Activity 5.2(a) Participation of Relevant Parties PAGEREF _Toc12089314 \h 145
Activity 5.2(b) Researching & Using Tools & Techniques to Generate Risks PAGEREF _Toc12089315 \h 146
Section 6 – BSBINM501 Manage an Information or Knowledge Management System PAGEREF _Toc12089316 \h 147
Activity 6.1 Learning Plan for Information Management System PAGEREF _Toc12089317 \h 148
Activity 6.2 Manage Use of Information Management System PAGEREF _Toc12089318 \h 151
Workbook 2 Completion Options
Delivery Modes
Please read the following information regarding completion options for Workbook 2 relating to the delivery mode you are enrolled in.
Intensive Delivery
Learners undertaking BSB51615 Diploma of Quality Audit through Intensive Delivery are encouraged to commence Workbook 1 prior to attending face-to-face delivery where they are able to. Where a Learner has not commenced the workbook, this will be completed in their own time post course. This workbook will not be worked on during the face-to-face course.
Self-Paced Delivery
Learners undertaking BSB51615 Diploma of Quality Audit through Self-Paced Delivery must complete and submit Workbook 1 prior to attempting Workbook 2. Learners can commence Workbook 2 without having received outcome of Workbook 1. Learners who have not submitted workbook 1, will not have workbook 2 assessed.
NOTE: Remember you have 24 /7 access to our online learner discussion forum as well as regular access to our trainer and assessors via phone or email. If you do require assistance please call 1300721503 or email assess@hba.edu.au
About this Workbook
These assessment workbooks designed to be used in conjunction with the Learner Guide and also require you to undertake research and demonstrate the knowledge and corresponding skills that will be needed for the assessment activities. The work you complete in this workbook will be used as evidence to contribute to your overall competence.
There are two assessment workbooks to complete for this course. This is the first assessment workbook. The intent of the workbook is to provide for the acquisition of underpinning knowledge via the reading of a comprehensive learner guide and completion of assessment questions.
Read and consider all of the information for each activity prior to commencing the activities. All sections in this workbook must be completed prior to submitting for assessment.
Once you have successfully completed both workbooks and been assessed as Competent by HBA, you will have achieved your BSB51615 Diploma of Quality Audit.
TheBSB51615 Diploma of Quality Audit comprises of eight (8) Elective Units of Competencies.
Units of Competency:
BSBAUD501
Initiate a quality audit
BSBAUD503
Lead a quality audit
BSBAUD402
Participate in a quality audit
BSBAUD504
Report on a quality audit
BSBWOR502
Lead and manage team effectiveness
BSBRSK501
Manage risk
BSBINM501
Manage an information or knowledge management system
BSBMGT516
Facilitate continuous improvement
Locked Documents
HBA assessment materials are ‘Locked’ with restricted editing. This means you can only write in the coloured brackets provided. We do this to ensure the integrity of our documents can be maintained.
If your software is not compatible with a locked document and you are having any issues typing into the brackets, refer to HBA Learning Centres Support Centre https://hba.edu.au/support-centre/or contact HBA at support@hba.edu.au
Elements of Assessment
The elements of each activity in this workbook need to be undertaken, completed, and returned to HBA electronically for assessment. Any additional information or evidence supplied by the learner to support their assessments should be returned with this workbook.
In undertaking an activity in this workbook you will be asked to:
Answer questions;
Conduct research;
Complete templates
NOTE:
Some activities may require you to undertake internet or other research. This research assists in meeting competency requirements and in completing assigned activities.
This workbook:
The Learner Guide has been designed to provide you with ample amount of background information to assist you with understanding each Unit of Competency. Use the Learner Guide, the Learner Resources Folder and conduct some additional research to formulate your answers.
It is essential that your answer addresses all components of the question adequately, simply copying and pasting content that more or less answers the question is not appropriate. You can copy and paste content from other sources, but you must modify/paraphrase it to meet the question requirements and demonstrate your understanding of key concepts, ideas and models.
Provide a response to each question/request in the left hand column of the table below. Your responses should be entered into the adjacent area in the right hand column. Answers need to contain enough information and detail to demonstrate a sound understanding of the area/s the question relates to.
It is not acceptable to use the example provided for you under the question in your own response.
Tips:
Read the questions to ensure you are providing what has been asked for.
Answers do not need to be overly expansive, but they do need to have sufficient information to clearly answer the question and demonstrate your understanding
Where simulation has taken place to complete an activity, please ensure all components of the activity have been completed i.e. simulated learner, must include name, address, etc. of the simulated learner
Assessment Conditions
Assessment conditions stipulate any mandatory conditions for assessment. These conditions specify the conditions under which evidence for assessment must be gathered, including any details of required equipment and materials; contingencies; specifications; physical conditions; relationships with team members and supervisor; relationships with client/customer; and timeframe.
Assessment conditions, provide specific learner and assessor requirements, including any details related to qualifications, experience and industry currency.
The following stipulates the assessment conditions for the individual Unit of Competencies, to be completed for the BSB51615 Diploma of Quality Audit.
When completing the required activities, ensure these assessment conditions outlined below for each Unit of Competency are met.
BSBAUD501 Initiate a quality audit
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the regulation, licensing and risk – quality auditing field of work and include access to:
workplace documentation including previous quality audit reports, checklists, risk management plans and audit plans
BSBAUD503 Lead a quality audit
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the regulation, licensing and risk – quality auditing field of work and include access to:
workplace documentation including previous quality audit reports
checklists
risk management and audit plans
BSBAUD402 Participate in a quality audit
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the regulation, licensing and risk – quality auditing field of work and include access to:
workplace documentation including previous quality audit reports, checklists, risk management plans and audit plans
BSBAUD504 Report on a quality audit
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the regulation, licensing and risk – quality auditing field of work and include access to:
workplace documentation including quality audit reports, checklists, risk management plans and audit plans
BSBWOR502 Lead and manage team effectiveness
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the industry capability - workplace effectiveness field of work and include access to:
workplace documents
case studies and, where possible, real situations
office equipment and resources
interaction with others
BSBRSK501 Manage risk
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the regulation, licensing and risk - risk management field of work and include access to:
relevant legislation, regulations, standards and codes
relevant workplace documentation and resources
case studies and, where possible, real situations
interaction with others
BSBINM501 Manage information or knowledge management systems
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the knowledge management – information management field of work and include access to:
relevant legislation, regulation, standards and codes
relevant workplace systems, documentation and resources
case studies and, where possible, real situations
interaction with others
BSBMGT516 Facilitate continuous improvement
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the management and leadership field of work and include access to:
relevant workplace documentation and resources
case studies and, where possible, real situations
interaction with others
Checking off Assessment Tasks
As you complete each activity, it is recommended you check it off against the supplied activity checklist and attach any additional supplementary evidence required to meet competency. In signing off on each activity you are declaring that YOU have undertaken the specified task(s). Where it is verified that a learner fraudulently signed off on an assessment item as being their own work when it is not, competency will be withheld and the relevant authorities notified.
Once you answer the question, re-read the question to make sure you have covered off on all requirements.
It is not appropriate to use the example provided for you in your answer
Submitting Assessment Workbooks
Only completed assessment activity items with appropriate evidence which is valid under the Registering Authority guidelines, and the terms of the RTO and its authorised delegates will be used toward determining competence.
Ensure you save your work regularly while completing the workbook. Ensure you keep a copy of your workbook prior to submitting.
You must submit your assessments in the Workbooks provided in their original format.
Untidy, unclear, or hard to decipher material will be returned to the learner without assessment being conducted. HBA will not undertake assessment until the evidence supplied is in a format that meets the professional standard required by those working in leadership roles in the workplace.
Workbooks will only be assessed when all activities have been completed. Where a Workbook is submitted with activities not complete, this is a formal submission and you will be deemed Not Satisfactory, with 2 submission attempts remaining.
Upon submission, learners will receive an automated response, detailing assessment timeframe. Feedback will be provided by email within 14 business days from receipt of the workbook. Assessors will provide clear and specific feedback where resubmission is required. Where resubmission is not required, assessors will advise Learners, they have satisfactorily completed the workbook.
Learners have three (3) attempts at each assessment before alternative learning options are considered. This will be completed on a case by case basis by a member of the Compliance team.
HBA Learning Centres provides all assessors with assessment benchmark guides, to assist with the assessing of workbooks. HBA Learning Centres assessors have also been instructed to use their professional judgement as an assessor and from industry currency and experience, to allow for reasonable adjustment and flexibility when assessing holistically.
NOTE:
Intensive delivery learners please ensure you submit your completed workbooks and any supporting evidence to your trainer, you will be provided their email address during the course.
Self-paced learners, please submit you completed workbooks and supporting evidence electronically sent (e-mailed) to HBA’s assess desk at: assess@hba.edu.au
Assessment Feedback
Assessment feedback will be provided to you via email. You will receive progressive feedback, outlining each of the activities within the workbook and the outcome of either Satisfactory or Not Satisfactory.
Where you have received outcomes of Not Satisfactory, the assessor will provide you with clear and precise feedback, to assist you with your resubmission.
Once you have been deemed Satisfactory in all required activities in both workbooks, you will receive overall results, which will, provide you with the results of Competent and show Competent in all Units of Competency completed.
You as a learner, have a right to appeal against a decision made by HBA Learning Centres in regard to an assessment result. If following feedback discussions with the Assessor, you are not satisfied, you are required to:
Complete the RTO 2.6.3 Complaints and Appeals Application Form or provide in writing (email is acceptable), reason for the appeal;
HBA will source the original submission and request and/or accept further evidence as required; and
Document and submit an account of any non-written assessment items to the Compliance Manager: complaints@hba.edu.au
Any such resubmissions are to be provided to the HBA Compliance Manager who will arrange for the resubmission to be re-assessed by a neutral third party, by way of an independent HBA Assessor.
The outcomes of the re-assessment will by fully document. This outcome will be given to the Learner directly and further support will be made available if required.
Learners are entitled to one (1) appeal per assessment decision. The decision of the independent HBA Assessor assigned to the appeals case decision will be final.
Support Available
Discussion Forum: Many questions related to the course have already been answered on the Learner Discussion Forum hba.edu.au/support-centre/; this should be your first point of call. If it has not been addressed, then post your questions there.
IT Tips: Outlines software compatibility for workbooks, how to split pages, zip files etc. hba.edu.au/support-centre/
Email: You can also direct more specific or non-course related questions to assess@hba.edu.au (e.g. assessment turnaround times, help unlocking workbooks, assistance using the forum, etc.)
Telephone support: Call 1300 721 503 for short conversations (less than 10 minutes) to get quick and direct answers
Face-to-Face or Telephone Tutorials:1 Hour sessions by request ($50p/hr)
Progression Email:HBA will contact you every 3 months via email throughout the duration of your course, offering support as required and approximately where you should be in completing your workbooks, to ensure you will complete the course within the given timeframe
Extension Applications: An extension may be granted in exceptional circumstances. There will be an administration fee applied for extensions. Extensions must be applied for during the course timeframe. No more than 2 extensions will be granted. All extension requests regardless of you mode of delivery must be sent to assess@hba.edu.aufor consideration.
Activity Checklist and Declaration
The activity checklist on this page and the declaration on the next page need to be completed prior to submitting your workbook for assessment.
Sections
Unit/ of Competency
(Primary focus of this section)
Completed
(Initialled)
Date
Section 1
Prepare for an Audit
JI
22.06.19
Section 2
Lead and Participate in an Audit
JI
22.06.19
Section 3
Report on a Quality Audit
JI
22.06.19
Section 4
Lead and Manage Team Effectiveness
JI
22.06.19
Section 5
Manage Risk
JI
22.06.19
Section 6
Manage an Information or Knowledge Management System
JI
22.06.19
Learner Declaration
I Jamie Ilton declare that I have personally completed all activities in this workbook.
I understand that competency will not be given if I do not meet the assessment evidence and activity requirements or if it is discovered that I have not undertaken all expected tasks.
I understand that HBA reserves the right to immediately withdraw a qualification if it is found that I provided false or misleading evidence, this includes any declaration, resource or tool I have submitted as being authored by me that I have submitted.
I further note this includes any statement, whether written or spoken, by any witness or other third party I have used to provide testimony, or any other evidence which serves to allow HBA Assessors to make an Assessment decision.
I understand HBA may, at its own discretion and without notice contact any third party I have used to provide testimony or any other evidence to HBA Assessors. If HBA forms a reasonable doubt as to the authenticity of such evidence, then it shall withdraw any issued qualification without notice.
I confirm, I have met the required assessment conditions, as outlined in this workbook.
Signed:
Date:
22.06.2019
Name (print):
Jamie Ilton
* Electronic Signature is acceptable
Course Completion Date: You are given 18 months from enrolment to complete this course. An extension may be granted in exceptional circumstances. NOTE there will be an administration fee applied for extensions. Extensions must be applied for during the course timeframe. No more than 2 extensions will be granted.
Section 1 – Prepare for an Audit
Section 1 cover the requirements for the Unit of Competency, BSBAUD501 Initiate a Quality Audit.
This unit describes the skills and knowledge required to initiate and organise a quality audit with an auditee. It covers assessing the scope and objectives of a quality audit; communicating with the auditee regarding the proposed quality audit; identifying resources required to conduct the audit; and developing and submitting a quality audit plan. The types of audits may include external or internal systems audits or process or product/service audits.
It applies to individuals with a well-established theoretical knowledge base in quality auditing who are proficient in using a wide range of specialised, quality auditing and managerial techniques to plan, carry out and evaluate a quality audit. Individuals also supervise and monitor the processes and outcomes of others working in a quality audit team.
Learners are required to meet the following assessment conditions for this Unit of Competency.
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the regulation, licensing and risk – quality auditing field of work and include access to:
Workplace documentation including previous quality audit reports, checklists, risk management plans and audit plans.
Tick upon completion of activities:
ACTIVITY SUBMISSION
Y
Activity 1.1 Initiating an Audit
Y
Activity 1.2 Pre-Audit Discussion Proposal
Y
Activity 1.3(a) Develop an Audit Plan
Y
Activity 1.3(b) Develop an Audit Plan
Y
Activity 1.4 Prepare Audit Team
Y
Activity 1.5 Organise Entry Meeting
Y
Activity 1.6 Entry Meeting Agenda
Activity 1.1Initiating an Audit
Instructions to Learners:
Using the case study, SSS RTO located in the learner resource folder. Learners are required to compose an email or letter, responding to the request from the organisation for a quality audit. Learners must ensure they demonstrate structure, tone and vocabulary appropriateness to the intended audience, context and purpose.
Within the email or letter, learners should address the following:
Identification of who you are
Introduction of audit team if one is required
Identification of the objectives of the audit
Mention of what may be required by the organisation
Mention that staff may be required by the auditors
Mention of an agenda to be provided
The A Team Auditors
115/165 James Street
SYDNEY NSW 2001
11 June 2019
Dear Patricia
RE: Application for ISO 9001:2016 – Quality Management Systems
As per your previous email re the above, we wish to propose the following to support the above-mentioned audit of your QMS, at your Sydney premises from 9am Monday 19 August to 5pm Tuesday 20 August 2019.
Undertaking this audit will be:
Lead Auditor: Jacqui Crafter
Assistant Auditor: Jamie Ilton
Specialist Auditor: Claudia Schiffer
ASQA Advisor: Sally Wray-McCann
Document/system Control: Peter Douch
The objectives of the audit include a review of your existing QMS systems to determine compliance and conformity to ISO and ASQA standards requirements and any other suggestions for your upcoming expansion into WA.
For us to prepare the Audit plan and to assist us to acquire an understanding of your organization prior to the audit we would request the following documents:
Quality Manual including Policies and Procedures;
Previous Audit findings and their associated Corrective Actions;
Contract with SIM;
Marketing Materials;
Organizational Chart including Staff Matrices
Existing or Upcoming KPIs/PPIs
Once on site and for us to conduct an effective audit we require the following:
Access to your premises from 9.00am to 5.00pm
A room that can accommodate a minimum of 5 people
Internet access
Access to following SSS staff:
Simon Smith - Business Owner (Founder)
Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Terry Troutback - Training Manager
Rebecca Right- Office Manager
Henry Hogan- HR Manager
Alison Allwell, Michael Carmichael, Willard Woo - Sydney Training Consultants
Other staff as required
Access to necessary documents (hard copies and/or soft copies)
Car parking
Once we have received the requested documentation we will provide you with a draft of the Agenda going forward. This will allow both parties to rectify any discrepancies and finalize the agenda.
We will email all related reports securely to you and will ensure that all reports are written in a systematic format.
Should you have any questions please contact myself to discuss.
Kind regards
Jacqui Crafter
Lead Auditor
Email: hsmith@theAteam.org.au
Mobile: 0877 302020
Activity 1.2Pre-Audit Discussion Proposal
Instructions to Learners:
Learners are required to develop a pre-audit discussion proposal. Learners may use the case study, SSS RTO located in the learner resource folder, or their own workplace as an example.
The pre-audit discussion is the first contact an auditor has with an auditee to determine the following:
the audit objectives and scope based on identified business risk areas, including critical success factors and goals
previous audit history, organisational structure
the relevant standards and legislation impacting on the audit
Identified risks associated with conducting the audit, both audit team and organisation
proposed audit methods and techniques
Handling of any areas of confidentiality or sensitivity
A familiarisation tour- identifying any high risk areas or exclusion zones
Barriers to conducting the audit
Identify your role in the audit process
Complete the template below or submit a work sample, which you may have already completed. Where a work sample is submitted, a third-party report is required.
Pre-audit discusson proposal
Timeframes (determine the time & date required for the audit)
Start
Finish
9am Monday 19 August
5pm Wednesday 21 August
Review the organization and identify and rate any risks that the business might have. (1 = most likely, 9 = least likely)
Financial
5
Staff Retention
7
Reputational
1
Legislative
4
Technological
9
Safety/Injury
8
Political
2
Economic
3
Policy
6
Other ASQA
10
Other
Other
Determine the objectives of the auditee
(Why does the auditee need to conduct an audit?)
Build rapport and image across multiple sites
Strong Marketing/Advertising properties
Assist with ASQA compliance processes (ongoing)
Improve on SSS management systems and staff morale
To achieve ISO 9001:2016 accreditation
Assist with expansion into WA
Determine the scope of the audit from the risks identified above
(What are you going to audit?)
To complete an external audit on SSS with AS/NZS ISO 9001:2016 Quality Management System Section 5 Leadership
Reputation (5.1.1, 5.1.2, 5.2.1, 5.2.2, 5.3)
Political (5.1.1, 5.1.2, 5.2.2,5.3)
Economic (5.1.1, 5.1.2, 5.3)
Legislative (5.1.1, 5.1.2, 5.2.2)
Financial (5.1.1, 5.1.2, 5.2.1, 5.3)
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Staff Retention (5.1.1, 5.2.1, 5.2.2, 5.3)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
ASQA (5.1.1, 5.2.1, 5.2.2, 5.3)
Identify your role in the audit process
(Include job title and duties of lead auditor)
Lead Auditor: Jacqui Crafter(Audit team and timeline management/ Audit and document control)
Alison Allwell, Michael Carmichael, Willard Woo - Sydney Training Consultants
Joan Jolly, Beatrix Botter- Administration Officers
Relevant standards and legislation impacting on the audit
(List the standards and legislation you will review or benchmark to complete this audit)
AS/NZS ISO 9001:2016 Guidelines for Quality Management System – requirements, Section 5 Leadership.
Fair Work Act 2009
Privacy Act 1988 (including amendments)
Privacy & Personal Information Protection Act 1998 (NSW)
Work Health and Safety Act 2011
Work Health and Regulations 2011
NVR Standards for RTO 2015
Occupational Health and Safety Act 1984(WA)
OHS Regulations 1996 (WA)
Audit History
AUDIT RECORDS
Audit Type
Audit Date
Outcomes
Actions Required
Audit Status
ASQA initial Registration Audit
6.10.2015
Organisation demonstrated Compliance with the Standards for RTOs 2015
No actions required
Organisation has met the requirements to become a Registered Training Organisation (RTO)
ISO Standard 9000 Audit
3.02.2016
Unable to provide evidence of quality policy and objective.
Develop the quality policy and objectives, before the next internal audit (clause 5.2.1)
Non-Conformities and Corrective Actions Recommended
ISO Standard 9000 Audit
10.04.2016
Organisation did not provide evidence that it could determine and provide resource needed for implementation and maintenance of the quality management system and continually improve its effectiveness
The organisation must develop a strategy for determining and providing resource requirements for the QMS they advised is implemented (clause 4.4)
Non-Conformities and Corrective Actions Recommended
Risk
Identify a minimum of four (4) safety risks/consequences associated with conducting this audit
Risk/Consequence
Control
Responsibility- Name and Title
Action by (date)
Stress/Fatigue
Review or Implement Fatigue Management Policy and Plan to manage
Simon Smith - Business Owner (Founder)
Patricia Prat - Operations Manager
10 August 2019
Technology Failure
Review or Implement ICT Policy and Operational Guidelines to manage
Spare computers/system
Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Rebecca Right- Office Manager
10 August 2019
Financial - Loss
Review or
Implement Financial Policy and Procedure to manage
Simon Smith - Business Owner (Founder)
Steven Sibley, Compliance Manager (co-founder)
Patricia Prat - Operations Manager
10 August 2019
Reputation - Bad
Review or Implement Marketing Strategy
to manage
Simon Smith - Business Owner (Founder)
Steven Sibley, Compliance Manager (co-founder)
Patricia Prat - Operations Manager
Henry Hogan, HR Manager
10 August 2019
Barriers
Identify a minimum of four (4) barriers you may face when conducting this audit
Barrier
Solution
Responsibility- Name and Title
Resource requirements
Time constraints
Allocation preparation time.
Follow timeframes as per audit plan.
Patricia Prat - Operations Manager
Henry Hogan- HR Manager
Staffing for preparation time and over the duration of the audit.
Staff Illness/availability
Secondary person available with the knowledge of the audit components /Communicate in plenty of time to provide notice. Invites in staff calendars.
Patricia Prat - Operations Manager
Henry Hogan- HR Manager
Availability of secondary staff prior to and during the audit. Staff Calendars, emails/invites
Power outage
Hardcopy documents available where possible. Backup e.g. Cloud in place.
Joan Jolly, Beatrix Botter- Administration Officers
Access to IT and to the required documentation.
Physical space to conduct the audit
Arrange and book suitable space for five plus people with access to WIFI, projector, photocopier/scanner and general facilities.
Patricia Prat – Operations Manager
Henry Hogan – HR Manager
Rebecca Right – Office Manager
Meeting room with teleconferencing facilities. Book/request use of meeting room.
Lack of understanding for key staff of the auditing requirements
Email/distribute a fact sheet on audit and what’s involved
Steven Sibley, Compliance Manager
Patricia Prat, Operations Manager
Make available to staff Fact Sheet for Internal Auditing IIA Australia
Determine the proposed audit methods and techniques
(What methods will you use to collect data and conduct the audit?)
Initial email/letter
Documentation review
Face to face interview and consultation
Practical demonstrations
Process sampling
Determine any requirements for confidentiality and privacy of information
(Is the information you access, relevant to achieving the audit scope? Does the organisation have any boundaries to accessing data/personnel?)
Privacy Act 1988, ISO auditing Standards
Privacy/confidentiality policy for company: Patricia Prat – Operations Manager/Rebecca Right – Office Manager to manage/hold/review and take ownership of
Out auditing team shallot disclose information to any person during or after the audit has occurred without prior approval for the SSS.e.g.; findings and corrective actions will not be provided to SAI Global 9001:2016 – certification unless requested in writing by SSS.
Retention of records relevant to audits and reviews (as per AS4390 Australian Standards for records management and Australian Standard AS/ISO15489 for electronic records) must be retained for 7 years.
Familiarisation tour (if necessary)
(Identify any high-risk work areas, exclusion zones and PPE that may be required when conducting this audit)
High risk areas
Server room, kitchen
Exclusion zones
Server room, financial records, staff records
PPE (personal protective equipment)
Closed toe footwear, appropriate apparel
Resource Requirements
Identify and confirm availability of any resources required to conduct this audit, ensuring you mention audit team members and organisation employees.
Resource
Availability (Y/N) If no- why?
Details (When is the resource available, where is it accessed?)
Previous audit results
[Y]
Supplied prior to Audit by Patricia Prat Operations manager (email)
QMS (including P&P Org Chart
[Y]
Supplied prior to Audit by Patricia Pratt – Operations Manager (email)
IT equipment (i.e. pcs scanners, Printers etc.
Y
Rebecca Right – Office Manager
Meeting Room
[Y]
Rebecca Right – Office Manager
SSS Server
[Y]
Supplied prior to audit by PP – Ops Manager
SIM
[Y]
Steven Sibley – Compliance manager (co-founder)
Audit tools & Plans
[Y]
Lead Auditor – Jacqui Crafter
catering
Y
Rebecca Right, Office Manager
Admin support for scanning/printing/office needs
Y
Rebecca Right, Office Manager
Continuous Improvement
Determine the organisations method for continuous improvement
(What system or process will the organisation follow to ensure continuous improvement- of resource use, efficiency etc.)
Implement continuous Improvement Register
Action plan and action items completed as per as per continuous Improvement Register
Keep software/hardware up to date
Monitoring of current legislative requirements
Implement ASQA requirements
Review student and trainer feedback
Implement risk management register
Implement controls as per risk management register
Review risk controls continually
Review and implement training packages
Implement profession development
Review Non-conformances and implement corrective actions
Management review/staff performance review
Peer to peer review process
Staff meeting and minutes, review outcomes of meeting minutes
Review and understand OHS and WHS policy and procedure
Safety meetings and minutes, review outcomes of meeting minutes
Set KIS/SMART goals and KPIs
Outline strategies to ensure audit team members, participate in the decision-making process throughout the audit
Initiation meeting (start-up)
Entry meeting
Regular consultation
Lead Auditor review of auditors and information gathering
Updates via email
Progress reports to all relevant stakeholders
Exit meeting
Final report review
Approvals
Determine date for approval of the following criteria.
(Date of approval is required so that the auditee can request changes to audit schedules and plans)
Audit Plan
Documents required for review prior to entry meeting
Facilities required for audit team
Which departments/individuals are required for the audit
Friday 5 August 2019
Friday 5 August 2019
suitable space for five plus people with access to WIFI, projector, photocopier/scanner and general facilities
Simon Smith - Business Owner (Founder)
Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Terry Troutback - Training Manager
Rebecca Right- Office Manager
Henry Hogan- HR Manager
Alison Allwell, Michael Carmichael, Willard Woo - Sydney Training Consultants
Joan Jolly, Beatrix Botter- Administration Officers
Approvals
The signatures below certify that this pre-audit proposal has been reviewed and accepted and demonstrates that the signatories are aware of all the requirements contained herein and are committed to ensuring their provision. Please note- approvals are only to be signed once final approval has been made.
Name
Signature
Position
Date
Prepared by:
Jacqui Crafter
Jacqui Crafter
Lead Auditor
4 June 2019
Reviewed by:
Jamie Ilton
Jamie Ilton
Assistant Auditor
4 June 2019
Approved by:
Claudia Schiffer
Claudia Schiffer
Specialist Auditor
4 June 2019
Activity 1.3Develop an Audit Plan
Instructions to Learners:
Learners are required to develop two (2) audit plans for 2 different auditees’, across a variety of contexts.
Audit Plan One (1), is to be developed using the case study, SSS RTO in the learner resources folder. The second (2) audit plan, can be developed for an organisation of your choice.
Learners have been provided the templates for 2 audit plans below. Learners are required to complete these templates, or are able to submit work samples, along with a third-party report.
An audit plan is used to clarify the entirety of the audit with the auxcsditee. Once you have approved the audit plan you will then develop your audit checklists and prepare your audit team. You will need to plan for:
audit requirements and/or identification of relevant quality system documentation
auditee provision of personnel for audit
confidentiality requirements
contingency actions
Continuous improvement strategies for organistion and employees
Learners are required to complete the following template: All components of the template must be completed, including fictional details, i.e. names.
Audit plan 1
General Information
Date:
19th August 2019
Auditee Organisation Name:
SSS RTO
Auditee Representative:
Patricia Prat - Operations Manager
Location
1 George St Sydney NSW 2000
Audit Requirement
SSS is looking to expand into the western states within a year and this will require more staff to service a growing customer base.
Patricia has identified that if SSS do not comply with internal audits completed and need to understand what are the “at risk” business practices or failings within SSS.Not understanding and then implementation of controls may put SSS’s reputation at risk and force possible closure.
Scope and Objectives
Scope
To complete an external audit on SSS with AS/NZS ISO 9001;2016 QMS section 5 Leadership
Audit Objectives
Requirements needed to help achieve ISO 9001:2016 accreditation Build rapport and image across and into new and sites
Strengthen image within current SSS footprint
Understand how to develop strong marketing/ advertising properties
Assist in complying with ASQA and their processes
Understand and build on SSS management systems
Assist with staff understanding of SSS systems and improving productivity
Audit Team Matrix
Member
Name
Responsibility
Required Skills
Required Knowledge
Audit Team Leader
Jacqui Crafter
Lead Auditor
Microsoft office, VET degree, 30 experience in auditing, TAE qualified
ISO Standards 9001 QMS
Audit Team
Jamie Ilton
Assistant Auditor
Microsoft office, VET Cert IV, 10 yrs. audit experience
ISO Standards 9001 QMS
Sally Wray-McCann
ASQA Advisor
Microsoft office, in depth knowledge of ASQA standards, VET degree
ISO Standards 9001 QMS
Claudia Schiffer
Specialist Advisor
Microsoft office, RTO 15 years’ experience, Communications Degree
ISO Standards 9001 QMS
Peter Douch
Document/systems control
Microsoft office, SIM expert, ICT degree
SIM SME
Additional Personnel
Identify a minimum of 4 additional personnel that could join the auditor’s team to assist the audit
Mary Bird/Melbourne based/RTO registration adviser
Microsoft Office, 15 years training consultant
ISO Standards 9001 QMS/RTO compliance understanding
Audit Consultant/VET SME
John Blue/Darwin/ VET SME
30 yrs. audit experience, VET degree
ISO Standards 9001 QMS/VET understanding
Privacy and Confidentiality
You must clarify the privacy and confidentiality agreements outlined in pre-discussion audit proposals
In accordance with the Privacy Act 1988, we will be sighting, but not disclosing any parts of the Audit – unless otherwise disclosed by SSS.
Privacy/confidentiality policy will be required: Patricia Prat – Operations Manager/Rebecca Right – Office Manager will create the documentation.
The audit findings will be privately maintained for twelve months post audit. Sensitive information is defined as data that is protected or needs to be secured against unauthorized access.
Out auditing team shall not disclose information to any person during or after the audit has occurred without prior approval for the SSS.i.e.; findings and corrective actions will not be provided to SAI Global 9001:2016 – certification, unless requested by SSS.
Distribution of Reports
The Audit Report and Findings will be provided to Simon Smith- Business Owner and Patricia Prat – Compliance Manager via drop box with a hard copied send via registered post two weeks post audit completion for utilization and distribution as required.
SSS shall acknowledge electronic receipt of report within 24 hours.
The A Team Auditors will retain a controlled copy of the Audit Report and Findings for a period of 12 months post audit completion. Which will not bere- distributed unless A team Auditors receive an official request from SSS RTO.
Reporting Criteria
All reports to be formatted against know standards and SSS RTOorganisational requirements, noting if SSS RTO does not prove a formatting requirement, A Team Auditors will format to their formatting standards.
All reports to be stored securely at SSS RTO.
All reports will be secured on The A Team Auditor’s servers (for a period of 12 months and then will be removed).
All reports will also be securely backed-up.
All reports will be checked and verified, including checks for grammatical, spelling and content errors.
Contingency Actions
1.
Time constraints
2.
Staff Illness/availability
3.
Power outage
4.
Physical space to conduct the audit
5.
Lack of understanding for key staff of the auditing requirements
Continuous Improvement
Organization
Employees
SSS RTO
As per Standards for RTO 2015 – PD for all roles to be completed, PD to align with qualifications on scope, conform to AVETMISS to ensure consistency and accuracy of VET, have knowledge in ASQA and them understand and requirements
SIMS
Update system, train in use of and understanding of SIMS, use SIMS best practice protocols
The A Team Auditors
Currency with ISO Accreditation requirements against ISO 9001:2016 QMS – requirements assessment review processes, peer to peer review process, maintenance and updating of qualifications
External Audit Consultants
Currency with ISO Accreditation requirements against ISO 9001:2016 Quality Management – requirements assessment review processes. NVR RTO standards 2015 expertise. maintenance and update of relevant qualification,
Audit Method and Sampling Techniques
You must clarify the audit methods and sampling techniques outlined in pre-discussion audit proposals
Initial email and letter
Entry meeting - discussion
Face-to-face interviews – draw on questions and answers given
Consultations – seek clarification of information/documents/procedure and policy
Random sampling of documentation – review on site
Pre-audit documentation review – thorough review of information requested and proved
Practical demonstrations – by interviews and in a work environment
Exit meeting - open and frank discussion on in draft findings
Audit Schedule
Identify auditee personnel that you will be required to interview throughout the audit. Include the meeting/interview type, participants, resources and topics that you will discuss.
Type
Allocated Time
Participants
Topics
Resources/documentation
E.g. Entry Meeting
9-00-9.30
Who from the auditee team will be involved in meeting & who from the audit team?
Full name and titles of all involved
ISO9001: Clause 4.2 (Documentation requirements)
ISO9001:2016
Quality Assurance Manual
Documentary Evidence- Policies and procedures
PRE-AUDIT
Letter/email
Thirty Minutes
Prior to Audit
Jacqui Crafter - Lead Auditor
Patricia Patt – Operations Manager
As outlined in the email/letter
PC, internet, scope of requirements for audit, ISO 9001:2016 Quality management systems - requirements
Audit Plan
2 weeks pre-audit
Jacqui Crafter – Lead Auditor
Jamie Ilton – Assistant Auditor
Claudia Schiffer – Specialist auditor
Documentation requirements as specified in previous communications
ISO 9001:2016 Quality management systems – requirements
DAY ONE
Entry Meeting
9am – 9.30am
Jacqui Crafter - Lead Auditor
Jamie Ilton - Assistant Auditor
Claudia Schiffer - Specialist Auditor
Sally Wray-McCann - ASQA Advisor
Peter Douch - Document/system Control
Simon Smith - Business Owner (Founder)
Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Terry Troutback - Training Manager
Rebecca Right- Office Manager
Henry Hogan- HR Manager
Alison Allwell, Michael Carmichael, Willard Woo - Sydney Training Consultants
Joan Jolly, Beatrix Botter- Administration Officers
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
Resources:
Meeting Room and related amenities
IT Technology (PCs, printers, scanners, etc.)
Software platforms, i.e. SIMS
Documentation:
Meeting template with required fields, i.e. – entry meeting Agenda items
Attendance records etc.
ISO9001:2016 quality management systems – requirements
Previous Audit findings
RTO documentation – including but not limited to:
D4.1 - Quality Assurance Manual
D4.2.3 - Document Control
D4.2.3B - Document Review
D4.2.3C - Document Outgoing
D4.2.4 - Document Design and Approval
P4.1 - Quality Policy
P4.2.1 - Quality Objective
P4.2.3 - Emailing Policy
R4.2.3C - Outgoing document log
Customer Feedback Folder with content
D5.5.1 - Quality Management Responsibilities
D5.5.3B - Workplace Meetings policy
D5.6.1 - Customer Feedback policy
F5.5.3B - Meeting Minute Agenda template
F5.5.3C - Monthly Meeting Minutes
F5.6.1 - Student Feedback Template
P5.5.1 - Org Chart
R5.5.3B - Meeting Minutes Register
R5.6.1 - Customer Feedback Register
Induction form folder
D6.2.2 - Monthly Staff Training
D6.2.2B - Induction policy
D6.4 - Work Environment policy
F6.2.2 - Induction checklist template
R6.2.2 - Staff Training Matrix
R6.2.2B - Induction training register
General Manager Compliance Job Description
Training Consultant Job Description
SSS Continuous Improvement Policy V1.0 October 2016
SSS Continuous Improvement Procedure V1.0 Oct 2016
SSS Risk Management Policy
SSS Risk Management Procedure V1.0 October 2016
SSS RTO Risk ManagementRegister V1.1 October 2016
1. Case Study SSS RTO Details V1.2 October 2016docx
2. Case Study SSS Team Profiles V1.0 October 2016
3. Case Study Audit Team Candidate Profiles
Site Inspection and Induction
9.30am – 10.15am
Patricia Prat – Operations manager
Jacqui Crafter - Lead Auditor
Jamie Ilton - Assistant Auditor
Claudia Schiffer - Specialist Auditor
Sally Wray-McCann - ASQA Advisor
Peter Douch - Document/system Control
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
Resources: PPE as required
ISO 9001:2016 Quality management systems – requirements
Morning Break
10.15 – 10.30
Jacqui Crafter - Lead Auditor
Jamie Ilton - Assistant Auditor
Claudia Schiffer - Specialist Auditor
Sally Wray-McCann - ASQA Advisor
Peter Douch - Document/system Control
Tea and Coffee, cake, healthy options
Interviews
10.30 –11.30
Simon Smith - Business Owner (Founder)
Jacqui Crafter – Lead Auditor
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Reputation (5.1.1, 5.1.2, 5.2.1, 5.2.2, 5.3)
Political (5.1.1, 5.1.2, 5.2.2,5.3)
Economic (5.1.1, 5.1.2, 5.3)
Legislative (5.1.1, 5.1.2, 5.2.2)
Financial (5.1.1, 5.1.2, 5.2.1, 5.3)
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Staff Retention (5.1.1, 5.2.1, 5.2.2, 5.3)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
ASQA (5.1.1, 5.2.1, 5.2.2, 5.3)
10.30 – 11.30
Steven Sibley - Compliance Manager (Co-Founder)
Jamie Ilton – Assistant Auditor
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Legislative (5.1.1, 5.1.2, 5.2.2)
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
10.30 – 11.30
Patricia Prat - Operations Manager
Claudia Schiffer - Specialist Auditor
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Financial (5.1.1, 5.1.2, 5.2.1, 5.3)
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Staff Retention (5.1.1, 5.2.1, 5.2.2, 5.3)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
ASQA (5.1.1, 5.2.1, 5.2.2, 5.3)
Concurrent Interviews
11.30 – 1pm
Rebecca Right – Office Manager
Peter Douch – Document/system control
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
ASQA (5.1.1, 5.2.1, 5.2.2, 5.3)
11.30 – 1pm
Terry Troutback - Training Manager
Sally Wray-McCann – ASQA Advisor
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
ASQA (5.1.1, 5.2.1, 5.2.2, 5.3)
Lunch
1pm – 2pm
Sandwiches, options available for dietary requirements
Evidence Gathering
2 – 3.30
Simon Smith - Business Owner (Founder)
Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Terry Troutback - Training Manager
Jacqui Crafter - Lead Auditor
Jamie Ilton - Assistant Auditor
Claudia Schiffer - Specialist Auditor
Sally Wray-McCann - ASQA Advisor
Peter Douch - Document/system Control
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Reputation (5.1.1, 5.1.2, 5.2.1, 5.2.2, 5.3)
Political (5.1.1, 5.1.2, 5.2.2,5.3)
Economic (5.1.1, 5.1.2, 5.3)
Legislative (5.1.1, 5.1.2, 5.2.2)
Financial (5.1.1, 5.1.2, 5.2.1, 5.3)
Staff Retention (5.1.1, 5.2.1, 5.2.2, 5.3)
Access to RTO site, officers, other staff as required, software, files, policies and procedures
Afternoon Break
3.30 – 3.45
Jacqui Crafter - Lead Auditor
Jamie Ilton - Assistant Auditor
Claudia Schiffer - Specialist Auditor
Sally Wray-McCann - ASQA Advisor
Peter Douch - Document/system Control
Tea and coffee, cake, healthy options
Evidence Gathering
3.45 – 5 pm
Rebecca Right- Office Manager
Henry Hogan- HR Manager
Alison Allwell, Michael Carmichael, Willard Woo - Sydney Training Consultants
Joan Jolly, Beatrix Botter- Administration Officers
Lead Auditor: Jacqui Crafter Assistant Auditor: Jamie Ilton
Specialist Auditor: Claudia Schiffer
ASQA Advisor: Sally Wray-McCann
Document/system Control: Peter Douch
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
ASQA (5.1.1, 5.2.1, 5.2.2, 5.3)
Access to RTO site, officers, other staff as required, software, files, policies and procedures
DAY TWO
Evidence Gathering
9 – 10.30
Jacqui Crafter – Lead Auditor
Simon Smith – Business Owner (Founder)
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Reputation (5.1.1, 5.1.2, 5.2.1, 5.2.2, 5.3)
Political (5.1.1, 5.1.2, 5.2.2,5.3)
Economic (5.1.1, 5.1.2, 5.3)
Legislative (5.1.1, 5.1.2, 5.2.2)
Financial (5.1.1, 5.1.2, 5.2.1, 5.3)
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Staff Retention (5.1.1, 5.2.1, 5.2.2, 5.3)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
ASQA (5.1.1, 5.2.1, 5.2.2, 5.3)
Access to RTO site, officers, other staff as required, software, files, policies and procedures
9 – 10.30
Henry Hogan- HR Manager
Terry Troutback - Training Manager
Rebecca Right- Office Manager
Document/system Control: Peter Douch
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Reputation (5.1.1, 5.1.2, 5.2.1, 5.2.2, 5.3)
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Staff Retention (5.1.1, 5.2.1, 5.2.2, 5.3)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
ASQA (5.1.1, 5.2.1, 5.2.2, 5.3)
Access to RTO site, officers, other staff as required, software, files, policies and procedures
Morning Break
10.30 – 10.45
Tea and coffee, cake, healthy options
Compilation of Evidence
10.45 – 1 pm
Jacqui Crafter - Lead Auditor
Jamie Ilton - Assistant Auditor
Claudia Schiffer - Specialist Auditor
Sally Wray-McCann - ASQA Advisor
Peter Douch - Document/system Control
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Meeting Room and related amenities
IT Technology (PCs, printers, scanners, etc.)
Lunch
1pm – 1.30pm
Jacqui Crafter - Lead Auditor
Jamie Ilton - Assistant Auditor
Claudia Schiffer - Specialist Auditor
Sally Wray-McCann - ASQA Advisor
Peter Douch - Document/system Control
Sandwiches, options available for dietary requirements
Audit Findings
1.30 – 2.30pm
Jacqui Crafter - Lead Auditor
Jamie Ilton - Assistant Auditor
Claudia Schiffer - Specialist Auditor
Sally Wray-McCann - ASQA Advisor
Peter Douch - Document/system Control
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Meeting Room and related amenities
IT Technology (PCs, printers, scanners, etc.)
Access to Practica Prat- Operations Manager, as required for clarifications
Audit Conclusion
2.30 – 3pm
Jacqui Crafter - Lead Auditor
Jamie Ilton - Assistant Auditor
Claudia Schiffer - Specialist Auditor
Sally Wray-McCann - ASQA Advisor
Peter Douch - Document/system Control
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
ISO 9001:2016 Quality management systems – requirements
Meeting Room and related amenities
IT Technology (PCs, printers, scanners, etc.)
Access to Practica Prat- Operations Manager, as required for clarifications
Afternoon Break
3pm – 3.15pm
Tea and coffee, cake, healthy options
Exit Meeting
3.15 pm – 5pm
Jacqui Crafter - Lead Auditor
Jamie Ilton - Assistant Auditor
Claudia Schiffer - Specialist Auditor
Sally Wray-McCann - ASQA Advisor
Peter Douch - Document/system Control
Simon Smith - Business Owner (Founder)
Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Terry Troutback - Training Manager
Rebecca Right- Office Manager
Henry Hogan- HR Manager
Alison Allwell, Michael Carmichael, Willard Woo - Sydney Training Consultants
Joan Jolly, Beatrix Botter- Administration Officers
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
Resources:
Meeting Room and related amenities
IT Technology (PCs, printers, scanners, etc)
Software platforms, i.e. SIMS
Documentation:
Meeting template with required fields, i.e. – entry meeting Agenda items
Attendance records etc
ISO9001:2016 quality management systems – requirements
Previous Audit findings
RTO documentation – including but not limited to: TAS (Training and Assessment Strategy), TP (Training Package) requirements, validation outcomes, compliance reports etc)
Relevant P&Ps
Responsibilities and Action Plan Checklist
Who will do what? – Complete the following matrix using the appropriate persons found in your case study.
Action
Priority
*Order the stages from 1-6
(1= highest priority)
Responsibility (Audit team, Auditee or an individual) Full Name and Job Title if an individual
What documentation or information is required?
Preparation
Review relevant QMS documents and records
1
Lead Auditor – Jacqui Crafter
QMS documentation
Org chart
Audit checklist
ISO 9001:2016 Quality Management Systems – Requirements Clause 5
Determine their adequacy with respect to the audit criteria
Lead Auditor – Jacqui Crafter
ISO 9001:2016 Quality Management Systems – Requirements
Clause 5
Audit Checklist
Verification record (e.g. Register of staff)
Review relevant requirements of ISO 9001:2016
The A Team Auditors
Compliance Matrix
Review and prepare the audit checklist
The A Team Auditors
ISO 9001:2016 Quality Management Systems – Requirements Clause 5
Audit Checklist
Arrange audit appointment
Lead Auditor – Jacqui Crafter
Email
Audit
Sample and observe necessary process inputs/outputs
3
The A Team Auditors
Audit Checklist
Verification documents
Record objective evidence to verify process compliance
The A Team Auditors
Audit Checklist
Verification documents
Generate and record audit findings
The A Team Auditors
Audit Checklist
Audit Report
Review
Consider and act upon audit findings during Management Review
4
Lead Auditor – Jacqui Crafter
Patricia Prat – Operations Manager
Audit Report
Non-conformances and Corrective Actions
Use the audit report to promote best practice
Patricia Prat – Operations Manager
Email
Management review meeting
Ensure status of corrective actions and non-conformances communicated to the QMR
Lead Auditor – Jacqui Crafter
Email
Management review meeting
Provide feedback on the audit process
Lead Auditor – Jacqui Crafter
Patricia Pratt – Operations Manager
Exit Meeting
Draft Report
Reporting
Review audit conclusions
6
Lead Auditor – Jacqui Crafter
Patricia Pratt – Operations Manager
Audit report
Non-conformance and Corrective Actions
Identify trends
Lead Auditor – Jacqui Crafter
Non-conformance and Corrective Actions
Make recommendations for improvement
Patricia Pratt – Operations Manager
Email
Management review meeting
Finalise audit report
Lead Auditor – Jacqui Crafter
Draft audit report
Audit records (i.e. Non-conformances and Corrective actions, checklists, registers etc)
Issue audit report to Top Management
Lead Auditor – Jacqui Crafter
Final report
Planning
Establish and communicate audit schedule
2
Lead Auditor – Jacqui Crafter
Email
Audit Plan
Establish and implement the audit plan
Lead Auditor – Jacqui Crafter
ISO 9001:2016 Quality management systems – requirements Clause 5
SSS QMS documentation
Appoint the audit team leader where required
FORMTEXT Lead Auditor – Jacqui Crafter
Introduction email
Select the audit team
Lead Auditor – Jacqui Crafter
The A Team Auditing team – Audit Schedule
Assign audit duties to the auditor
Lead Auditor – Jacqui Crafter
The A Team Auditing team – Audit Schedule
Exit meeting
Decide whether any non-conformance observed should be included in correction reports or whether they can be solved immediately
5
Lead Auditor – Jacqui Crafter
Audit records (i.e. Non-conformances and Corrective Actions, checklists, registers etc)
Non-conformances and Corrective actions
Minor areas of non-conformance are taken care of immediately, while a conclusion for the audit as a whole is written down
The A Team Auditors
Audit checklist
Non-conformances and Corrective actions
An audit report is prepared which is examined together with the manager responsible for the area in question
Lead Auditor – Jacqui Crafter
With assistance from The A Team Auditors
NCR (Non-conformances and Corrective actions) review
Meeting
Corrective actions are reviewed by the manager responsible and close out action is agreed upon
Lead Auditor – Jacqui Crafter
Patricia Prat – Operations Manager
Meeting
Validation Reports
The audit leader and responsible manager sign off audit report
Lead Auditor – Jacqui Crafter
Patricia Prat – Operations Manager
Signed Audit Report
The reports are given to the QMR & the responsible manager
Lead Auditor – Jacqui Crafter
Patricia Prat – Operations Manager
Email
Risk Management- Identification
Conduct a risk assessment to identify and manage risks to the audit team (minimum 2) and audit process (minimum 2).
Note: The risk score may be used to aid decision making and help in deciding what action to take in view of the overall risk. How the risk score is derived can be seen from the sample risk matrix (attached below).
Risk
Explanation
Likelihood
Consequence
Risk Score
Audit Team
Uneven surface
Electrical cords left uncontrolled on training room floors
Almost Certain
4- Major
E- Extreme Risk
A4- Extreme risk
Audit Team
Stairwell safety
Wide stairwell with no handrail on wall side may be dangerous when persons are passing with no hand support
C - Possible
4- Major
H – High
C4 – High Risk
Incorrect storage of medication
Medication being stored in easily accessed kitchen fridge with general food stuffs
D – Unlikely
4 - Major
H – High
D4 – High Risk
Meeting room ventilation
Meeting room without suitable ventilation creating buildup of stale air and toxins
C – Possible
2 - Minor
M – Moderate
C2–Medium Risk
Fire door access/security
Items blocking fire doors
B-likely
3 – Moderate
H – High
B3 – High Risk
Untrained Fire Warden
Insufficient or non-existence of fire warden training
C – Possible
4 – Major
H – High
C4 – High Risk
Working in heat
Trainers and trainees working in the heat without scheduled breaks and hydration
C - Possible
3- Moderate
H – High
C3-Medium Risk
Lack of appropriate training
Trainer/assessors not appropriately qualified and lack relevant vocational experience related to what they are training
C - Possible
4 - Major
H – High
C4 – High Risk
Power Failures
Working in unsafe conditions which may include reduced light or darkness
D - Unlikely
2 – Minor
M - Moderate
D2 – Medium Risk
Risk Management- Action Plan
Complete the action plan below for the 4 hazards and risks identified above
Initial Risk
e.g. A2 – High
Control Options/Actions Required
(Hierarchy of Control)
Responsibility
(Full name and title)
Expected date for closure
(dd-mm-yy)
Residual Risk Score
e.g. C3 - Moderate
C4 – High Risk
Hand rail to be installed
Rebecca Right- Office Manager
20/09/2019
E4 - Medium Risk
D4 – High Risk
Storage of personal mediation to be discussed and finalised with Office Manager. Personal mediation not to be stored in staff kitchen fridge. Personal mediation, if fridge storage required, will be stored in small non-food stuffs fridge in Office Managers controlled work station
Rebecca Right- Office Manager
23/08/2019
E4 - Medium Risk
C2 - Medium Risk
Windows to be opened to allow natural ventilation if weather allows. Air-conditioning system to be maintained as per manufacturers guideline.
A team Auditors when in room. Rebecca Right- Office Manager for AC maintenance.
19/08/2019
E2- Low Risk
B3 – High Risk
Remove all items stored in front of fire doors. Email to all staff responsibility of safe egress in fire and storage of items. Office cleaning to include clear fire door access
Rebecca Right- Office Manager for AC maintenance.
19/08/19
E3 Medium Risk
C4 – High Risk
Appropriated trained and authorised fire wardens, Conduct fire warden meetings and evacuation practical’s
Rebecca Right- Office Manager
20/09/19
E4 - Medium Risk
C3- Medium Risk
Develop Hydration policy, schedule regular breaks, prove hydration (e.g. water), work in an air-conditioned environment
Patricia Prat – Operations Manager
20/09/19
E3- Medium Risk
C4 – High Risk
Prove training for assessors, introduce management systems to ensure assessors authorisations and competencies are kept current
Patricia Prat – Operations Manager
20/09/19
E4- Medium Risk
D2 – Medium Risk
Maintain and service emergency lighting, have battery back systems available
M – Medium risk – specify management responsibility
L – Low risk – manage by routine procedures
High or Extreme risks must be reported to Senior Management and require detailed treatment plans to reduce the risk to Low or Medium.
People
Injuries or ailments not requiring medical treatment.
Minor injury or First Aid Treatment Case.
Serious injury causing hospitalisation or multiple medical treatment cases.
Life threatening injury or multiple serious injuries causing hospitalisation.
Death or multiple life threatening injuries.
Reputation
Internal Review
Scrutiny required by internal committees or internal audit to prevent escalation.
Scrutiny required by external committees or ACT Auditor General’s Office, or inquest, etc.
Intense public, political and media scrutiny. Eg: front page headlines, TV, etc.
Assembly inquiry or Commission of inquiry or adverse national media.
Business Process & Systems
Minor errors in systems or processes requiring corrective action, or minor delay without impact on overall schedule.
Policy procedural rule occasionally not met or services do not fully meet needs.
One or more key accountability requirements not met. Inconvenient but not client welfare threatening.
Strategies not consistent with Government’s agenda. Trends show service is degraded.
Critical system failure, bad policy advice or ongoing non-compliance. Business severely affected.
Financial
1% of Budget or <$5K
2.5% of Budget or <$50K
> 5% of Budget or <$500K
> 10% of Budget or <$5M
>25% of Budget or >$5M
Insignificant
Minor
Moderate
Major
Catastrophic
Probability:
Historical:
1
2
3
4
5
Likelihood
>1 in 10
Is expected to occur in most circumstances
A
Almost Certain
M
H
H
E
E
1 in 10 - 100
Will probably occur
B
Likely
M
M
H
H
E
1 in 100 – 1,000
Might occur at some time in the future
C
Possible
L
M
M
H
E
1 in 1,000 – 10,000
Could occur but doubtful
D
Unlikely
L
M
M
H
H
1 in 10,000 – 100,000
May occur but only in exceptional circumstances
E
Rare
L
L
M
M
H
Adapted from Standards Australia Risk Management AS/NZS 31000:2009
Exit Meeting
Summarise the purpose of the exit meeting and provide a list of topics you would discuss.
Purpose
Topics
The scope of the audit was to evaluate the effectiveness of SSS RTO operating matrix includingSSS ability to seek and obtain ISO 9001:2016 QMS accreditation and expansion to WA.
To communicate audit results (in draft) and receive feedback from Patricia Prat – Operations Manager
SSS RTO will be given the opportunity to comment and request explanation or changes to the draft. Note: SSS will need to provideevidencewith request for change to draft audit. SSS with have five working days post exit meetingto prove comments and requests.
The Non-conformances and Corrective Actions that were identified will be explained and provided to Patricia Prat – Operations Manager.
Post exit meeting, Patricia Prat – Operations Manager will have ten working days to respond verifying the results of the Non-conformances and Corrective Actions
On receipt of this information the final Audit Report will be provided for acceptance. SSS to acknowledge in writing to A Team Auditors of acceptance of final audit documentation.
Our exit meeting adheres to the below:
ISO 9001:2016 Quality management systems
Clause: 5 - Leadership
Management shall demonstrate leadership and commitment with respect to the quality management system by taking into account the effectiveness ensuring that the quality policy and quality objectives are established.
Introductions
Attendance and thank you to all involved
Scope
Criteria
Non-conformances and Corrective Actions
Findings
Conclusion
Daft Report
Minutes of meetings
Action items from exit meeting
N/A
Performance Meeting
Describe the strategies you will use to monitor performance for the Auditee (a) and the auditor (b) to ensure support for performance outcomes
Group
Strategies
A) Auditee
SSS RTO
Quality communication (Open and honest information)
Clear instruction on Audit requirements
Fit for purpose documentation and policy/procedure development
Non-conformances and Corrective Actions completed/actioned
Audit recommendations followed up and actioned
Progressive business model of expansion into WA
Actively seeking the ability to secure accreditation for ISO 9001:2016 QMS
B) Auditor
The A Team Auditing
Concise and focused information/questions and answers
Documented understanding from auditees
Fit for purpose documentation that understood by auditees
Competent and Qualified team
Time Management
Quality and timely communication
Focus on the processes not individual auditees
Actively listening
Understandable paraphrasing
Be objective always
Be empathetic and respectful
Use positive body language
Adaptability/changeability
All actions pre-planned
Feedback from auditees
Acceptance of audits by auditees
Conflict resolution
Follow-Up Procedures
Policy/procedure writing and reviewing skill enhancement, team building exercises, follow up review of audit outcomes, follow up on success of obtaining ISO certification, close out post audit team review, performance coaching, document control review, Non-conformances and Corrective Actions review, follow up on any actions and close out, review document/company security control and privacy processes not compromised
Approvals
The signatures below certify that this audit plan has been reviewed and accepted and demonstrates that the signatories are aware of all the requirements contained herein and are committed to ensuring their provision. Please note- approvals are only to be signed once final approval has been made.
Name
Signature
Position
Date
Prepared by:
Jacqui Crafter
Jacqui Crafter
Lead Auditor
06/09/19
Reviewed by:
Jamie Ilton
Jamie Ilton
Assistant Auditor
06/09/19
Approved by:
Peter Douch
Peter Douch
Document/system Control
06/09/19
Activity 1.3(b) Develop an Audit Plan
Learners are required to complete the following template: All components of the template must be completed, including fictional details, i.e. names.
Audit plan 2
General Information
Date:
22/06/19
Auditee Company Name:
Jamie jack Auditing Co
Auditee Representative:
Jamie Ilton
Location
Melbourne
Audit Requirement
SSS is looking to expand into the western states within a year and this will require more staff to service a growing customer base.
Patricia has identified that if SSS do not comply with internal audits completed and need to understand what are the “at risk” business practices or failings within SSS. Not understanding and then implementation of controls may put SSS’s reputation at risk and force possible closure.
Scope and Objectives
Scope
To complete an external audit on SSS with AS/NZS ISO 9001;2016 QMS section 5 Leadership
Audit Objectives
Requirements needed to help achieve ISO 9001:2016 accreditation Build rapport and image across and into new and sites
Strengthen image within current SSS footprint
Understand how to develop strong marketing/ advertising properties
Assist in complying with ASQA and their processes
Understand and build on SSS management systems
Assist with staff understanding of SSS systems and improving productivity
Audit Team Matrix
Member
Name
Responsibility
Required Skills
Audit Team Leader
Jacqui Crafter
Lead Auditor
Microsoft office, VET degree, 30 experience in auditing, TAE qualified
Audit Team
Jamie Ilton
Assistant Auditor
Microsoft office, VET Cert IV, 10 yrs. audit experience
Sally Wray-McCann
ASQA Advisor
Microsoft office, in depth knowledge of ASQA standards, VET degree
Claudia Schiffer
Specialist Advisor
Microsoft office, RTO 15 years’ experience, Communications Degree
Additional Personnel
Identify a minimum of 4 additional personnel that could join the auditor’s team to assist the audit
Activity
Responsibility/Requirements
Required Skills
Required Knowledge
Accountant
Financial Advice
Financial management
Audit experience
CPA
Legal advisor/solicitor
Legal Advice
Member of the Law Society
Legal qualifications and certification
Law
ASQA
RTO Compliance Advice
and the Standards 2015
Knowledge of RTO workings and compliance
RTO SME
RTO Subject Matter Expert
Previous audits and compliance
Knowledge of RTO workings and compliance
Privacy and Confidentiality
You must clarify the privacy and confidentiality agreements outlined in pre-discussion audit proposals
Adhere to Privacy and Confidentiality Legislation 1998
SSS’s Privacy and Confidentiality P & P to be provided by Patricia Prat – Operations Manager – needs to be developed by Compliance Manager
Audit findings privately maintained. Sensitive info is defined as data that is protected or needs to be protected against unjustified disclosure
Auditing team to sign a privacy and confidentiality agreement
Our auditing team shall not disclose information to any person during or after the audit has occurred without prior approval from SSS
Distribution of Reports
Audit report to be submitted via Drop box to SSS’s CEO & Ops Mgr. for action one week after conclusion of audit. SSS Ops Mgr. must acknowledge receipt of report within 24 hours
SSS CEO & Ops Mgr. to submit responses to audit report one week from receipt of audit report via Drop box
Jxxxxti submit final audit report to SSS CEO within one week via Dropbox
Reporting Criteria
All reports to be formatted against standards and organizational requirements.
All reports to be stored securely on SSS & Jxxxx servers, backed-up securely
Verified for grammatical and spelling & content errors
Contingency Actions
1.
Staff attitude
2.
Staff availability
3.
Lack of understanding of key staff of auditing requirements
4.
Time constraints
Continuous Improvement
Organization
Employees
SSS RTO
As per Standards for RTOs 2015 – PD registered up to date and aligned with Quals on scope.
Jxxxxxxx
Update audit tools to maintain currency to AS/NZS 9001:2016
SIMS
Up-to-date with current SMS AVETMISS/ASQA requirements
Audit Method and Sampling Techniques
You must clarify the audit methods and sampling techniques outlined in pre-discussion audit proposals
Initial email and letter
Entry meeting
Face-to-face interviews
Consultations
Random sampling of documentation
Pre-audit documentation review
Practical demonstrations
Exit meeting
Audit Schedule
Identify auditee personnel that you will be required to interview throughout the audit. Include the meeting/interview type, participants, resources and topics that you will discuss.
Type
Allocated Time
Participants
Topics
Resources/documentation
E.g. Entry Meeting
9-00-9.30
Who from the auditee team will be involved in meeting & who from the audit team.
Full name and titles of all involved
ISO9001: Clause 4.2 (Documentation requirements)
ISO9001:2016
Quality Assurance Manual
Documentary Evidence- Policies and procedures
Entry meeting
9am – 9.30am
All members of the JDxxx Auditor team
SSS staff
As per agenda
Audit Plan
Audit schedule
Meeting Room
Audit Team PCs
Data projector
Agenda
Audit Plan & Schedule
Attendance and Meeting Records
Site inspection and induction
9.30am – 10am
All members of JD… Auditor team, Henry Hogan and Patricia Prat
SSS Induction process
SSS induction form
PPE
Face-to-face interviews
10.30am – 11.30am
Simon Smith, Steven Sibley and Patricia Prat with Muditha Senanayake – Lead Auditor;
Henry Hogan, HR, with Fleur Limpus - Assistant Auditor (HR);
Terry Troutback with Brenda Stocks - Assistant Auditor (OH&S)
ISO9001:2016 Sect 6
Audit Plan
Audit schedule
Meeting rooms x 4
Audit Team Pcs
SSS PCs
SIMs software
QMS documentation
RTO doc
Previous audits
P & P
CI documentation
Incident Report & Reg
Complaints P & P & Reg
Risk Mgmnt P & P , register,
Matrix
Most recent set of financial reports
Marketing & promotional mats
WHS P & P
HR doc
Minutes of mtgs
Bus Plan
Face-to-face interviews
11.30am – 12.30pm
Simon Smith, Steven Sibley withJason Watson – Assistant Auditor (Financial)
Patricia Prat with Darren Linkins - Assistant Auditor (Operations)
ISO9001:2016 Sect 6
Audit Plan
Audit schedule
Meeting Rooms x 2
Annual Report
Monthly stats
Meeting rooms x 4
Audit Team Pcs
SSS PCs
SIMs software
QMS documentation
RTO doc
Previous audits
P & P
CI documentation
Incident Report & Reg
Complaints P & P & Reg
Risk Mgmnt P & P , register,
Matrix
Most recent set of financial reports
Marketing & promotional mats
WHS P & P
HR doc
Minutes of mtgs
Bus Plan
Lunch
12:30pm – 1:00pm
Gather Evidence
1:00pm – 4:00pm
Muditha Senanayake – Lead Auditor
Terry Troutback Training Manager
•Jason Watson – Assistant Auditor (Financial)
Simon Smith - CEO
•Fleur Limpus - Assistant Auditor (HR)
Henry Hogan – HR Manager
•
Patricia Prat– Operatins Mngr
•Brenda Stocks - Assistant Auditor (OH&S)
Steven Sibley – Compliance Mngr
ISO9001:2016 Sect 6
Audit Plan
Audit schedule
Meetings x 5
Auditor Pcs
RTO Doc
SIMS
Financial P & P
Financial Reports
Audit Reports
RTO Financial Viability Assess
Bus Plan
Accounting system
Annual Report
HR P & P, PDs, Performance Reviews, Staff Induction Manual, Professional Devlpt log, Projects,
All P & Ps, QMS,
All P & Ps
QMS
Audit Reports
Business Plan
Marketing materials including website
End of Day Audit Team Meeting
4:00pm -4:30pm
Audit Team
ISO9001:2016 Sect 6
Audit Plan
Audit schedule
Meeting Room
Auditor PC
All findings
Day 2
Day 2 Audit Meeting
09:00am- 9:30am
Audit Team
SSS staff
ISO9001:2016 Sect 6
Audit Plan
Audit schedule
Meeting Room
Agenda
Audit Schedule
Evidence GISO 9001:2016 – Clauses….
athering
09:30am-12:30pm
Muditha Senanayake – Lead Auditor
Patricia Prat - Operations
•Jason Watson – Assistant Auditor (Financial)
Rebecca Right -
•Fleur Limpus - Assistant Auditor (HR)
Joan Jolly
•Darren Linkins - Assistant Auditor (Operations)
Beatrix Botter
•Brenda Stocks - Assistant Auditor (OH&S)
Allison Allwell
Michael Carmichael
Willard Woo
ISO9001:2016 Sect 6
Audit Plan
Audit schedule
Meeting rooms x
Auditor PC
Sample of P& P
Meeting Records
ISO 9001:2016 – Clauses….
Financial P & P
Financial Reports
Audit Reports
RTO Financial Viability Assess
Bus Plan
Accounting system
Annual Report
ISO 9001:2016
HR P & P, PDs, Performance Reviews, Staff Induction Manual, Professional Devlpt log, Projects,
ISO 9001:2016 – Clauses….
ISO 9001:2016 – Clauses….
ISO 9001:2016 – Clauses….
Lunch
12:30pm-1:00pm
Report Writing
1:00pm-3:00pm
Audit Team
ISO9001:2016 Sect 6
Audit Plan
Audit Checklist
Audit schedule
Meeting Room
Auditor PCs
Findings
Photocopier
Exit Meeting
3:00pm-4:30pm
Audit Team
SSS Team Leaders
ISO9001:2016 Sect 6
Audit Plan
Audit schedule
Meeting Room
Data projector
Draft Report (hard copy)
Photocopier
Responsibilities and Action Plan Checklist
Who will do what? – Complete the following matrix using the appropriate persons found in your case study.
Action
Priority
*Order the stages from 1-6
(1= highest priority)
Responsibility (Audit team, Auditee or an individual) Full Name and Job Title if an individual
What documentation or information is required?
Preparation
Review relevant QMS documents and records
1
Lead Auditor – Jacqui Crafter
QMS documentation
Org chart
Audit checklist
ISO 9001:2016 Quality Management Systems – Requirements Clause 5
Determine their adequacy with respect to the audit criteria
Lead Auditor – Jacqui Crafter
ISO 9001:2016 Quality Management Systems – Requirements
Clause 5
Audit Checklist
Verification record (e.g. Register of staff)
Review relevant requirements of ISO 9001:2016
The A Team Auditors
Compliance Matrix
Review and prepare the audit checklist
The A Team Auditors
ISO 9001:2016 Quality Management Systems – Requirements Clause 5
Audit Checklist
Arrange audit appointment
Lead Auditor – Jacqui Crafter
Email
Audit
Sample and observe necessary process inputs/outputs
3
The A Team Auditors
Audit Checklist
Verification documents
Record objective evidence to verify process compliance
The A Team Auditors
Audit Checklist
Verification documents
Generate and record audit findings
The A Team Auditors
Audit Checklist
Audit Report
Review
Consider and act upon audit findings during Management Review
4
Lead Auditor – Jacqui Crafter
Patricia Prat – Operations Manager
Audit Report
Non-conformances and Corrective Actions
Use the audit report to promote best practice
Patricia Prat – Operations Manager
Email
Management review meeting
Ensure status of corrective actions and non-conformances communicated to the QMR
Lead Auditor – Jacqui Crafter
Email
Management review meeting
Provide feedback on the audit process
Lead Auditor – Jacqui Crafter
Patricia Pratt – Operations Manager
Exit Meeting
Draft Report
Reporting
Review audit conclusions
6
Lead Auditor – Jacqui Crafter
Patricia Pratt – Operations Manager
Audit report
Non-conformance and Corrective Actions
Identify trends
Lead Auditor – Jacqui Crafter
Non-conformance and Corrective Actions
Make recommendations for improvement
Patricia Pratt – Operations Manager
Email
Management review meeting
Finalise audit report
Lead Auditor – Jacqui Crafter
Draft audit report
Audit records (i.e. Non-conformances and Corrective actions, checklists, registers etc)
Issue audit report to Top Management
Lead Auditor – Jacqui Crafter
Final report
Planning
Establish and communicate audit schedule
2
Lead Auditor – Jacqui Crafter
Email
Audit Plan
Establish and implement the audit plan
Lead Auditor – Jacqui Crafter
ISO 9001:2016 Quality management systems – requirements Clause 5
SSS QMS documentation
Appoint the audit team leader where required
FORMTEXT Lead Auditor – Jacqui Crafter
Introduction email
Select the audit team
Lead Auditor – Jacqui Crafter
The A Team Auditing team – Audit Schedule
Assign audit duties to the auditor
Lead Auditor – Jacqui Crafter
The A Team Auditing team – Audit Schedule
Exit meeting
Decide whether any non-conformance observed should be included in correction reports or whether they can be solved immediately
5
Lead Auditor – Jacqui Crafter
Audit records (i.e. Non-conformances and Corrective Actions, checklists, registers etc)
Non-conformances and Corrective actions
Minor areas of non-conformance are taken care of immediately, while a conclusion for the audit is written down
The A Team Auditors
Audit checklist
Non-conformances and Corrective actions
An audit report is prepared which is examined together with the manager responsible for the area in question
Lead Auditor – Jacqui Crafter
With assistance from The A Team Auditors
NCR (Non-conformances and Corrective actions) review
Meeting
Corrective actions are reviewed by the manager responsible and close out action is agreed upon
Lead Auditor – Jacqui Crafter
Patricia Prat – Operations Manager
Meeting
Validation Reports
The audit leader and responsible manager sign off audit report
Lead Auditor – Jacqui Crafter
Patricia Prat – Operations Manager
Signed Audit Report
The reports are given to the QMR & the responsible manager
Lead Auditor – Jacqui Crafter
Patricia Prat – Operations Manager
Email
Risk Management- Identification
Conduct a risk assessment to identify and manage risks to the audit team (minimum 2) and audit process (minimum 2).
Note: The risk score may be used to aid decision making and help in deciding what action to take in view of the overall risk. How the risk score is derived can be seen from the sample risk matrix (attached below).
Risk
Explanation
Likelihood
Consequence
Risk Score
Audit Team
Uneven surface
Electrical cords left uncontrolled on training room floors
Almost Certain
4- Major
E- Extreme Risk
A4- Extreme risk
Audit Team
Stairwell safety
Wide stairwell with no handrail on wall side may be dangerous when persons are passing with no hand support
C - Possible
4- Major
H – High
C4 – High Risk
Incorrect storage of medication
Medication being stored in easily accessed kitchen fridge with general food stuffs
D – Unlikely
4 - Major
H – High
D4 – High Risk
Meeting room ventilation
Meeting room without suitable ventilation creating build up of stale air and toxins
C – Possible
2 - Minor
M – Moderate
C2 – Medium Risk
Fire door access/security
Items blocking fire doors
B-likely
3 – Moderate
H – High
B3 – High Risk
Untrained Fire Warden
Insufficient or non-existence of fire warden training
C – Possible
4 – Major
H – High
C4 – High Risk
Working in heat
Trainers and trainees working in the heat without scheduled breaks and hydration
C - Possible
3- Moderate
H – High
C3-Medium Risk
Lack of appropriate training
Trainer/assessors not appropriately qualified and lack relevant vocational experience related to what they are training
C - Possible
4 - Major
H – High
C4 – High Risk
Power Failures
Working in unsafe conditions which may include reduced light or darkness
D - Unlikely
2 – Minor
M - Moderate
D2 – Medium Risk
Risk Management- Action Plan
Complete the action plan below for the 4 hazards and risks identified above
Initial Risk
e.g. A2 – High
Control Options/Actions Required
(Hierarchy of Control)
Responsibility
(Full name and title)
Expected date for closure
(dd-mm-yy)
Residual Risk Score
e.g. C3 - Moderate
C4 – High Risk
Hand rail to be installed
Rebecca Right- Office Manager
20/09/2019
E4 - Medium Risk
D4 – High Risk
Storage of personal mediation to be discussed and finalised with Office Manager. Personal mediation not to be stored in staff kitchen fridge. Personal mediation, if fridge storage required, will be stored in small non-food stuffs fridge in Office Managers controlled work station
Rebecca Right- Office Manager
23/08/2019
E4 - Medium Risk
C2 - Medium Risk
Windows to be opened to allow natural ventilation if weather allows. Air-conditioning system to be maintained as per manufacturers guideline.
A team Auditors when in room. Rebecca Right- Office Manager for AC maintenance.
19/08/2019
E2- Low Risk
B3 – High Risk
Remove all items stored in front of fire doors. Email to all staff responsibility of safe egress in fire and storage of items. Office cleaning to include clear fire door access
Rebecca Right- Office Manager for AC maintenance.
19/08/19
E3 Medium Risk
C4 – High Risk
Appropriated trained and authorised fire wardens, Conduct fire warden meetings and evacuation practical’s
Rebecca Right- Office Manager
20/09/19
E4 - Medium Risk
C3- Medium Risk
Develop Hydration policy, schedule regular breaks, prove hydration (e.g. water), work in an air-conditioned environment
Patricia Prat – Operations Manager
20/09/19
E3- Medium Risk
C4 – High Risk
Prove training for assessors, introduce management systems to ensure assessors authorisations and competencies are kept current
Patricia Prat – Operations Manager
20/09/19
E4- Medium Risk
D2 – Medium Risk
Maintain and service emergency lighting, have battery back systems available
M – Medium risk – specify management responsibility
L – Low risk – manage by routine procedures
High or Extreme risks must be reported to Senior Management and require detailed treatment plans to reduce the risk to Low or Medium.
People
Injuries or ailments not requiring medical treatment.
Minor injury or First Aid Treatment Case.
Serious injury causing hospitalisation or multiple medical treatment cases.
Life threatening injury or multiple serious injuries causing hospitalisation.
Death or multiple life-threatening injuries.
Reputation
Internal Review
Scrutiny required by internal committees or internal audit to prevent escalation.
Scrutiny required by external committees or ACT Auditor General’s Office, or inquest, etc.
Intense public, political and media scrutiny. E.g.: front page headlines, TV, etc.
Assembly inquiry or Commission of inquiry or adverse national media.
Business Process & Systems
Minor errors in systems or processes requiring corrective action, or minor delay without impact on overall schedule.
Policy procedural rule occasionally not met, or services do not fully meet needs.
One or more key accountability requirements not met. Inconvenient but not client welfare threatening.
Strategies not consistent with Government’s agenda. Trends show service is degraded.
Critical system failure, bad policy advice or ongoing non-compliance. Business severely affected.
Financial
1% of Budget or <$5K
2.5% of Budget or <$50K
> 5% of Budget or <$500K
> 10% of Budget or <$5M
>25% of Budget or >$5M
Insignificant
Minor
Moderate
Major
Catastrophic
Probability:
Historical:
1
2
3
4
5
Likelihood
>1 in 10
Is expected to occur in most circumstances
A
Almost Certain
M
H
H
E
E
1 in 10 - 100
Will probably occur
B
Likely
M
M
H
H
E
1 in 100 – 1,000
Might occur at some time in the future
C
Possible
L
M
M
H
E
1 in 1,000 – 10,000
Could occur but doubtful
D
Unlikely
L
M
M
H
H
1 in 10,000 – 100,000
May occur but only in exceptional circumstances
E
Rare
L
L
M
M
H
Adapted from Standards Australia Risk Management AS/NZS 31000:2009
Exit Meeting
Summarise the purpose of the exit meeting and provide a list of topics you would discuss.
Purpose
Topics
The scope of the audit was to evaluate the effectiveness of SSS RTO operating matrix including SSS ability to seek and obtain ISO 9001:2016 QMS accreditation and expansion to WA.
To communicate audit results (in draft) and receive feedback from Patricia Prat – Operations Manager
SSS RTO will be given the opportunity to comment and request explanation or changes to the draft. Note: SSS will need to provide evidence with request for change to draft audit. SSS with have five working days post exit meetingto prove comments and requests.
The Non-conformances and Corrective Actions that were identified will be explained and provided to Patricia Prat – Operations Manager.
Post exit meeting, Patricia Prat – Operations Manager will have ten working days to respond verifying the results of the Non-conformances and Corrective Actions
On receipt of this information the final Audit Report will be provided for acceptance. SSS to acknowledge in writing to A Team Auditors of acceptance of final audit documentation.
Our exit meeting adheres to the below:
ISO 9001:2016 Quality management systems
Clause: 5 - Leadership
Management shall demonstrate leadership and commitment with respect to the quality management system by taking into account the effectiveness ensuring that the quality policy and quality objectives are established.
Introductions
Attendance and thank you to all involved
Scope
Criteria
Non-conformances and Corrective Actions
Findings
Conclusion
Daft Report
Minutes of meetings
Action items from exit meeting
Performance Meeting
Describe the strategies you will use to monitor performance for the Auditee (a) and the auditor (b) to ensure support for performance outcomes
Group
Strategies
A) Auditee
SSS RTO
Quality communication (Open and honest information)
Clear instruction on Audit requirements
Fit for purpose documentation and policy/procedure development
Non-conformances and Corrective Actions completed/actioned
Audit recommendations followed up and actioned
Progressive business model of expansion into WA
Actively seeking the ability to secure accreditation for ISO 9001:2016 QMS
B) Auditor
The A Team Auditing
Concise and focused information/questions and answers
Documented understanding from auditees
Fit for purpose documentation that understood by auditees
Competent and Qualified team
Time Management
Quality and timely communication
Focus on the processes not individual auditees
Actively listening
Understandable paraphrasing
Be objective always
Be empathetic and respectful
Use positive body language
Adaptability/changeability
All actions pre-planned
Feedback from auditees
Acceptance of audits by auditees
Conflict resolution
Follow-Up Procedures
Policy/procedure writing and reviewing skill enhancement, team building exercises, follow up review of audit outcomes, follow up on success of obtaining ISO certification, close out post audit team review, performance coaching, document control review, Non-conformances and Corrective Actions review, follow up on any actions and close out, review document/company security control and privacy processes not compromised
Approvals
The signatures below certify that this audit plan has been reviewed and accepted and demonstrates that the signatories are aware of all the requirements contained herein and are committed to ensuring their provision. Please note- approvals are only to be signed once final approval has been made.
Name
Signature
Position
Date
Prepared by:
Jacqui Crafter
Jacqui Crafter
Lead Auditor
06/09/19
Reviewed by:
Jamie Ilton
Jamie Ilton
Assistant Auditor
06/09/19
Approved by:
Peter Douch
Peter Douch
Document/system Control
06/09/19
Activity 1.4 Prepare Audit Team
Instructions for Learners:
Now that you have prepared the audit plan and other relevant audit materials, you will need to consult with, and prepare your audit team.
When preparing your audit team, you need to ensure you:
Inform audit team members of their responsibilities, audit objectives and scope
Communicate the audit plan and schedule, using appropriate communication methods for team members
Discuss and clarify audit methods, techniques and resources with team members as required
Outline performance management outcomes, outputs, key performance indicators and goals for the team
Support that you as the lead auditor will provide to your team during the audit
Checklist ensuring all areas of the audit have been addressed and communicated to audit team
Ensure all members of the audit team agree to the requirements of the audit
Instructions for Learners:
Using one (1) of the audit plans developed in Activity 1.5 (a) or (b), use the template below, to show how you will prepare your audit team.
Where providing a work sample for this activity, please ensure a third party report is provided for the document.
Audit Team Preparation
Date:
19/08/2019
Auditee Organisation Name:
SSS RTO
Auditee:
Simon Smith - Business Owner (Founder)
Auditee Representative:
Patricia Prat - Operations Manager
Audit Scope and Objectives
Scope:
ISO 9001:2016 Clause 5 Leadership
Reputation (5.1.1, 5.1.2, 5.2.1, 5.2.2, 5.3)
Political (5.1.1, 5.1.2, 5.2.2,5.3)
Economic (5.1.1, 5.1.2, 5.3)
Legislative (5.1.1, 5.1.2, 5.2.2)
Financial (5.1.1, 5.1.2, 5.2.1, 5.3)
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Staff Retention (5.1.1, 5.2.1, 5.2.2, 5.3)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
ASQA (5.1.1, 5.2.1, 5.2.2, 5.3)
Audit Objectives:
Requirements needed to help achieve ISO 9001:2016 accreditation Build rapport and image across and into new and sites
Strengthen image within current SSS footprint
Understand how to develop strong marketing/ advertising properties
Assist in complying with ASQA and their processes
Understand and build on SSS management systems
Assist with staff understanding of SSS systems and improving productivity
Lead Auditor:
Name of Auditor
Roles and Responsibilities
Jacqui Crafter
Audit team and timeline management/ Audit and document control
Auditor(s)
Team Member
Roles and Responsibilities
Jamie Ilton
Assist in the entire audit processleader of Human Recourses processes
Claudia Schiffer
Assist in the entire audit process, leader of financial, economic and accountancy practices
Sally Wray-McCann
Assist in the entire audit process, leader in OHS/WHS principles
Peter Douch
Assist in the entire audit process, leader on operational processes
Instructions
Provide general instruction to your audit team to make them aware of the procedures for the audit.
Instructions (methods and techniques
The audit team will be supplied with the following documentation, which they have been inducted and trained in their use by Jacqui Crafter
Overarching Audit Plan
Audit scheduling tool
Company self-audit checklist
Company employee audit handbook
Audit Checklist (as per ISO 9001:2016 Quality management systems – requirements/leadership)
Risk assessment and control matrix
Resources (list)
Previous audit results, review and close out meeting outcomes,
Meeting facilities and related amenities
Audit team tools (PC, scans, software)
Audit plan
Audit schedule
Auditors checklists
Employee handbook
AS/NZS ISO9001:2016
Access to related Regulations, acts, guidelines and standards
Risk assessment and control matrix
Performance Management
Performance
Target
Action
KPI (Key Performance Indicator)
Audit
2 working days against ISO 9001:2016 quality management systems - requirements Clause 5 Leadership
Complete Audit Plan
Successful outcome of Audit findings
14 days
Final Report
Final Report completed
Audit Team
Complete100% of task as per audit plan
Achieve completion – error free
Complete by COB 20 August 2019 (2nd day of Audit)
Complete 100% of final audit report
Finalize and submit
Complete by COB Tuesday 5 September 2019
Audit Individual
100 % completed two days prior to audit start date
100% complete prior to exit meeting
Review completed within two working days after exiting meeting
Review SSS RTO documents as supplied
Completion of assigned tasks
Final review of audit tasks, corrections and changes completed as per action items from exit meeting
Email audit leader, review completed prior to Commenting audit process on Monday 19 August 2019
Completed Audit by
Wednesday 21 August 2019
Commence and 100% complete audit processes as per action
100% compliant document – formatted and technically/grammatically correct
Audit Leader prove review of audit performance
Support for Performance Management
What support must you (audit leader) provide to assist Individuals and Groups in achieving their KPI’s and other targets/goals?
Acknowledge employee accolades
Provide mentoring and capacity building
Be available for questions
Identify areas of improvement
Monitor and evaluate results
Performance reviews
Set SMART goals and review performance based on multi-lane communication strategies and methodologies.
Use respectful approach
Checklist
Scope Discussed
Risk Management
Objectives Discussed
Instructions Provided
Resources Checked
KPI’s Discussed
Changes required
Questions
Declarations
By signing below, I agree to the performance requirements of this audit. Instruction has been provided on the support and information I can access to meet the requirements of me throughout this audit.
Team Members
(Auditors)
Name
Signature
Date
Communication Method
Jacqui Crafter
Jacqui Crafter
Lead Auditor
06/09/19
Jamie Ilton
Jamie Ilton
Assistant Auditor
06/09/19
Peter Douch
Peter Douch
Document/system Controll
06/09/19
Jacqui Crafter
Jacqui Crafter
Lead Auditor
06/09/19
Activity 1.5 Organise Entry Meeting
Audits can be either internal or external and therefore, the entry meeting may have a slightly different context for an internal auditor, to an external auditor.
Instruction to Learners:
Outline below, the details for organising an entry meeting for an external audit, using the case study SSS RTO and an internal audit (think about your own workplace).
When organising an entry meeting, you should include, but not limited to the following:
Gather contact details of the people you need to invite
Suggest and agree on the date and time of the meeting
Communicate the length of the meeting
Communicate the meeting location – neutral ground works best
Mode of communication effective for those who are required to be involved
Complete in the template below.
Where providing a work sample for this activity, please ensure a third-party report is provided for the document
Entry Meeting SSS RTO (External Audit)
Date:
Monday 19 August 2019
Time:
9am
Length of Meeting:
30 mins
Location:
SSS RTO
Attendees:
The A Team Auditing Team
SSS staff as listed in pre-audit documentation
Mode of Communication for confirmation:
email
Other: Cloud
drobox
Other: email
Other:
Entry Meeting Your Organization (Internal Audit)
Date:
Monday 19 August 2019
Time:
9am
Length of Meeting:
30 mins
Location:
Attendees:
The A Team Auditing Team
SSS staff as listed in pre-audit documentation
Mode of Communication for confirmation:
email
Other: Cloud
drobox
Other: email
Other:
Activity 1.6 Entry Meeting Agenda
Instructions to Learners:
Using one (1) audit plan from Activity 1.3, along with the audit team preparation document, developed in Activity 1.4, develop an agenda for the audit entry meeting.
Entry meeting agendas are the initial meeting of an audit. The agenda will detail a list of agreed topics that were discussed in the pre-audit discussion. You as the audit team leader would be responsible for developing this agenda.
An entry meeting agenda, may include, but not limited to the following:
Audit Scope and Objectives
Benchmarks (Standards, policies/ Procedures)
Audit methods and techniques
Discuss confidentiality and sign declarations
Audit approach (open and transparent)
How the auditor(s) will handle corrective actions and present findings
Clarify any issues you may face when accessing work areas (if applicable)
Discuss the purpose of the exit meeting
Provide opportunity for questions
Any immediate actions required
You should also take into account the general items that are listed in a meeting agenda (attendees, apologies, times, dates etc.).
Complete the entry meeting agenda in the template below.
Where providing a work sample for this activity, please ensure a third party report is provided for the document.
Entry Meeting Agenda
Date:
19 August 2019
Time:
9am
Meeting Chair:
Jacqui Crafter – Lead Auditor
Attendees:
Lead Auditor: Jacqui Crafter
Assistant Auditor: Jamie Ilton
Specialist Auditor: Claudia Schiffer
ASQA Advisor: Sally Wray-McCann
Document/system Control: Peter Douch
Simon Smith - Business Owner (Founder)
Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Terry Troutback - Training Manager
Rebecca Right- Office Manager
Henry Hogan- HR Manager
Alison Allwell, Michael Carmichael, Willard Woo - Sydney Training Consultants
Joan Jolly, Beatrix Botter- Administration Officers
Apologies:
Agenda Item
Plan for discussion (what will you discuss?)
Minutes (resulting from discussion)
0.Introduction from Patricia Prat – Operations Manager (SSS)
Housekeeping, Emergency Exits, allocated break out areas and break out time.
Parking is 2 hours
Identification of high-risk areas, PPE requirements.
Introduction of SSS staff members
Welcome to the A Team
PLEASE SEE SCAN
1.Introduction from The A Team from Jacqui Crafter – Lead Auditor
Introduction of A Team Audit organization, himself and A Team member and their area of expertise/responsibility.
2.Scope – ISO 9001:2016 quality management systems – requirements Clause 5 Leadership
Cover the fundamentals of the audit process.
3.Schedule
Cover the schedule and confirm auditees. Clarify meeting areas and arrangements.
4.Point of contact
Confirm contact details of The A Team Auditing Team
5.Other items
Present on day
Immediate Actions (from discussion)
Action
Responsibility
Expected completion date/time
Contact list
Rebecca Right- Office Manager
27.06.19
Resolve any questions issues
Muditha Senanayake – Lead Auditor
Patricia Prat - Operations Manager
27.06.19
Value Adding Activity Recommendations
Provide information as required, where no activities are recommended, place N/A.
Risk based audits
N/A
Process audits:
Pre-implementation reviews:
Self-assessment:
Internal-control education:
Other:
Other:
Section 2 – Lead & Participate in a Quality Audit
Section 2 covers the requirements for the Unit of Competency, BSBAUD503 Lead a Quality Audit and BSBAUD402 Participate in a Quality Audit.
BSBAUD503 Lead a quality audit describes the skills and knowledge required to lead an audit team as it runs a quality audit. It covers conducting entry and exit meetings; identifying and gathering relevant information; managing audit team resources; and providing feedback to audit team members on their performance. The types of quality audit that may be covered by this unit include an external or internal system audit or process or product/service audit.
It applies to individuals with a well-established theoretical knowledge base of quality auditing, who are proficient in using a wide range of specialised quality auditing and managerial techniques to carry out their own work and to supervise the quality audit team. It is relevant to audits where a lead auditor is responsible for a quality audit team.
Learners are required to meet the following assessment conditions for this Unit of Competency.
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the regulation, licensing and risk – quality auditing field of work and include access to:
workplace documentation including previous quality audit reports
checklists
risk management and audit plans
BSBAUD402 Participate in a quality audit describes the skills and knowledge required to prepare for and participate in a quality audit as a member of a quality audit team. The types of audits may include external or internal systems audits or process or product/service audits.
The process includes reviewing designated documentation; identifying and developing checklists and audit related documentation; preparing audit schedules; gathering, analysing and evaluating information; and reporting findings to the lead auditor.
It applies to individuals with a broad knowledge of the quality auditing environment who analyse and evaluate information from a variety of sources to provide solutions to auditing issues, including unpredictable quality auditing problems.
Learners are required to meet the following assessment conditions for this Unit of Competency.
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the regulation, licensing and risk – quality auditing field of work and include access to:
workplace documentation including previous quality audit reports, checklists, risk management plans and audit plans
Tick upon completion of activities:
ACTIVITY SUBMISSION
Y
Activity 2.1 Prepare Audit Agenda
Y
Activity 2.2 Amendments to Audit Agenda
Y
Activity 2.3 Conducting Interview
Y
Activity 2.4 Managing Audit Team Resources
Y
Activity 2.5 Use Appropriate Checklists/Tools to Conduct a Quality Audit
Y
Activity 2.6 Prepare and Conduct an Exit Meeting
Y
Activity 2.7 Guide Team Members
Activity 2.1 Prepare Audit Agenda
Audit Agendas should be discussed at the entry meeting. Audit agendas should be transparent so that everyone involved is informed. Agendas should be broken up into sessions, so that everyone knows what is going on and when.
Instructions to Learners:
When preparing the audit agenda, things you should think about, but not limited to may be:
Entry and Exit meetings
Make changes to audit plan (as appropriate)
Site inspection/induction (as appropriate)
Commence audit activities
Conduct interviews
Conduct meetings
Gather evidence
Make observations
Break (as required)
Interim report
Toolbox meeting (as required)
Confirm activities
Collate evidence (table findings)
Prepare audit reports (NCR’s and CAR’s)
Prepare and present exit meeting
Discuss and organise follow-ups
Evaluate auditor performance
Using one (1) of the audit plans developed in Activity 1.5; develop an audit agenda in the template below.
Complete this activity using the templates below. For this activity, the audit will be conducted over 2 days.
Where providing a work sample for this activity, please ensure a third party report is provided for the document
Day 1
ACTIVITY TIMES
ACTIVITY
PARTICIPANTS
Auditor
Auditee
9.00 am – 9.30 am
Entry Meeting
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
The A Team Auditor
Simon Smith - Business Owner (Founder)
Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Terry Troutback - Training Manager
Rebecca Right- Office Manager
Henry Hogan- HR Manager
Alison Allwell, Michael Carmichael, Willard Woo - Sydney Training Consultants
Joan Jolly, Beatrix Botter- Administration Officers
9.30 am – 10.15 am
Site Inspection and induction
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
The A Team Auditing
Patricia Prat – Operations manager
10.15 am – 10.30am
Morning Break
10.30am – 11.30am
Evidence Gathering - ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
Jacqui Crafter – Lead Auditor
Jamie Ilton – Assistant Auditor
Claudia Schiffer – Specialist Auditor
Peter Douch – Document/system control
Sally Wray-McCann – ASQA Advisor
Simon Smith - Business Owner (Founder) Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Rebecca Right – Office Manager
Terry Troutback - Training Manager
01.00pm – 1.30pm
Lunch
2pm – 3.30pm
Evidence gathering - ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
Jacqui Crafter – Lead Auditor
Jamie Ilton – Assistant Auditor
Claudia Schiffer – Specialist Auditor
Peter Douch – Document/system control
Sally Wray-McCann – ASQA Advisor
Simon Smith - Business Owner (Founder)
Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Terry Troutback - Training Manager
3.30pm – 3.45pm
Afternoon Break
3.45 – 5pm
Evidence gathering - ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
Jacqui Crafter – Lead Auditor
Jamie Ilton – Assistant Auditor
Claudia Schiffer – Specialist Auditor
Peter Douch – Document/system control
Sally Wray-McCann – ASQA Advisor
Rebecca Right- Office Manager
Henry Hogan- HR Manager
Alison Allwell, Michael Carmichael, Willard Woo - Sydney Training Consultants
Joan Jolly, Beatrix Botter- Administration Officers
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
Lead Auditor: Jacqui Crafter
Assistant Auditor: Jamie Ilton
Specialist Auditor: Claudia Schiffer
ASQA Advisor: Sally Wray-McCann
Document/system Control: Peter Douch
01.00pm – 1.30pm
Lunch
1.30pm – 2.00pm
Audit Findings
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
Lead Auditor: Jacqui Crafter
Assistant Auditor: Jamie Ilton
Specialist Auditor: Claudia Schiffer
ASQA Advisor: Sally Wray-McCann
Document/system Control: Peter Douch
2.30pm – 3.00pm
Audit conclusion
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
Lead Auditor: Jacqui Crafter
Assistant Auditor: Jamie Ilton
Specialist Auditor: Claudia Schiffer
ASQA Advisor: Sally Wray-McCann
Document/system Control: Peter Douch
3.00pm – 3.15pm
Afternoon Break
3.15pm – 5.00pm
Exit Meeting
Audit conclusion
ISO 9001:2015 Quality management systems – requirements – Section 5 Leadership
Lead Auditor: Jacqui Crafter
Assistant Auditor: Jamie Ilton
Specialist Auditor: Claudia Schiffer
ASQA Advisor: Sally Wray-McCann
Document/system Control: Peter Douch
Simon Smith - Business Owner (Founder)
Steven Sibley - Compliance Manager (Co-Founder)
Patricia Prat - Operations Manager
Terry Troutback - Training Manager
Rebecca Right- Office Manager
Henry Hogan- HR Manager
Alison Allwell, Michael Carmichael, Willard Woo - Sydney Training Consultants
Joan Jolly, Beatrix Botter- Administration Office
Activity 2.2 Amendments to Audit Agenda
Instructions to Learners:
On the day of the audit, one of the auditors is running late and one of the employees who were to be interviewed has become unavailable.
Using the agendas created in Activity 2.1 for day 1 and 2, you are required to make changes to the plan, schedule and arrangements for the audit, as laid out in the agenda.
Complete this activity using the templates below.
Where providing a work sample for this activity, please ensure a third party report is provided for the document
Day 1
ACTIVITY TIMES
ACTIVITY
PARTICIPANTS
Auditor
Auditee
Day One
9am – 9.30am
Change of entry meeting time
Jason Watson
9.30am – 10.15am
Change of inspection time
Jason Watson
9.30am- 10.15am
Add Henry Hogan to site inspection
Jamie Ilton
Henry Hogan
10.30am – 11.30am
Interview not required
Jacqui Crafter
Simon Smith
Steven Sibley
1pm – 4pm
Add interviewee
Mudi Senanayake
Joan Jolly required
Day 2
9.30am – 12.30pm
Change start time to 10.30am
Brenda Stocks
Late arrival expected
9.30 – 12.30pm
Change of interviewee
Darren Linkins
9.30am – 12.30pm
Change of interviewee
Fleur Limpus
10.45-1pm
Availability shortened
Sally Wray-McCann Available 1 hour only 10.45-11.45am
10.45am – 1pm
Remove interviewee
Peter Douch
Claudia Schiffer – not available
Activity 2.3 Conducting Interview
Conducting an audit interview can be broken down into several different steps – each step does not necessarily need to last long, but they are important for a successful interview where you gain the information you are looking for.
Using the case study, SSS RTO, outline in the template below, how and why you would conduct an interview with the chosen employee during an audit. Detailing how you would conduct the following steps on an interview for the purpose of an audit. Including, questions you may ask the employee to gain the required information.
Audit Interview with Employee
Employee Name:
Henry Hogan
Date:
20 August 2019
Time:
9am-10.30am
Employee Position:
HR Manager
Location:
SSS RTO
Establish rapport
Introduce ourselves, find common ground, light humor, friendly small talk, etc.
Briefing interviewee
Background of The A Team Auditors, experience.
Background information
Experience, case studies of previous audits, open floor to any questions SSS might have, gain knowledge and feedback, brief timeline of events proceeding.
Questions
Closed: Can you please show me your complete induction records?
Open Question: Who has access to your induction records?
Probing: How do you track completions?
Challenging: I’ve noticed the record you’ve supplied is not complete. Do you have another process to document each staff member’s induction?
Summarisation & clarification
Reflection: So what I’m hearing is that staff members are completing their induction process however the documentation is not being completed to reflect this?
Hypothetical: So if a staff member has an injury in the workplace in a controlled area how can you provide evidence to Work Safe to demonstrate the staff member knew that it was a controlled area and they understood their responsibilities?
Closing of interview
Please feel free to approach me at any time during or after the audit, should new information come to light or you have any concerns or queries regarding the audit.
Documentation
Audit checklist
Notes
Induction Records
Activity 2.4 Managing Audit Team Resources
As the Lead Auditor, you will be responsible for managing the audit team throughout the audit. This will include:
Supervision of activities
Assessing and reviewing team findings in line with the audits scope
Re-assigning team members as required
Instigating contingency actions as required
Seeking and reaching agreements on corrective action reports
Keep in mind, your team may not all be at the same location.
Detail below, how you would manage your audit team, including the above requirements in this management. Include an explanation where required, why you may have made a certain decision.
I would define roles and responsibilities and delegate tasks to each team member with a define timeframe for each item then follow up accordingly.
Activity 2.5 Use Appropriate Checklists/Tools to Conduct a Quality Audit
Audit checklists/tools are used by the audit team, to systematically plan and conduct an audit.
Instructions to Learners:
Using the ISO Standards/NZS ISO 9001:2016 Quality management systems – Requirements and the resource documents for SSS RTO in the learner resource folder, Learners are required to develop a series of checklist and tools and conduct a desktop audit of the RTO SSS.
Learners are required to choose one (1) of the four (4) clauses, which you will conduct an audit on.
Your checklists/tools should contain:
A list of interview questions to determine compliance/non-compliance in the applicable clause
Identify expected evidence for each of the sub clauses
Record any comments or findings whilst the audit is conducted
Assess, using an impact scale rating, the impact or consequence if a non-conformance is not rectified
Evaluate and prioritise non-conformance impact
Using the templates provided below, develop checklists/tools.
Where providing a work sample for this activity, please ensure a third-party report is provided for the document.
Audit Checklist
Date:
22.06.19
Location:
Melbourne
Lead Auditor:
Jacquie Crafter
Auditee Representative:
Jamie Ilton
Scope
Audit Clause:
Legend
A
= Conformant
B
= Minor Non-Conformance
C
= Major Non-Conformance
Conformance
Adherence with the requirements of the standard. No major or minor non-conformances found
Minor Non-Conformance:
A non-conformity that, based on the judgment and experience of the auditor, is not likely to result in the failure of the management system or reduce its ability to assure controlled processes or products.
It may be either:
A failure in some part of the supplier’s management system relative to a specified requirement.
A single observed lapse in following one item of an organisation’s management system.
Major Non-Conformance:
The absence (omission, not addressed) or total breakdown (commission, failure, not implemented) of a system to meet a specified requirement.
A number of minor non-conformities against one requirement can represent a total breakdown of the system and thus be considered a major non-conformity.
Any non-conformance that would result in the probable shipment of a non-conforming product. Conditions that may result in the failure of or materially reduce the usability of the products or services for their intended purpose.
A non-conformance that, in the judgment and experience of the auditor, is likely to either to result in the failure of the management system or to materially reduce its ability to assure controlled processes and products.
Clause Name and Number
Question Number
Clause Reference
Audit Question
Expected Evidence
Conformance Outcome
Comments
Yes
No
N.B. Provide references to documentation where necessary
A
B
C
6.1.1
How are the internal and external issues and interested parties considered when planning for the QMS?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Quality Objectives
Quality Policy
Quality Management Responsibilities
Position Descriptions
☐
☐
☒
NCR01
QAM does not address external issues
CAR001
QAM does not meet document control as per SSS Doc Control P & P
CAR002
QAM revision control division incomplete
CAR003
QAM clause 7.3 incomplete, QAM has no page numbering
NCR002
QAM refers to OHS manual – no OHS manual
NCR003
QAM refers to detailed operating procedure – operating procedure missing
NRC004
QAM refers to approved supplier list – approved supplier list missing
NCR005
QAM refers to quality record master list – quality record master list missing
NCR006
QAM referred positions do not related to existing positions
NCR007
QAM states that work place mtgs occur –no evidence
NCR008
No evidence of discussions associated with planning for the QMS
NCR009
QAM state Management reviews take place – no evidence provided
NCR010
Business plan missing
NCR011
Meeting minutes missing
NCR012
SWOT analysis missing
NCR013
Emails missing
6.1.1 a
How are the risks determined and addressed so that the QMS can achieve its intended results?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails Quality Objectives
Quality Policy
Quality Management Responsibilities
Position Descriptions
Risk management register
☐
☐
☒
NCR014
Risk management missing from QAM
NCR010
Business plan missing
NCR012
SWOT analysis missing
NCR011
Meeting minutes missing
NCR013
Emails missing
Risk management register and risk management P & P are in place
NCR015
Risk management not included in continuous improvement procedure
6.1.1 a
How are the opportunities determined and addressed so that the QMS can achieve its intended results?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Risk management register
Continuous improvement (CI) register, P & P
Quality Objectives
Quality Policy
Quality Management Responsibilities
Position Descriptions
☐
☐
☒
QAM refers to planning and development opportunities process missing
CI Procedure does not identify opportunities for improvements
6.1.1 b
How are risks and opportunities determined and addressed so that the QMS can enhance desirable effects?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Risk management register
CI P&P
Quality Objectives
Quality Policy
Quality Management Responsibilities
Position Descriptions
Meetings Document
☐
☐
☒
NCR018
QAM does not address risk and opportunities
NCR010
Business plan missing
NCR012
SWOT analysis missing
NCR011
Meeting minutes missing
NCR013
Emails missing
NCR019
CI procedure does not address how to deal with risk
CI policy refers to review risk and implementation of risk strategies
NCR020
Risk strategies missing
6.1.1 c
How are risks and opportunities determined and addressed so that the QMS can prevent or reduce undesired effects?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Risk management register
CI P&P
Quality Objectives
Quality Policy
Quality Management Responsibilities
Position Descriptions
Meetings Document
☐
☐
☒
NCR014
Risk management missing from QAM
NCR010
Business plan missing
NCR012
SWOT analysis missing
NCR011
Meeting minutes missing
NCR013
Emails missing
NCR019
CI procedure does not address how to deal risk
CI policy refers to review risk and implementation of risk strategies
NCR020
Risk strategies missing
6.1.1 d
How are risks and opportunities determined and addressed so that the QMS can achieve continual improvement?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Risk and opportunities register
Continual Improvement register
CI P&P
Meetings Document
☐
☐
☒
NCR018
Risks and opportunities not address in QAM
NCR010
Business plan missing
NCR012
SWOT analysis missing
NCR011
Meeting minutes missing
NCR013
Emails missing
NCR019
CI procedure does not address how to deal risk
CI policy refers to review risk and implementation of risk strategies
NCR020
Risk strategies missing
6.1.2 a
How are actions planned to address risks and opportunities?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Change management plan
Risk management register
Continual Improvement register
Assigned tasks and actions
Meetings Document
☐
☐
☒
NCR018
Risks and opportunities not address in QAM
NCR010
Business plan missing
NCR012
SWOT analysis missing
NCR011
Meeting minutes missing
NCR013
Emails missing
NCR019
CI procedure does not address how to deal risk
CI policy refers to review risk and implementation of risk strategies
NCR020
Risk strategies missing
NCR021
Assigned tasks and actions
missing
6.1.2 b1
How actions are integrated and implemented into the QMS processes?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Change management plan
Risk management register
Continual Improvement register
Assigned tasks and actions
Meetings Document
☐
☐
☒
NCR018
Risks and opportunities not address in QAM
NCR010
Business plan missing
NCR012
SWOT analysis missing
NCR011
Meeting minutes missing
NCR013
Emails missing
NCR019
CI procedure does not address how to deal risk
CI policy refers to review risk and implementation of risk strategies
NCR020
Risk strategies missing
NCR021
Assigned tasks and actions missing
6.1.2 b2
How do you evaluate the effectiveness of the actions?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Monthly reports
Annual reports
Client feedback
Internal feedback
Risk management register
Continual Improvement register
Assigned tasks and actions
Meeting Document
☐
☐
☒
QAM refers to corrective action program - corrective action program missing
NCR010
Business plan missing
NCR012
SWOT analysis missing
NCR011
Meeting minutes missing
NCR013
Emails missing
NCR022
Monthly reports missing
Annual reports missing
NCR023
Client feedback not evaluated to analyse effectiveness of actions
NCR016
Continues Improvement register missing
NCR021
Assigned tasks and actions missing
CAR004
Risk Register does not evaluate effectiveness of actions
6.1.2
How are actions taken to address the risks determined as being appropriate to the potential impact on the conformity of the products?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Monthly reports
Annual reports
Client feedback
Internal feedback
Risk management register
Continual Improvement register
Assigned tasks and actions
Meeting Document
☐
☒
☐
CAR005
QAM refers to corrective action program - corrective action program missing and corrective action register is missing
Risk Management Register sighted and risks identified, documented and assigned for action
NCR016
Continual Improvement register missing
NCR011
Meeting minutes missing
6.1.2
How are actions taken to address the risks determined as being appropriate to the potential impact on the conformity of the services?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Monthly reports
Annual reports
Client feedback
Internal feedback
Risk management register
Continual Improvement register
Assigned tasks and actions
Meeting Document
☐
☒
☐
NCR024
QAM refers to corrective action program - corrective action program missing and corrective action register is missing
Risk Management Register sighted and risks identified, documented and assigned for action
NCR016
Continual Improvement register missing
NCR011
Meeting minutes missing
6.1.2
How are actions taken to address the opportunities determined as being appropriate to the potential impact on the conformity of the products?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Monthly reports
Annual reports
Client feedback
Internal feedback
Risk management register
Continual Improvement register
Assigned tasks and actions
Meeting Document
☐
☒
☐
NCR024
QAM refers to corrective action program - corrective action program missing and corrective action register is missing
Risk Management Register sighted and risks identified, documented and assigned for action
NCR016
Continual Improvement register missing
NCR011
Meeting minutes missing
NCR013
Emails missing
NCR022
Monthly reports missing
Annual reports missing
6.1.2
How are actions taken to address the opportunities determined as being appropriate to the potential impact on the conformity of the services?
QAM
Business plan
SWOT analysis
Meeting minutes
Emails
Monthly reports
Annual reports
Client feedback
Internal feedback
Risk management register
Continual Improvement register
Assigned tasks and actions
Meeting Document
☐
☒
☐
NCR024
QAM refers to corrective action program - corrective action program missing and corrective action register is missing
Risk Management Register sighted and risks identified, documented and assigned for action
NCR016
Continual Improvement register missing
NCR011
Meeting minutes missing
NCR013
Emails missing
NCR022
Monthly reports missing
Annual reports missing
6.2.1
Where are the quality objectives and are these at all relevant functions, levels and processes?
QAM
Quality Policy
Quality Objectives
Monthly reports
Annual reports
☐
☐
☒
CAR006
Quality Objectives sighted however, document needs to be updated to reflect current staffing status and positions and missing documentation
CAR007
Customer Feedback register has no actions attached
NCR022
Monthly reports missing
Annual reports missing
6.2.1 a
Are the quality objectives consistent with the quality policy?
QAM
Quality Policy
Quality Objectives
Monthly reports
Annual reports
☐
☒
☐
Quality Policy and Quality Objectives documents sighted and are consistent and aligned.
NCR016
Continual Improvement register missing (listed in Quality Policy).
CAR008
Quality Policy refers to roles/positions that do not exist. Needs to be updated to reflect currency.
6.2.1 b
Are the quality objectives measurable?
QAM
Quality Policy
Quality Objectives
Monthly reports
Annual reports
☐
☐
☒
NCR025
No measures identified.
NCR026
No feedback register found.
NCR022
Monthly reports missing
Annual reports missing
6.2.1 c
Do the quality objectives consider applicable requirements?
QAM
Quality Policy
Quality Objectives
Monthly reports
Annual reports
☐
☐
☒
NCR027
No AVETMISS requirements found.
NCR022
Monthly reports missing
Annual reports missing
6.2.1 d
Are the quality objectives relevant to the conformity of the products and do they enhance customer satisfaction?
QAM
Monthly reports
Annual reports
Customer feedback
Quality Objectives
Quality Policy
☐
☐
☒
Evidence of quality objectives relevant to the conformity of the products found.
NCR028
No evidence found as to customer surveys.
NCR022
Monthly reports missing
Annual reports missing
6.2.1 d
Are the quality objectives relevant to the conformity of the services and do they enhance customer satisfaction?
QAM
Monthly reports
Annual reports
Customer feedback
Quality Objectives
Quality Policy
☐
☐
☒
Evidence of quality objectives relevant to the conformity of the products found.
NCR028
No evidence found as to customer surveys and no analysis found.
NCR022
Monthly reports missing
Annual reports missing
6.2.1 e
Are the quality objectives monitored?
QAM
Monthly reports
Annual reports
Quality Objectives
Quality Policy
Quality Management responsibilities
Customer feedback
☐
☐
☒
NCR022
No evidence found
Monthly reports missing
Annual reports missing
6.2.1 e
How is the quality objectives monitored?
QAM
Monthly reports
Annual reports
Quality Objectives
Quality Policy
Quality Management responsibilities
Customer feedback
☐
☐
☒
NCR022
No evidence found
Monthly reports missing
Annual reports missing
6.2.1 e
How often are the quality objectives monitored?
QAM
Monthly reports
Annual reports
Quality Objectives
Quality Policy
Quality Management responsibilities
Customer feedback
☐
☐
☒
NCR022
No evidence found
Monthly reports missing
Annual reports missing
6.2.1 f
How is the quality objectives communicated?
QAM
Business plan
Strategic plan
Monthly reports
Annual reports
Meeting minutes
Staff inductions
Emails
Quality Management responsibilities
Workplace meetings
☐
☒
☐
Via staff induction- signed Employee Training Plan – R6.2.2)
Induction checklist sighted.
Via annual ‘think tank and review’ meeting.
NCR011
No evidence of meeting being conducted or minutes.
NCR029
No evidence of annual strategy being conducted or communicated.
6.2.1 g
How is the quality objectives updated?
QAM
Quality Objectives
Quality Policy
Quality Management responsibilities
Workplace meetings
☐
☒
☐
Via annual ‘think tank and review’ meeting.
NCR011
No evidence of meeting being conducted or minutes.
Monthly meeting between CEO and GM, Compliance indicated in Quality Policy, however, no evidence signed that this meeting has occurred or been minuted.
6.2.1
Where is the documented information on the quality objectives?
No evidence of specific responsibilities assigned for specific risks or opportunities.
CAR009
No further job descriptions provided.
Risk Register does indicate responsibilities – signed.
6.2.2d
How does the organization determine when it will be completed?
QAM
Business plan
Strategic plan
Change management plan
Meeting minutes
Quality management responsibilities
Policy and Quality objectives
Emails
Assigned tasks and actions
☐
☐
☒
CAR010
Risk management register identifies due dates and assigned responsibilities, however, the due dates are mostly blank or are indicated as ‘Ongoing’.
NCR031
No evidence to suggest that Risk Management policy is being followed or completed.
6.2.2 e
How does the organization determine how results be evaluated for quality objectives when completed?
QAM
Business plan
Strategic plan
Change management plan
Meeting minutes
Emails
Monthly reports
Annual reports
Client feedback
Internal feedback
Quality management responsibilities
Policy and Quality objectives
☐
☒
☐
Risk Management Policy identifies that results will be evaluated at monthly management meetings NCR011
However no evidence sighted.
NCR011
Risk management team meeting is listed as being held however no evidence of this occurring.
6.3
How are changes to the QMS planned systematically?
QAM
Business plan
Strategic plan
Change management plan
SWOT analysis
Meeting minutes
Emails
Monthly reports
Annual reports
Client feedback
Internal feedback
Risk management register
Continual Improvement register
Quality management responsibilities
Policy and Quality objectives
☐
☐
☒
Workplace meetings document (D5.5.3B) advises that monthly Operations Meetings contains agenda item for QMS review, however, no evidence sighted that this occurs and NCR011
No minutes sighted.
Annual ‘think tank and review’ meeting.
NCR011
No evidence of meeting being conducted or been minuted.
Monthly meeting between CEO and GM, Compliance indicated in Quality Policy, however,
NCR011
no evidence signed that this meeting has occurred or been minuted
6.3 a
How do changes to the QMS demonstrate the purpose and potential consequences of changes;
QAM
Business plan
Strategic plan
Change management plan
SWOT analysis
Meeting minutes
Emails
Monthly reports
Annual reports
Client feedback
Internal feedback
Risk management register
Continual Improvement register
Quality objectives
☐
☐
☒
NCR032
No evidence sighted of QMS changes.
CAR011
Evidence sighted of continuous improvement documentation and control and responsibilities and authorities; however no evidence sighted that these are being followed.
6.3 b
How do changes to the QMS demonstrate the integrity of the QMS;
QAM
Business plan
Strategic plan
Change management plan
SWOT analysis
Meeting minutes
Emails
Client feedback
Internal feedback
Quality management responsibilities
Policy and Quality objectives
☐
☐
☒
NCR032
No evidence sighted of QMS changes.
CAR010
Evidence sighted of continuous improvement documentation and control and responsibilities and authorities; however no evidence sighted that these are being followed.
6.3 c
How do changes to the QMS demonstrate how resources are made available?
QAM
Business plan
Strategic plan
Change management plan
SWOT analysis
Meeting minutes
Emails
Assigned tasks and actions
Quality management responsibilities
Policy and Quality objectives
☐
☐
☒
NCR032
No evidence sighted of QMS changes.
CAR010
Evidence sighted of continuous improvement documentation and control and responsibilities and authorities; however no evidence sighted that these are being followed.
6.3 d
How do changes to the QMS demonstrate how responsibility and authority is allocated or reallocated?
QAM
Business plan
Strategic plan
Change management plan
SWOT analysis
Meeting minutes
Emails
Assigned tasks and actions
Quality management responsibilities
Policy and Quality objectives
☐
☐
☒
NNCR032
O evidence sighted of QMS changes.
CAR010
Evidence sighted of continuous improvement documentation and control and responsibilities and authorities; however no evidence sighted that these are being followed.
Risk Impact Assessment
Instructions to Learner:
To complete the risk impact assessment, select five (5) non-conformances identified in the above audit checklist and outline the impact each non-conformance, may have on SSS RTO. Once you have outlined the potential impact across the aspects of the organisation, evaluate and prioritise the risks for treatment using the risk matrix on page 186 of the learner guide.
RATING
GENERAL
FINANCIAL
LEGAL
REPUTATION
Example: 5
Success of business objectives jeopardised
Turnover >$1M
Breach of legislation/policy which results in costly legal action and sanctions which severely impact the business
Reputation damaged at an international level with a significant negative public response
Clause Name and Number ISO 9001:9016 Quality Management System – requirements Section 5 Leadership
Question Number
Clause Reference
Audit Question
Expected Evidence
Conformance Outcome
Comments
Yes
No
N.B. Provide references to documentation where necessary
A
B
C
1.
5.1.1a
Have the resources been provided for the quality management system?
Quality Assurance Manual
Corrective Action Reports
Version Control Register
☐
x
☐
CAR008Mis – Corrective Action Report
NCR019 Mis – Version control register
2.
5.1.1a
Can you show me your QMS system?
QMS
x
☐
☐
3.
5.1.1a
Who in SSS has overall control of the QMS?
QMS
Position Description
Quality Management Responsibilities
☐
X
☐
NCR010 PD does not define responsibility
4.
5.1.1a
Who ensures your QMS process is reviewed?
QMS
Position Description
Version control Register
☐
☐
X
NCR010 Policy does not identify role responsible
NCR019Mis – version control register
5.
5.1.1b
How do you track that work practices align with your quality policy?
Continuous improvement P&P
☐
☐
x
NCR008 No evidence of version control
6.
5.1.1b
Can you describe how work practices align with your quality objectives?
Continuous improvement P&P
QMS
Mission statement
Induction item
☐
x
☐
CAR005No induction item
NCR005 Mis – mission statement
7.
5.1.1b
What process is in place to ensure your QMS are meeting your organizational needs?
Continuous improvement P&P
Customer Survey/Questionnaires
x
☐
☐
8.
5.1.1b
Do you have a process that shows how your QMS was established?
Continuous improvement P&P
x
☐
☐
9.
5.1.1b
If I asked your workers if they could use the documents would they understand me?
Continuous improvement P&P
x
☐
☐
10.
5.1.1b
Do you have documents that show the organization’s direction or rules to live by?
Mission statement
☐
☐
x
NCR005 Mis – Mission Statement
11.
5.1.1c
Do you have any training or information sharing processes on your QMS for your staff?
Continuous improvement P&P
Risk Management Policy
Induction item
☐
x
☐
CAR007Risk management is not on the induction list
12.
5.1.1c
Can you demonstrate how you ensure your staff understand and work to your P&P?
Risk Management Policy
Staff Surveys
Training Reports
Training Needs Analysis
☐
x
☐
CAR013Mis- staff surveys, training reports
CAR017TNA out of date
13.
5.1.1d
Can you show me how your QMS is updated?
Continuous Improvement register
Version control
☐
☐
x
NCR 008 Mis – version control
NCR 001 Mis - CI register
14.
5.1.1d
Do your staffs receive information on when your Risk Assessment Register is updated?
Risk Management Policy
Risk Register
x
☐
☐
15.
5.1.1e
What information is readily available to your staff, if they wish to add a risk to the QMS?
Risk Management Policy and Procedure
Staff handbook
Risk Management Register
☐
x
☐
CAR 010Mis – staff handbook
16.
Can you show and demonstrate resources available to staff that allow them to understand the QMS?
Quality Management System
x
☐
☐
17.
5.1.1e
How are the controls implemented in the QMS?
Quality Management System
Version control
☐
x
☐
NCR 008 Mis – version control
18.
5.1.1e
Who has control of implemented outcomes from the QMS?
Continuous Improvement register
Position Description
Quality Management System
☐
X
☐
NCR 001 Mis – No CI register
NCR 010 Reference not available on PD
19.
5.1.1e
Is the quality management system available?
Quality Assurance Manual
x
☐
☐
20.
5.1.1e
Is the latest version of the quality management system available?
Quality Assurance Manual
Version Control Register
☐
x
☐
NCR 018 Mis – version control register
21.
5.1.1f
Is the corrective action register available?
Corrective Action Register
☐
☐
x
CAR008Mis – corrective action register
22.
5.1.1f
Is the communication register available?
Communication Register
☐
☐
x
CAR 002 Mis – communication register
23.
5.1.1f
Can SSS please show me updates to the quality management system are communication records?
Corrective Action Register
Quality Assurance Manual
Corrective Action Reports
Version Control Register
☐
x
☐
CAR 008Mis – corrective action register
NCR 008 Mis – version control register
24.
5.1.1f
So, if I was your employee how do you know I am conforming to the quality management system?
Corrective Action Register
Quality Assurance Manual
Corrective Action Reports
Communication Register
Version control
☐
x
☐
CAR 002 Mis – communication register
CAR 008Mis – Corrective action register
NCR 008 Mis – version control register
25.
5.1.1f
Also how do you know I am conforming to these changes or updates that have been made to the system?
Corrective Action Register
Quality Assurance Manual
Corrective Action Reports
Version Control Register
Document Version Control
Meeting minutes
☐
x
☐
CAR 001 Mis – meeting minutes
CAR 008 Mis – Corrective Action Register
NCR 008 Mis – version control register
CAR 001 Mis – meeting minutes
26.
5.1.1g
Does SSS ensure that your quality management system is fit for purpose and achieves its intended results?
Quality Management System
Document Review Policy
Version Control
☐
x
☐
NCR 008 Mis – version control
27.
5.1.1h
Does SSS have a training procedure on how to use your quality management system before your employees start work?
Training Manual
Training Records
Induction item
☐
x
☐
CAR 004 Mis – induction item
NCR 017 Mis – training manual
NCR 017 Incomplete training records
28.
5.1.1h
Can SSS provide a copy of your training records?
Training Register
Training Records
☐
x
☐
NCR 017 Training records are incomplete
29.
5.1.1i
Does SSS have a continuous improvement policy?
Continuous improvement policy
x
☐
☐
29a
Does SSS have a continuous improvement register?
Continuous Improvement Register
☐
☐
x
NCR 001 Mis –CI register
30.
5.1.1i
Does SSS promote improvement to its employees?
Continuous improvement policy
Continuous Improvement Register
Customer feedback register
Surveys and customer feedback forms
☐
x
☐
NCR 001 Mis – CI register
NCR 006 No actions in customer feedback register
31.
5.1.1i
I am an SSS customer how do you respond to my feedback report?
Surveys and customer feedback forms
Meeting Minutes
☐
x
☐
CAR 001 Mis – meeting minutes
CAR 014 No evidence of response to feedback
32.
5.1.1j
Can you provide a copy of each employee’s position description document?
Position Description
☐
☐
x
NCR 009 Not all PDs available
33.
5.1.1j
Can you demonstrate how your employees apply their position description to their areas of responsibility?
Position Description
☐
☐
x
NCR 009 Not all PDs available
34.
5.1.2
Explain your end to end process for the delivery of quality customer service?
Quality Policy
x
☐
☐
35.
5.1.2a
How are legislative changes captured?
Relevant subscriptions
Document review procedure
Staff meeting minutes
☐
x
☐
CAR 012 Mis – subscriptions
CAR 001 Meeting minutes not available
36.
5.1.2b
What tools do you use to capture customer satisfaction?
Customer Survey/Questionnaire Template
Customer Feedback Register with Actions
Customer Feedback records with example of feedback loop
☐
x
☐
CAR 003 Mis – Customer feedback register with actions
CAR 014 No evidence of loop available
37.
What is the process if a risk to customer satisfaction is identified?
Customer Survey/Questionnaire Register with actions
☐
☐
x
NCR 006 Mis – customer survey/questionnaire register with actions
38.
5.1.2c
How do you maintain customer satisfaction?
Staff Meeting Agenda Item
Induction Item
☐
☐
x
CAR 011Mis – staff meeting agenda does not include agenda item to customer satisfaction
CAR 004 Mis – induction item
39.
5.2.1a
How does your Quality Policy specifically support the strategic direction of your organization?
Quality Policy
Strategic Plan
Document Review procedure
☐
x
☐
NCR 016 Mis – strategic plan
40.
5.2.1b
What framework do you use for setting quality objectives?
Quality Policy
Example of Quality Framework process
☐
x
☐
NCR 004 Mis – example of quality framework process
41.
5.2.1c
Can you provide documentation demonstrating a commitment to satisfy your quality policy?
Quality Statement
Quality Policy
☐
x
☐
NCR 015 Mis – quality statement
42.
5.2.1d
How do you demonstrate your commitment to continual improvement of the quality management system?
Quality Policy
QMS in place
Continuous Improvement Register
Position Description incorporating quality management responsibility
☐
x
☐
NCR 001 Mis – CI register
Not all PDs available
43.
5.2.2a
How do staff members know about and access the quality policy?
Quality Policy
Document Register
Quality Manual access
Induction item
☐
x
☐
NCR 002 Mis – document register
NCR 014 Mis – quality manual
CAR 016 Not all staff inductions available or completed
44.
5.2.2b
Can you provide an example of how the quality policy has been applied by a staff member in your organization?
Quality Policy
Quality Manual
Induction item
x
☐
☐
45.
5.2.2c
Can a stakeholder access the quality policy?
Quality Policy
Outgoing Document Register
☐
x
☐
NCR 007 No description available in the Quality Policy about stakeholder access
46.
How does your organization ensure confidentiality of organizational documents?
Privacy and confidentiality policy
Document Release Policy
Outgoing Document Register
☐
x
☐
NCR019Mis – privacy and confidentiality policy
NCR 003 Mis – document release policy
47.
5.3a
Who is responsible for ensuring the quality management system conforms to the requirements of the International Standard?
ISO 9001:2016 quality management system - requirements
Position Description
☐
x
☐
NCR 009 Not all PDs available
48.
5.3b
What processes does the organization have in place to ensure delivery of its intended outputs?
Quality Policy
Project Plans and Evaluations
Meeting Minutes
☐
x
☐
NCR 012 Mis – project plans and evaluation
CAR 001 No meeting minutes available
49.
5.3c
Explain your organization’s reporting process?
Quality Policy
Reporting Requirements
Quality Action Plan
Continuous Improvement Activity Register
☐
x
☐
NCR 013 Mis – quality action plan
NCR 001 Mis – CI activity register
CAR 006 Reporting requirements not available
50.
How are opportunities for improvement identified?
Continuous Improvement Register
Continuous Improvement Procedure
Meeting minutes
☐
x
☐
NCR 001 Mis – CI register
CAR 001 No meeting minutes available
51.
How are identified opportunities actioned by top management?
Continuous Improvement Register
Continuous Improvement Procedure
Meeting minutes
☐
x
☐
NCR 001 Mis – CI register
CAR 001 No meeting minutes available
52.
5.3d
How do you ensure the promotion of customer focus throughout the organization?
Staff meetings
Staff newsletters, Yammer
Induction item
☐
☐
x
CAR 001 No meeting minutes available
CAR 015 No newsletters, intranet or other staff communication available
CAR 004 No induction item available
53.
5.3e
How does your organization plan changes to the quality management system?
Position Description
Document Control processes including version control
Document Register
Quality meeting minutes
☐
☐
x
NCR 009 Not all PDs available
NCR 008 Mis – version control
CAR 001 No meeting minutes available
54.
How does your organization implement changes to the quality management system?
Position Description
Document Control processes including version control
Document Register
Quality meeting minutes
☐
☐
x
NCR 009 Not all PDs available
NCR 008 Mis – version control
CAR 001 No meeting minutes available
NCR 002 Mis – document register
Activity 2.6Prepare &Conduct an Exit Meeting
Instructions to Learners:
When preparing for an exit meeting, the audit team should provide the organisation with, but not limited to the following:
Executive Summary
Benchmarks (standards, policies/ procedures)
Audit Results
NCR’s raised
Opportunities for improvement
Risk
Root Cause analysis
Follow-ups
Provide opportunity for questions
Continuous improvement
You will also need to take into account the general items that are listed in a meeting agenda (attendees, apologies, times, dates etc.).
Complete the template below.
Where providing a work sample for this activity, please ensure a third party report is provided for the document
Exit Meeting Agenda
Date:
Time:
Meeting Chair:
Attendees:
Apologies:
Agenda Item
Plan for discussion (what will you discuss?)
Minutes (resulting from discussion)
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
Immediate Actions (from discussion)
Action
Responsibility
Expected completion date/time
Follow Up Required
Action
Responsible
Expected completion date/time
Value Adding Activity Recommendations
Provide information as required, where no activities are recommended, place N/A.
Risk based audits
Process audits:
Pre-implementation reviews:
Self-assessment:
Internal-control education:
Other:
Other:
Activity 2.7 Guide Team Members
As a Lead Auditor, it is essential you provide feedback to your audit team as a whole and to each individual for evaluation of the audit performance.
Referring back to Activity 1.6, Prepare Audit Team. Review the information within the template. This information will assist you with completing the below template.
Where providing a work sample for this activity, please ensure a third party report is provided for the document
Audit Evaluation
Date:
Auditee Organisation Name:
Auditee:
Auditee Representative:
Audit Scope and Objectives
Scope:
Audit Objectives:
Lead Auditor:
Name of Auditor
Roles and Responsibilities
Auditor(s)
Team Member
Roles and Responsibilities
Instructions
Were the general instructions to your audit team to make them aware of the procedures for the audit effective? Provide detail of any improvements.
Instructions (methods and techniques
Resources (list)
Performance Management Summary
Summarise your findings for each of the areas below.
Audit
Audit Team
Audit Individual
Key Performance Indicators (KPI)
Performance
KPI (Key Performance Indicator)
Met
Improvement action required (if not met)
Yes
No
Audit
☐
☐
☐
☐
Audit team
☐
☐
☐
☐
Audit Individual
☐
☐
☐
☐
Support for Performance Management
Where KPI’s were not meet by the team or an individual, as the Lead Auditor, what further support could you have provided?
Auditor Reflection
Reflect on your own performance as a Lead Auditor and your understanding of the required processes.
Team Members Critique
List four (4) items, team members could use to critique their own work.
1.
2.
3.
4.
Section 3 –Report on a Quality Audit
Section 3 describes the requirements for the Unit of Competency, BSBAUD504 Report on a quality audit. The skills and knowledge required to report on the outcomes of a quality audit and to take appropriate follow up action. It covers compiling audit results; preparing a report for the auditee/client; negotiating follow up action with the auditee/client; and monitoring and reviewing the auditing system and activities. The types of quality audit that may be covered by this unit include an external or internal systems audit or process or product/service audit.
It applies to individuals with a well-established theoretical knowledge base in quality auditing who are proficient in using a wide range of specialised quality auditing and managerial techniques to carry out their own work and to supervise the quality audit team. It addresses the function performed by either an auditor having sole responsibility for the audit or a lead auditor of a quality audit team.
Learners are required to meet the following assessment conditions for this Unit of Competency.
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the regulation, licensing and risk – quality auditing field of work and include access to:
workplace documentation including quality audit reports, checklists, risk management plans and audit plans
Tick upon completion of Section 4 the following activities:
ACTIVITY SUBMISSION
☐
Activity 3.1 Report on a Quality Audit
☐
Activity 3.2 Compile Non-Conformance Audit Report
☐
Activity 3.3 Compile Corrective Action Report
☐
Activity 3.4 Compile Non-Conformance Matrix
Activity 3.1 Compile an Audit Report
Instructions to Learners:
Using the data gathered in Activity 2.5, Learners are required to compile an audit report for SSS’s Business Owner.
Learners are required to complete the report in the template below:
Where a learner is submitting a work sample for this activity, a third party report must be provided.
Audit Report
Auditee:
Simple Simon Services (SSS) RTO
Date:
29 August 2019
Auditor Site Address:
Martin Place, Sydney 2000
Postal Address:
PO Box 4747, Sydney 2001
Auditor Information
Lead Auditor:
Jacqui Crafter
Auditors:
Jamie Ilton
Claudia Schiffer
Sally Wray-McCann
Peter Douch
Scope and Executive Summary
Identify audit scope:
To complete an external audit on SSS with AS/NZS ISO 9001:2016 Quality Management System
Reputation (5.1.1, 5.1.2, 5.2.1, 5.2.2, 5.3)
Political (5.1.1, 5.1.2, 5.2.2,5.3)
Economic (5.1.1, 5.1.2, 5.3)
Legislative (5.1.1, 5.1.2, 5.2.2)
Financial (5.1.1, 5.1.2, 5.2.1, 5.3)
Policy (5.1.1, 5.1.2, 5.2.1, 5.2.2)
Staff Retention (5.1.1, 5.2.1, 5.2.2, 5.3)
Safety (5.1.1, 5.2.1, 5.2.2)
Technological (5.1.1, 5.2.1, 5.2.2, 5.3)
ASQA (5.1.1, 5.2.1, 5.2.2, 5.3)
Identify audit objectives:
Build rapport and image across multiple sites Strong Marketing / Advertising properties Assist with ASQA compliance processes
Improve on SSS management systems and staff morale
Assist with expansion into WA
Executive Summary (summarise your findings- include minor and major non-conformities, as well as any opportunities for improvement):
The audit identified major weaknesses in the QMS system, with 8 major NCR’s and 1 minor CAR’s identified.
There was a consistent lack of resource and endeavor in managing the QMS at levels, including lack of policies and
It is noted that two previous ISO Audits have been conducted and areas of concern have still not been met.
SSS Executive needs to clearly consider their intent to implement the use of ISO 9001:2016 Quality Management Systems.
Referring to the data gathered in Activity 2.5, Learners are required to detail the non-conformities, including clause reference, number and title, in a Non-Conformance Report, to SSS’s Business Owner.
Ensure the audit method where non-conformity was identified has been checked, where the method was not used, place N/A.
Learners are required to complete this activity in the template below.
Where a learner is submitting a work sample for this activity, a third party report must be provided.
Non-Conformance Report (ncr)
Auditee:
Simple Simon Services (SSS) RTO
Date:
29 August 2019
Auditor:
The A Team Auditors
Summary of Non-Conformities
Major Non-Conformances
NCR 001
Mis – Continuous Improvement Register
NCR002
Mis – document register
NCR003
Mis – document release policy
NCR004
Mis – example of quality framework process
NCR005
Mis – mission statement
NCR006
Mis - No actions in customer feedback register
NCR007
Mis - No description available in the Quality Policy about stakeholder access
NCR008
Mis – Version control
NCR009
Mis - Not all PDs available
NCR010
Mis - PD does not define responsibility
NCR011
Mis - Policy does not identify role responsible
NCR012
Mis – project plans and evaluation
NCR013
Mis – quality action plan
NCR014
Mis – quality manual
NCR015
Mis – quality statement
NCR016
Mis – strategic plan
NCR017
Mis – training manual
NCR018
Mis – version control register
NCR019
Mis – Privacy and confidentiality Policy
Minor Non-Conformances
CAR001
Mis - No meeting minutes available
CAR002
Mis – communication register
CAR003
Mis – Customer feedback register with actions
CAR004
Mis – induction item
CAR005
Mis - No induction item
CAR006
Mis - Reporting requirements not available
CAR007
Mis - Risk management is not on the induction list
CAR008
Mis - Corrective Action Report
CAR009
Mis – privacy and confidentiality policy
CAR010
Mis – staff handbook
CAR011
Mis – staff meeting agenda does not include agenda item to customer satisfaction
CAR012
Mis – subscriptions
CAR013
Mis- staff surveys, training reports
CAR014
Mis - No evidence of response to feedback
CAR015
Mis - No newsletters, intranet or other staff communication available
CAR016
Mis - Not all staff inductions available or completed
CAR017
Mis - TNA out of date
CAR018
Mis - Training records are incomplete
Method Used for Identification
Observation
☐
Questioning
☐
Data Analysis
☐
Other (please define)
☐
Reported by (name)
☐
Reported by (signature)
☐
Review
Reviewed by (name)
Reviewed by (signature)
Auditee (Name)
Auditee (signature)
Auditee Position
Date:
Activity 3.3 Compile Corrective Action Report
Instructions to Learners:
Referring back to the data gathered in Activity 2.5, Learners are required to compile a Corrective Action Report for SSS’s Business Owner. Ensure you detail the clauses reference, number and title for the corrective actions.
Learners are required to complete the report in the template below:
Where a learner is submitting a work sample for this activity, a third party report must be provided.
Corrective Action report (CAR)
Auditee:
SSS RTO
Date:
Thursday 29 August 2019
Auditor:
The A Team Auditors
Summary of Corrective Actions
CAR001
Mis - No meeting minutes available
CAR002
Mis – communication register
CAR003
Mis – Customer feedback register with actions
CAR004
Mis – induction item
CAR005
Mis - No induction item
CAR006
Mis - Reporting requirements not available
CAR007
Mis - Risk management is not on the induction list
CAR008
Mis - Corrective Action Report
CAR009
Mis – privacy and confidentiality policy
CAR010
Mis – staff handbook
CAR011
Mis – staff meeting agenda does not include agenda item to customer satisfaction
CAR012
Mis – subscriptions
CAR013
Mis- staff surveys, training reports
CAR014
Mis - No evidence of response to feedback
CAR015
Mis - No newsletters, intranet or other staff communication available
CAR016
Mis - Not all staff inductions available or completed
CAR017
Mis - TNA out of date
CAR018
Mis - Training records are incomplete
Root Cause Analysis
Identify the root cause of non-conformities
Insufficient process control against stands set at by ISO 9001:2016 Quality Management Systems – requirements Clause 5 Leadership.
Risk Assessment
Gap/Non-Conformities of Major Non-Conformities
Likelihood e.g. D - Likely
Consequences
e.g. 2 - Minor
Risk Score
e.g. D2 - Medium
NCR 001
Mis – Continuous Improvement Register
NCR002
Mis – document register
NCR003
Mis – document release policy
NCR004
Mis – example of quality framework process
NCR005
Mis – mission statement
NCR006
Mis - No actions in customer feedback register
NCR007
Mis - No description available in the Quality Policy about stakeholder access
NCR008
Mis – Version control
NCR009
Mis - Not all PDs available
NCR010
Mis - PD does not define responsibility
NCR011
Mis - Policy does not identify role responsible
NCR012
Mis – project plans and evaluation
NCR013
Mis – quality action plan
NCR014
Mis – quality manual
NCR015
Mis – quality statement
NCR016
Mis – strategic plan
NCR017
Mis – training manual
NCR018
Mis – version control register
NCR019
Mis – Privacy and confidentiality Policy
A(5)
A (5)
A (5)
B(4)
B (4)
A (5)
C (3)
A (5)
B (4)
B (4)
B (4)
B (4)
A(5)
A (5)
3 -Moderate
2 - Minor
2- Minor
1 - Insignificant
2- Minor
2- Minor
1 – Insignificant
4 – Major
2 – Minor
2 – Minor
2 – Minor
2 – Minor
3 – Moderate
3 - Moderate
15 - High
10 - High
10 - High
4 - Medium
8 - Medium
10 - High
3 – Low
20 – Extreme
8 – Moderate
8 – Moderate
8 – Moderate
8 – Moderate
15 – High
15 - High
Corrective Actions not Agreed Upon
Corrective Actions, recommended by the audit team, which the auditee may not see as either a requirement or priority.
Due to evidentiary post-audit discussions audit results were recognized and accepted by the management of SSS RTO.
Close
Signature
Position
Date
CAR initiated by:
Jacqui Crafter
Lead Auditor
22 September 2019
CAR issued to:
Simon Smith
Business Owner
22 September 2019
CAR closed by (only when closed):
Jacqui Crafter
Lead Auditor
22 September 2019
Approvals
The signatures below certify that this corrective action report has been reviewed and accepted, and demonstrate that the signatories are aware of all the requirements contained herein and are committed to ensuring their provision. Please note- approvals are only to be signed once final approval has been made.
Name
Signature
Position
Date
Prepared by:
Jacqui Crafter
Lead Auditor
22 August 2019
Reviewed by:
Jamie Ilton
Assistant Auditor
22 August 2019
Approved by:
Patricia Prat
Operations Manager
22 August 2019
Activity 3.4 Non-Conformance Matrix
Instructions to Learners:
Using the data from Activity 2.5 and Activity 3.2, Learners are required to develop a Non-Conformance Matrix, which will be provided to SSS’S Business Owner, with the Non-Conformance Report.
Learners are required to complete the report in the template below:
Where a learner is submitting a work sample for this activity, a third party report must be provided.
Non-conformance matrix
The matrix below summarises the minor and major Non-Conformities in clause 5 Leadership of ISO 9001:2016 Systems Management –requirements
Example layout
Clause &
Standard Number
Standard summary
Status
C—Compliant
NC—Non- Compliant
Evidence sighted & comments
Details of non-conformance/s & corrective action required
*only detail non conformities*
Suggested date for corrective action
4.2.1
Documentation Requirements- General
NC
QAM, Quality Policy, Observations
4.2.1f) Taken from your non-conformance & corrective action reports.
18.10.2017
Clause &
Standard Number
Standard summary
Status
C—Compliant
NC—Non- Compliant
Evidence sighted & comments
Details of non-conformance/s & corrective action required
*only detail non conformities*
Suggested date for corrective action
5.1.1a
Accountability for effectiveness of QMS
NC
Incomplete evidence
CAR008 Mis – Corrective Action Report
NCR019 Mis – Version control register
NCR010 PD does not define responsibility
NCR010 Policy does not identify role responsible
NCR019 Mis – version control register
Tuesday 10 September 2019
5.1.1b
Quality policy and objectives are established for the QMS system in context of the organization
NCR008 No evidence of version control
CAR005No induction item
NCR005 Mis – mission statement
Tuesday 10 September 2019
5.1.1c
Interaction of QMS aligns to organization business process
CAR007Risk management is not on the induction list CAR013Mis- staff surveys, training reports
CAR017TNA out of date
Tuesday 10 September 2019
5.1.1d
Promote process approach to risk based thinking
NCR 008 Mis – version control
NCR 001 Mis - CI register
Tuesday 10 September 2019
5.1.1e
Ensure resources for QMS are available
CAR 010Mis – staff handbook NCR 008 Mis – version control NCR 001 Mis – No CI register
NCR 010 Reference not available on PD
NCR 018 Mis – version control register
Tuesday 10 September 2019
5.1.1f
Communicate importance of QMS to conform to system requirements
CAR 008Mis – corrective action register
CAR 002 Mis – communication register
NCR 008 Mis – version control register
CAR 001 Mis – meeting minutes
Tuesday 10 September 2019
5.1.1g
Ensure QMS achieves intended results
NCR 008 Mis – version control
Tuesday 10 September 2019
5.1.1h
Engage, direct and support contributions to the effectiveness of QMS
CAR 004 Mis – induction item
NCR 017 Mis – training manual
NCR 017 Incomplete training records
Tuesday 10 September 2019
5.1.1i
Promoting improvement
NCR 001 Mis –CI register
NCR 006 No actions in customer feedback register
CAR 001 Mis – meeting minutes
CAR 014 No evidence of response to feedback
Tuesday 10 September 2019
5.1.1j
Support relevant management to demonstrate leadership within their area of responsibility
NCR 009 Not all PDs available
Tuesday 10 September 2019
5.1.2a
Statutory and regulatory requirements are met
CAR 012 Mis – subscriptions
CAR 001 Meeting minutes not available
Tuesday 10 September 2019
5.1.2b
Customer satisfaction, risks and opportunities are determined and addressed
CAR 003 Mis – Customer feedback register with actions
CAR 014 No evidence of loop available
Tuesday 10 September 2019
5.1.2c
The focus on enhancing customer satisfaction is maintained
CAR 011Mis – staff meeting agenda does not include agenda item to customer satisfaction
CAR 004 Mis – induction item
Tuesday 10 September 2019
5.2.1a
Contextualize the organization’s strategic direction
NCR 016 Mis – strategic plan
Tuesday 10 September 2019
5.2.1b
Provide framework for quality objectives
NCR 004 Mis – example of quality framework process
Tuesday 10 September 2019
5.2.1c
Includes a commitment to satisfy applicable requirements
NCR 015 Mis – quality statement
Tuesday 10 September 2019
5.2.1d
Includes a commitment to CI of the QMS
NCR 001 Mis – CI register
Not all PDs available
Tuesday 10 September 2019
5.2.2a
Quality policy is available and maintained
NCR 002 Mis – document register
NCR 014 Mis – quality manual
CAR 016 Not all staff inductions available or completed
Tuesday 10 September 2019
5.2.2b
Quality policy communicated, understood and applied
5.2.2c
Be relevant
NCR 007 No description available in the Quality Policy about stakeholder access
NCR019Mis – privacy and confidentiality policy
NCR 003 Mis – document release policy
Tuesday 10 September 2019
5.3a
Responsibility for QMS conforming to ISO
NCR 009 Not all PDs available
Tuesday 10 September 2019
5.3b
Responsibility for processes delivering intended outputs
NCR 012 Mis – project plans and evaluation
CAR 001 No meeting minutes available
Tuesday 10 September 2019
5.3c
Responsibility for reporting on QMS performance and opportunities for improvement
NCR 013 Mis – quality action plan
NCR 001 Mis – CI activity register
CAR 006 Reporting requirements not available
NCR 001 Mis – CI register
CAR 001 No meeting minutes available
Tuesday 10 September 2019
5.3d
Responsibility for promotion of customer focus
CAR 001 No meeting minutes available
CAR 015 No newsletters, intranet or other staff communication available
CAR 004 No induction item available
Tuesday 10 September 2019
5.3e
Responsibility for maintenance of QMS integrity when changes are planned and implemented
NCR 009 Not all PDs available
NCR 008 Mis – version control
CAR 001 No meeting minutes available
Tuesday 10 September 2019
Section 4 –Lead & Manage Team Effectiveness
Section 4 describes the requirements for the Unit of Competency, BSBWOR502 Lead and manages team effectiveness. This Unit of Competency describes the skills and knowledge required to lead teams in the workplace and to actively engage with the management of the organisation.
It applies to individuals working at a managerial level who facilitate work teams and build a positive culture within their work teams. At this level, work will normally be carried out using complex and diverse methods and procedures requiring the exercise of considerable discretion and judgement, using a range of problem solving and decision making strategies.
Learners are required to meet the following assessment conditions for this Unit of Competency.
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the industry capability - workplace effectiveness field of work and include access to:
workplace documents
case studies and, where possible, real situations
office equipment and resources
interaction with others
Tick upon completion of activities:
ACTIVITY SUBMISSION
☐
Activity 4.1 Policy and Procedures
Activity 4.1 Policy & Procedures
Instructions to Learners:
As the Lead Auditor, it is included within your role, to ensure you lead and manage your audit team.
Learners are required to develop a policy and procedure that would be presented to members of an audit team prior to the audit. The policy and procedure must ensure team members take responsibility for own work, assist others to undertake required roles and responsibilities and ensure any issues, concerns and problems identified by team members are recognised and addressed.
Each document should contain, but not limited to the following:
Policy
Purpose – why is the policy required
Scope – what does the policy apply to
Definitions – as required
Policy Statement – details of the policy
Non-Conformances if policy not followed
Key personnel responsible for the policy
Related documents – are there any documents that are required within the policy
Review timeframe
Procedure
Purpose – why is the procedure required
Scope – what does the procedure apply to
Procedure Steps – how will the procedure be completed
Non-Conformances if policy not followed
Key personnel responsible for the policy
Related documents – are there any documents that are required within the policy
Review timeframe
Learners are required to complete this activity in the policy and procedure templates below. Learners may submit work samples that they have developed for this activity, along with a third party report.
Policy
Policy Title:
Auditing Policy
Scope:
Internal and External Auditing of systems against specified requirements
Definitions:
As per ISO and relevant Standards, Codes, Legislation and regulation requirements
Policy Statement:
To provide independent and objective assessment of the system being audited
Non-Conformances:
To identify breaches in compliance to specified requirements
Key Personnel Responsible:
Lead Auditor – to provide clear and concise direction in the management of the audit process
Team Auditor – to provide technically and grammatically correct assessment of the system being audited in a timely manner.
Auditee – The person being audited.
Point of Contact – The interface person of the organization being audited.
Related Documents:
Auditee QMS documentation in accordance with Audit plan
Review:
This policy shall be reviewed in accordance with The A Team Auditing management review schedule.
Procedure
Procedure Title:
Auditing Procedure
Scope:
Internal and External Auditing of systems against specified requirements.
Procedure Steps:
Step 1 – Define Audit Scope, requirements, cost and letter of introduction
Step 2 – Develop Audit Plan including scope, requirements, schedule, resources required, GAP, Checklists and other supporting documents
Step 3 – Training and induction of Audit team
Step 4 – Conduct Audit Entry meeting and finalize scope, location and Auditee availability
Step 5 – Commence Audit activities
Step 6 – Ongoing assessment of Auditors and problems during audit and review deficiencies identified during the audit
Step 7 – Compile and assess audit verification documentation
Step 9 – Review and discuss audit queries or clarifications with auditors
Step 10 – Conduct Exit meeting with relevant parties including CAR responses and action plan
Step 11 – Audit review including:
Audit scope was achieved in a professional and objective manner in within the time constraints of the audit plan
The reporting was compiled in a technically compliant and grammatically acceptable manner
That Risks were identified and categorized in accordance with Risk procedure guidelines
That any conflict between parties have been resolved with minimum impact to the audit process and schedule
Step 12 – Issue Final Report
Policy Statement:
To provide independent and objective assessment of the system being audited
Non-Conformances:
To identify breaches in compliance to specified requirements
Key Personnel Responsible:
Lead Auditor – to provide clear and concise direction in the management of the audit process:
Team Auditor – to provide technically and grammatically correct assessment of the system being audited in a timely manner
Auditee – The person being audited
Point of Contact – The interface person of the organization being audited.
Related Documents:
Auditee QMS documentation in accordance with Audit Plan
Review:
This procedure shall be reviewed in accordance with the A Team Auditing management review schedule.
Section 5 –Manage Risk
Section 5 describes the requirements for the Unit of Competency, BSBRSK501 Manage Risk. This unit describes skills and knowledge required to manage risks in a range of contexts across an organisation or for a specific business unit or area in any industry setting.
It applies to individuals who are working in positions of authority and are approved to implement change across the organisation, business unit, and program or project area. They may or may not have responsibility for directly supervising others.
Learners are required to meet the following assessment conditions for this Unit of Competency.
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the regulation, licensing and risk - risk management field of work and include access to:
relevant legislation, regulations, standards and codes
relevant workplace documentation and resources
case studies and, where possible, real situations
interaction with others
Tick upon completion activities:
ACTIVITY SUBMISSION
☐
Activity 5.1 Establishing a Risk Management Process
☐
Activity 5.2(a) Participation of Relevant Parties
☐
Activity 5.2(b) Researching and Using Tools and Techniques to Generate Risks
Activity 5.1Establishing aRisk Management Process
Instructions to Learners:
Learners are required to establish, identify, analyse, select and implement treatments for identified risks.
Learners are to refer to the case study; SSS RTO located in the learner’s resource folder and reviews the RTO’s information, establishing areas of risk.
Learners are required to review SSS RTO’s processes, procedures and requirements for undertaking risk management. Upon reviewing SSS RTO’s processes, procedures and requirements, learners are required in the template below, to detail the following:
Determine the scope for risk management
Identify internal and external stakeholders and their issues
Review political, economic, social and technological policy (PEST Analysis)
Review strengths and weaknesses of existing arrangements (SWOT Analysis)
Document critical success factors (CFS), goals or objectives, included in the scope
Required support
Communicate the risk management process and invite participation with relevant parties
The required documentation to assist learners with this activity is located in the learner’s resource folder.
SSS RTO’s Risk Management Process
Scope
To complete and external audit on SSS with ISO 9001:2016 Quality Management – Requirements Clause 5
Stakeholders
Internal
External
SSS staff and personnel
The A Team Auditors and if required external auditing consultants
PEST Analysis
Political – non compliant to ASQA requirements, NSW WHS 2011 act/regulations 2017, (potential) WA legislation and regulation)
Economic – Closure and removal of scope (Qualifications) from ASQA, Lawsuits from employees (bullying and harassment charges), LTI / LTD
Social – Reputational (negative / poor), media exposure
Technological – IT system failure, communication systems failure, not user friendly
SWOT Analysis
Strengths
Weaknesses
S – compliant to ASQA standards as current
O – when audit conformance is achieved opportunity to expand into WA, Audit from ASQA
W – loss of business / income, negative reputation
T – Negative social reputation/media
Critical Success Factors (CFS)
Adhere to advise provided by The A Team Auditing on the audit findings
Required Support
As outlined in the welcome email from The A Team Auditing and entry meeting, Jeffrey Pearce and his team are available upon request
Communication
Email, Phone
Activity 5.2 Identifying Risks
Instructions to Learners:
In Section 5, learners are required to identify risks for SSS RTO. Learners will engage four (4) SSS RTO team members and complete the following:
Invite relevant parties to assist in the identification of risks
Research risks that may apply to scope
Use tools and techniques to generate a list of risks, in consultation with relevant parties
Activity 5.2(a)Participation of Relevant Parties
Instructions to Learners:
Learners are required to review the profile of each SSS RTO team member and select four (4) team members to assist with the identification of risks.
Learners are required to identify each team member to be invited and outline why they chose this team member to be involved in this process.
For each individual, learners are required to briefly describe why they chose the mode of communication they will use to inform and invite each individual to partake in the process.
Learners are required to complete this activity in the template below:
Team Member 1
Patricia Prat – Operations Manager
Oversees operational activities, Authority to make executive decision
Team Member 2
Henry Hogan – HR Manager
Major responsibilities for the creation of missing (Major NCR) policies and procedures
Team Member 3
Steven Sibley – Compliance Manager
All major non-compliant NCR’s and CAR set against ISO 9001:2016 Quality Management Systems – Requirements Clause 5, and NVR Standards 2015 set out by ASQA
Team Member 4
Rebecca Right – Office Manager
IT infrastructure and OHS risks to the office
Activity 5.2(b) Researching& Using Tools & Techniques to Generate Risks
Instructions to Learners:
SSS RTO, has requested you review the identified risks in their Risk Management Register. Upon reviewing the register, you notice there are risks which have not been identified and recorded.
Learners are required to research risks that may apply to the scope for SSS RTO. Learners are required to select two (2) research methods located in the learner guide. Learners are required to outline, why they chose the methods, what research was conducted (this is simulated) and the risks identified from the research in the template below.
Once learners have researched risks, they are required to choose one (1) risk and tool or technique, outlined in the learner guide and develop a systematic approach to prevent, manage or eliminate the risk. Learners are required to complete the activity on a document separate to the workbook and attach for submission with workbook. Ensure this activity is clearly labelled i.e. Learners Name_Activity 5.2(b)
Risk Research
Method 1
A SWOT analysis was conducted on SSS RTO which reviewed the strength and weaknesses of the business. This method was chosen to outline the strengths and weaknesses of the organization. Risk registers were reviewed in this instance as well as research conducted to identify trends within the RTO space, those that succeeded and those that failed. Some of the risks identified include:
Top Management heavy
Ensuring customer feedback forms assessed to allow ongoing improvement
Strong business plan not in place which can allow for easy movement interstate
External factors such as theft which can cost the business time and money to replace
External factors such as natural disasters
Method 2
A PEST analysis was conducted for SSS RTO which outlines the potential risks within the external environment in the form of identifying political, economic and technological factors. Some of the risks identified for SSS are as follows:
Planned and unplanned legislation changes could affect the business
Political changes
Customer trends and attitudes
Advertising and brand issues
Technological advances
Innovation and R&D
Local tax and inflation rate changes
Section 6 – BSBINM501 Manage an Information or Knowledge Management System
This unit describes the skills and knowledge required to organise training for others for an information or knowledge management system and to manage the use of the system.
It applies to individuals who are responsible for seeing that key information and corporate knowledge are retained, accessible to others and improve business outcomes.
The unit applies to information or knowledge management systems which comprise policies, protocols, procedures and practices to manage information or knowledge within the organisation and among relevant stakeholders.
Learners are required to meet the following assessment conditions for this Unit of Competency.
Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the knowledge management – information management field of work and include access to:
relevant legislation, regulation, standards and codes
relevant workplace systems, documentation and resources
case studies and, where possible, real situations
interaction with others
Tick upon completion of activities:
ACTIVITY SUBMISSION
☐
Activity 6.1 Learning Plan for Information Management System
☐
Activity 6.2 Manage Use of Information Management System
Activity 6.1 Learning Plan for Information Management System
Instructions to Learners:
During the audit, it was identified that the staff of SSS RTO, were having issues using their information management system.
You and your audit team identified this and you have been asked to provide assistance in organising learning to use the information management system.
Learners are required to develop a plan that will be presented to the Senior Management of SSS RTO. The plan is required to outline the following requirements:
Identification of learning needs for team members Identification and plan to secure human, financial and physical resources required for the learning
Outlining a plan for organisation and facilitation of the learning
Promotion and support of the system within SSS RTO
Plan on how to monitor and document effectiveness of the learning
Refer to the case study SSS RTO documents located in the learner resource folder to assist with this activity.
SSS RTO Learning plan for information management system
Team Members
Simon Smith
Patricia Prat
Terry Troutback
Rebecca Right
Henry Hogan
Joan Jolly
Beatrix Botter
Alison Alwell
Michael Carmichael
Willard Woo
Learning Requirements
Has access to the SIM
Outline the plan for the organisation and facilitation of learning
SSS RTO currently uses an internal computer system known as SIM to complete everyday tasks. It is imperative that all staff are made aware of the system and become proficient in its use.
It would be beneficial for the business to have the original trainers
Promotion and support of information system
Monitor and document effectiveness of learning
Activity 6.2 Manage Use of Information Management System
Instructions to Learners:
Learners are required to develop a plan on how to manage the use of the information management system. This plan should outline the following:
Assurance of implementation of correct policy and procedures (compliance, effectiveness, efficiency, implementation issues etc.)
How to monitor integration and alignment with data and information systems
Collection of information on achievement of performance measures
Management of contingencies (system failure, technical difficulties, use of technical specialists, consultants, auditors)
Analysis of effectiveness of system (strengths and limitations)
Review of business and operational plan, determining how effective system is contributing to organisations intended outcomes
Recommendations for improvements to system, policy or work practices
Management of information management system
Required Policy and Procedures:
Monitoring of integration & alignment:
Collection of information on performance:
Management of contingencies:
Effectiveness of system:
Review of business and operational plan:
Recommendations:
Congratulations, you have now completed workbook 2.
