of topics to cover]:

– Metode audit [explain audit method]

– Sasaran & kriteria audit [Explain objective & criteria]

– Jadwal & tempat audit [Explain the itinerary & area to be visited]

– Pelaporan temuan [Explain Reporting non conformance]

– Mendiskusikan hal umum [General Discussions]

• pendamping audit, aspek keselamatan, kerahasiaan

[Escort, safety issues, confidentiality]

• ruang untuk auditor [Arrangements for a private team conference room]

• jam kerja, makan siang, dsb [Normal working hours, lunch

arrangements, etc]

44

• Komunikasi antara tim auditor dengan Auditee [Communication between audit team with Auditee]

– bertukar informasi, mengkaji kemajuan, & menetapkan kembali tugas tim. [Periodically exchange information, communicate the progress,

reassign with team].

– bukti yang mendesak & beresiko dilaporkan segera [Immediate & significant risk of evidence reported without delay to the auditee.].

– Jika tujuan audit tidak tercapai, pimpinan melaporkan alasanya kepada auditee untuk menentukan tindakan [When audit objective unattainable, leader should report the reason to auditee to determine action.].

tindakan dapat berupa konfirmasi ulang, perubahan tujuan & scope

audit, bahkan penghentian audit. [may include reconfirmation, modification of

audit plan, change to audit scope/objective, or termination of audit].

IA – Pelaksanaan Audit Audit Performing

45

• Performing the audit – Psychology

– Internal Auditor must remember to

• Demonstrate professional & friendly approach

• Demonstrate helpful attitude

• Be positive

• Encourage suggestions

If auditor knows what is “wrong”, logically he must

also know what is “right”

Not policeman style („Right‟ / „Wrong‟ vs.

„Improvement‟)


46

• Auditing objective evidence – Paper [catatan]

• Records, Data, Files, Reports – APPARENT PAST [menunjukkan bukti masa lalu]

– Practice [proses pelaksanaan pekerjaan]

• Physical activities – APPARENT PRESENT [menunjukkan bukti saat ini]

– People [karyawan]

• Knowledge & Understanding – APPARENT FUTURE [menunjukkan bukti masa datang]

– Everything must be matched & cross checked against other information [ketiganya harus sesuai, harus diperiksa silang antar informasi]


47

• Auditor team meeting – Cross Checking & Verification can be performed efficiently in

an audit by the use of Auditor Progress Meetings

[cross check dan verifikasi dapat dilakukan lebih

efisien]

– Issues seen by one auditor in a particular area can be communicated to other auditors for verification in their audit activities

[kejadian yang ditemukan oleh seorang auditor di area

tertentu dapat dikomunikasikan kepada auditor lainnya dan dapat digunakan untuk memverifikasi aktifitas audit yang dilakukannya]


48

• Auditor team meeting

– The Lead Auditor :

Monitor the overall progress against the itinerary

[memantau keseluruhan progres audit dibandingakan jadwal audit]

Identify any areas of difficulty that are causing delays

[identifikasi kesulitan yang dapat menyebabkan tertundanya audit]

Monitor the performance of the audit team members and allow re-direction of these auditors

[memantau kinerja anggota tim audit dan mengarahkan kembali auditor tersebut]

– Already be scheduled on the itinerary, usually occur at lunch times and always before leaving the site

[umumnya telah terjadwal di itinerary, dapat dilakukan saat

makan siang, dan selalu dilakukan sebelum meninggalkan lokasi audit]


49

• Jenis Observasi Data Terdapat 2 jenis pendekatan observasi data [1] yang dilakukan selama proses audit:

1. Audit Vertical • Audit menelusur data secara vertikal dalam fungsi atau unit kerja yang

bersangkutan. Kriteria yang digunakan menggunakan prosedur yang relevan dalam 1 unit kerja tersebut.

• Biasanya dilakukan dalam AUDIT INTERNAL (1st Party Audit)

2. Audit Horisontal

• Audit menelusur data secara horisontal dari awal proses hingga akhir. Audit menggunakan Multi Prosedur sebagai kriteria dengan mengklarifikasi BENANG MERAH antara departemen dalam organisasi.

• Biasanya dilakukan dalam AUDIT EKSTERNAL (3rd Party Audit)

Reference: [1] __, “Internal Quality Audits: What They Are & How to Do”, Manchester, 1996, The National

Computing Centre Limited, p.5

50

1. Audit Vertical Production Dept

Logistic

Sub cutting Sub Buffing Sub Welding Sub Painting

Purchasing

Local Purchaser

Import Purchaser

Custom Purchaser

2. Audit Horisontal

Sub Activities Sub Activities

Logistic

Auditor

Unit kerja lain Production

51

Pemahaman dasar terhadap PROSES yang di audit dengan Pemetaan Model Proses.

Klausal 4.1 ISO 9001 menjelaskan identifikasi proses serta korelasi diantaranya.

Flow Diagram Proses diperlukan untuk menjelaskan kunci utama alur produk/jasa & informasi.

Turtle Diagram

52 Turtle Diagram

INPUT PROSES OUTPUT

Material, Alat SDM, Pelatihan, Kompetensi

Metode, prosedur teknis

Monitoring, KPI, tolok ukur

Pengendalian Sekunder

What Result?

Why target?

How (target, monitor)?

With Who?

Where (their placement,

record personel)

How?

With What?

53 Turtle Diagram

INPUT PROSES OUTPUT

Contoh : Pabrik pembuatan pagar dan teralis besi Ruang lingkup perusahaan : pembuatan pagar & teralis besi type ABC

• Order permintaan produk dari Marketing

• Material / bahan mentah / produk ½ jadi

• Produk teralis atau pagar sesuai pemesanan

• Kepuasan pelanggan

Proses yang terlibat: • Pemotongan besi,

pengelasan, penyetelan, pengecatan

54 Turtle Diagram

INPUT PROSES OUTPUT





• Mesin potong, mesin las, dll • SDM yang terampil ramah & kompeten di bidangnya.

• Verifikasi kualitas produk. • Checklist pemeriksaan • Sasaran mutu, sample plan

• IK atau prosedur produksi. • Metode pengelasan

• Pemeliharaan lingkungan ruang cat

• Pemeliharaan rekaman.





55

Proses :pembuatan pagar & teralis besi type ABC

Pemilik Proses : Bagian Produksi, QC, PPIC, Purchasing

Pelanggan Input Proses Inti Output

• PT kepingin • PT Mau • Pemesanan pribadi (jumlah kecil)



Proses: • Pemotongan besi,

pengelasan, penyetelan, pengecatan

Kriteria: • Approval produk • Customer spek • SNI • QC attribute.


• Kepuasan pelanggan.

Material, Alat Metode Monitoring SDM

Mesin potong, mesin las, dll

• IK atau prosedur produksi.

• Metode pengelasan


SDM yang terampil ramah & kompeten di bidangnya

Matriks IPO Pemilik Proses [Process Card / Kartu Proses

56

INPUT PROSES OUTPUT





• SDM yang terampil ramah & kompeten di bidangnya.

C, A

P,Do

P,Do P,Do

P,Do • Mesin potong, mesin las, dll



• IK atau prosedur produksi. • Metode pengelasan

• Pemeliharaan lingkungan ruang cat • Pemeliharaan rekaman.




57

– Informasi & bukti baik temuan positif maupun negatif harus dicatat. Media biasanya menggunakan lembar audit dalam checklist.

– Checklist membantu anda mengarahkan point penting dalam pertanyaan.

– Misal: KPI atau Sasaran Mutu

Apakah KPI sudah ditetapkan? Pastikan kontex sasaran sesuai dengan kebijakan mutu serta dalam koridor peta bisnis.

Bagaimana anda menset target pencapaian? Check kemungkinan set target dari otoritas lebih tinggi atau stakeholder.

Mekanisme pelaporan: siapa yang memantau, kapan dilaporkan, apa perumusan dari sumber data.

Bagaimana strategi anda mencapai sasaran tersebut? Dll…..


58

Aktifitas akhir dari proses audit

[The final activity in performing the audit]

Mendiskusikan tindakan perbaikan yang harus dilakukan terhadap ketidaksesuaian – pastikan perbaikan tidak dilakukan secara „cepat / tidak efektif‟, karena akan berpengaruh terhadap area lainnya

[It is also acceptable at these closing meetings that discussions take place regarding action to be taken as a result of any non-conformances – the auditor must be careful not to encourage a “Quick Fix”- remembering the action taken in one area may impact on another area]


59

• Agenda Rapat Penutupan [Closing meeting – agenda]

– area dimana terdapat kinerja yang sangat baik (Area‟s where exceptional performance was noted)

– tingkat kesesuaian (Levels of conformance observed)

– Ketidaksesuaian (Non Conformance)

– saran perbaikan / peningkatan (Suggestions for improvement)

– catatan lain yang perlu didiskusikan (Other issues of concern)

– tanggal selesainya perbaikan (Agreed dates for follow-up activities)

– jelaskan proses pelaporan tertulis (Explain reporting)

– THANK YOU


60

INTERNAL AUDIT

(6.6 – 6.8) Tahapan kegiatan dasar [Basic activity steps] • Determining Non-conformance /Opportunity for Improvement

& Report Development

Audit

Reporting

61

• Evaluating conformance [Evaluasi Kesesuaian]:

– The auditor is evaluating audit evidence to verify conformance with the audit criteria

[auditor mengevaluasi bukti obyektif untuk mengetahui kesesuaiannya dibandingkan dengan kriteria audit]

– If (evidence = criteria) = Non Conformance

– If there is insufficient evidence then it is possible a non conformance exists but this must be systematically checked

[bila buktinya tidak memadai, masih memungkinkan bahwa NC tetap diterbitkan, tapi auditor harus melakukan pemeriksaan lebih lanjut]

• Documenting nonconformance [Dokumentasian Ketidaksesuaian]

– Once a non-conformance has been confirmed by the Auditor, then it must be formally reported to the organization‟ management

[bila auditor telah memastikan adanya ketidaksesuaian, maka ketidaksesuaian tersebut harus dilaporkan secara formal kepada manajemen perusahaan]

Audit

Reporting

62

• Detail to be reported [hal-hal yang perlu dilaporkan]

– The basic specified requirement against which the non-conformance is raised is identified or

referenced – Procedures / Documents number [Persyaratan tertentu yang mendasarkan penerbitan ketidaksesuaian, misal prosedur / dokumen]

– The exact evidence that clearly demonstrates that the requirement has not been fulfilled [bukti obyektif yang secara tepat menjelaskan bahwa terdapat persyaratan yang tidak dipenuhi]

– The location/area where the non-conformance was identified [Lokasi / area dimana ketidaksesuaian tersebut teridentifikasi]

– Other necessary “professional discipline” information, e.g. date of issue, name of auditor

[informasi tertentu yang telah ditetapkan, misal tanggal, nama auditor, dsb]

• When writing a nonconformity report it must be: [Saat menuliskan laporan ketidaksesuaian, laporan tersebut seharusnya:]

It Should not be:

Factual [Faktual/berdasar Fakta] Trivial [hal-hal kecil / sepele]

Value Adding [mempunyai nilai tambah] Of no benefit [tidak memberikan manfaat]

Audit

Reporting

63

• Absence of mandatory documentation [tidak adanya dokumentasi wajib]

• Specified standard requirement not implemented [persyaratan standard tertentu yang tidak diterapkan].

• Product not meeting legal requirements (i.e. Class associate registered, SNI, etc) [ketidaksesuaian produk terhadap persyaratan legal yang sesuai]

• High number of minor NC against one clause [adanya katergori NC terhadap klausul tertentu dalam jumlah yang banyak]

Major non-conformity

• A single lapse against the requirements of the standard or the company‟s documented quality system [satu kesalahan / kekeliruan terhadap persyaratan standard atau SMM perusahaan]

Minor non-conformity

• Simplification of existing methods [simplifikasi metode yang digunakan saat ini]

• Strengthening and improving existing methods with the potential for future failures [memperkuat dan meningkatkan metode yang ada dari kemungkinan adanya kesalahan dimasa mendatang]

• Evidence to be verified during next visit audit [akan dilakukan verifikasi di kunjungan audit berikutnya]

• NOT mandatory for action [tidak wajib ditindaklanjuti]

Opportunity for improvement & observation

64

• Statemen yang dilaporkan:

Bentuk ketidaksesuaian

Tidak efektif

Tidak konsisten

Kriteria yang dipergunakan

Persyaratan ISO 9001, OHSAS, ISO 14001, CSR

Prosedur, IK, atau peraturan /legal terkait

Sampel atau bukti obyek pelanggaran.

Obyek kejadian, detail sampel yang tidak sesuai

Audit

Reporting

Audit

Reporting

65

• Contoh Penulisan:

Proses pembelian

Proses seleksi & evaluasi supplier tidak dijalankan secara konsisten

ISO 9001 pasal 7.4, prosedur ABCD 7.4

Seleksi & evaluasi pengadaan komputer tidak dijalankan.

Proses identifikasi data pemohon KTP

Pendataan identitas pemohon tidak efektif.

ISO 9001 pasal 7.5.3, Prosedur ABCD 888, IK ABDC 999

Terdapat beberapa identitas pemohon yang tidak cocok antara lembar aplikasi dengan database. Tidakada konfirmasi pembenaran petugas di form tersebut, misal: tanggal lahir pemohon # 6789

66

TINDAKAN KURATIF DAN PENCEGAHAN

Instansi ABCD

Nomor laporan :

Tanggal :

Unit kerja :

Verifikator :

Jenis Ketidaksesuaian □ Audit Internal, Sasaran Mutu

Ketidaksesuaian hasil audit internal, untuk kategori Major & Minor.

Ketidaktercapaian sasaran mutu,.

□ Proses Pelayanan

Ketidaksesuaian Pelayanan, termasuk perencanaan, isi, proses, laporan, & hasil.

Keluhan pelanggan

□ Indikasi keluhan pelanggan

Munculnya keluhan atau ketidakpuasan pelangan

□ ..........................................................

Uraian masalah : diisi oleh auditor terhadap informasi ketidaksesuaian

Tindakan koreksi : (tindakan sementara untuk memperbaiki ketidaksesuaian)

Pelapor :

………………………..

Verifikator

………………………

Tanggal

………………………

Penyebab masalah : (5 M - Manusia, Mesin, Metode, Material, Money), kenapa terjadi

ketidaksesuaian

Pelapor :

………………………..

Verifikator

………………………

Tanggal

………………………..

tindakan kuratif : untuk menghilangkan akar penyebab masalah & menghindari terulangnya

ketidaksesuaian

Pelapor

……………………………

Verifikator

………………………………

Tanggal

…………………………..

Diisi auditor

Dilengkapi auditee

Audit

Reporting

Audit

Reporting

67

• Isi Laporan – Tanggal & area audit

– Kriteria & sasaran audit

– Ringkasan hasil audit, fokus terhadap informasi positif

– Area yang tidak teraudit, termasuk alasannya

– Detail hasil audit – OFI / OBS, NC

– Masukan terhadap program audit

– Distribusi laporan audit

• Laporan Kesimpulan Audit – Laporan tertulis, sebagai informasi untuk tinjauan manajemen

– Merefleksikan kesimpulan audit secara tepat

– Merefleksikan secara akurat laporan verbal yang disampaikan saat „rapat penutupan

68

• Tindak Lanjut & Penuntasan [Follow up & close out]

– Tindak Lanjut [Follow up] – tindakan untuk memperbaiki ketidaksesuaian, memastikan bahwa tindakan tersebut efektif dan tidak berulang

[Action taken to establish action required to rectify a non-conformance and to verify that the action implemented has been effective and will prevent recurrence]

– Tuntas [Close out] – bukti yang menunjukkan bahwa tindakan perbaikan telah efektif dan tidak memerlukan tindakan lain (Evidence shows that the action implemented as a result of follow up has been effective and no further action is required)

Audit

Reporting

69

• Tindak Lanjut & Penuntasan [Follow up & close out]

(New 2008)

– Follow up – Pihak Management yang bertanggungjawab atas area yang sedang diaudit harus memastikan bahwa Tindakan Koreksi dan Korektif yang dibutuhkan.. (The Management responsible for the area being audited shall ensure that necessary corrections and corrective actions are taken…)

– Pertimbangkan untuk mencatat Koreksi dan Tindakan Koreksi di Form yang tersedia (Consider to log in the Form either Correction and Corrective Actions)

Audit

Reporting

70

The management responsible for the area being

audited shall ensure that any necessary

corrections and corrective actions are taken

without undue delay to eliminate detected

nonconformities and their causes.

Audit

Reporting

Follow-up activities shall include the verification

of the actions taken and the reporting of

verification results (see 8.5.2).