Information
Danner / LaCrosse ISO 9001:2015 Internal Audit Report
-
Audit Number (example: 24-09)
-
Department Audited
-
Site (PDX Factory or Corporate)
-
Date Audit Conducted
-
Audit Attendee(s)
-
Prepared by (Lead Auditor)
4 Context of the organization
Introduction
-
Please complete all sections starting immediately below. This internal audit assessment will evaluate the compliance of the Danner / LaCrosse Quality Management System with ISO 9001:2015 standards. Remember to attach evidence to items where required, and to sign off and complete this audit assessment in the final section.
4.1 Understanding the organization and its context
-
The organization has determined external and internal issues relevant to its purpose and strategic direction.
-
The organization monitors and reviews information about these internal and external issues.
4.2 Understanding the needs and expectations of interested parties
-
The organization determines relevant interested parties of the QMS.
-
The organization has determined the relevant needs and expectations of interested parties.
-
The organization has determined the impact or potential impact of interested parties.
-
The organization monitors and reviews information about interested parties and their relevant requirements.
4.3 Determining the scope of the quality management system
-
The QMS scope considers external and internal issues.
-
Determines requirements of relevant interested parties.
-
Determines products and services of the organization.
-
The organization has determined how the ISO 9001:2015 standard is applied within the organization.
-
QMS scope is documented.
-
The scope states what products and services are covered by the QMS.
4.4 Quality management system and its processes
-
The processes have been determined and how they interact.
-
The processes for the QMS were determined - verify the inputs and outputs to the processes.
-
The sequence and interaction of the processes.
-
The criteria, methods, measurement and related performance indicators needed to operate and control the processes are adequate.
-
Resources are determined and allocated.
-
Responsibilities and authorities are determined.
-
Risks and opportunities are considered and what actions are taken to address them.
-
Reviewed what methods are used to monitor, measure and evaluate processes.
-
Reviewed how opportunities for improvement for the QMS and its processes are determined.
-
Changes, if needed, are implemented to achieve intended results.
-
Reviewed documented information created to support the operation of its processes.
5 Leadership
5.1 Leadership and commitment
-
Top management is identified.
-
Top management demonstrates leadership and commitment by taking accountability for QMS effectiveness.
-
The QMS policy and objectives are established and are compatible with strategic direction and context of organization.
-
The QMS is integrated into organization's business processes.
-
Top management is promoting the use of the process approach and risk-based thinking.
-
Communicating the importance of effective QMS and of conforming to its requirements ensuring intended outcomes.
-
Engaging, directing and supporting persons to contribute to the effectiveness of the QMS.
-
Top management promotes continuous improvement.
-
Supports other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility.
-
Top management demonstrates leadership and commitment with respect to customer focus.
-
Customer and applicable statutory and regulatory requirements are determined, understood and consistently met.
-
The risks and opportunities that affect product and service conformity and the ability to enhance customer satisfaction are determined and addressed.
-
The focus of enhancing customer satisfaction is maintained.
5.2 Quality Policy
-
The quality policy is appropriate to the purpose and context of the organization and supports its strategic direction.
-
Provides a framework for setting quality objectives.
-
Includes a commitment to satisfy applicable requirements.
-
Includes a commitment to continual improvement of the QMS.
-
The Quality Policy is maintained as documented information.
-
The Quality Policy is communicated, understood and applied within the organization.
-
The Quality Policy is available to relevant interested parties.
5.3 Organizational roles, responsibilities and authorities
-
Responsibilities and authorities for relevant roles are assigned and communicated within the organization.
-
Top management assigns responsibility and authority for ensuring the QMS conforms to the ISO 9001:2015 standard.
-
Ensure that processes are delivering their intended outputs.
-
Reporting on the performance of the QMS and on opportunities for improvement, in particular to top management.
-
Ensure the promotion of customer focus throughout the organization.
-
Ensure the integrity of the QMS is maintained when changes to the QMS are planned and implemented.
6 Planning
6.1 Actions to address risks and opportunities
-
The internal and external issues and interested parties are considered when planning for the QMS.
-
Risks and opportunities are determined and addressed so the QMS can achieve its intended results, prevent and reduce undesired effects and achieve continual improvement.
-
Actions are planned to address risks and opportunities.
-
Actions are integrated and implemented into the QMS processes.
-
The organization evaluates the effectiveness of the actions.
-
Actions are taken to address risks and opportunities determined as being appropriate to the potential impact on the conformity of products and services.
6.2 Quality objectives and planning to achieve them (KPI's, Goals)
-
Quality objectives are established at relevant functions, levels and processes.
-
The quality objectives are consistent with the quality policy.
-
The quality objectives are measurable, monitored and communicated.
-
The quality objectives are relevant to the conformity of products and services and to the enhancement of customer satisfaction.
-
The quality objectives are updated as appropriate.
-
The quality objectives are documented.
-
The organization determines what will be done, with what resources, when completed and how the results will be evaluated for quality objectives.
6.3 Planning of changes
-
QMS changes are planned systematically.
-
The organization demonstrates the purpose and potential consequences of changes.
-
The organization considers the integrity of the QMS.
-
Resources are made available for changes.
-
Responsibility and authority is allocated and reallocated.
7 Support
7.1 Resources
-
Verified how resources are determined for the organization.
-
The capabilities and constraints on internal resources are considered.
-
Needs from external providers are considered.
-
The organization provides persons necessary to consistently meet customer, applicable statutory and regulatory requirements for the QMS including the necessary processes.
-
The organization determines, provides and maintains the infrastructure for the operation of processes to achieve products and services conformity.
-
The organization determines, provides and maintains the environment for the operation of processes to achieve products and service conformity.
-
Resources are determined to ensure valid and reliable monitoring and measuring results.
-
The organization ensures that the resources provided are suitable for the specific type of monitoring and measurement activities being undertaken and that they are maintained to ensure continued fitness of purpose.
-
Verified documented information that shows evidence of fitness for purpose of monitoring and measurement resources.
-
Measurement instruments are verified or calibrated at specific intervals against national or international standards. If no standards, provide documented information which is used as the basis for calibration or verification.
-
Reviewed how measurement instruments are identified.
-
Reviewed how measurement instruments are safeguarded from adjustments, damage and deterioration.
-
The organization determines the validity of previous measurements if you find an instrument to be defective during verification or calibration - verify any actions taken.
-
The organization determines the necessary knowledge for the operation of processes and achieves conformity of products and services.
-
The organization determines current knowledge and how its acquires additional knowledge when addressing changing needs and trends.
-
Knowledge is maintained and made available to the extent necessary.
7.2 Competence
-
The organization determines the necessary competence of people doing work under their control that affects quality performance.
-
Competence is determined on the basis of appropriate education, training or experience.
-
Actions determined to acquire necessary competence where applicable and evaluate the effectiveness of those actions.
-
Verified documented information as evidence of competence where appropriate.
7.3 Awareness
-
Verified people doing work under the organization's control are aware of the quality policy.
-
Aware of the relevant quality objectives.
-
Aware of the implications of not conforming with the QMS requirements.
7.4 Communication
-
Verified internal and external communication process (what, when, with whom and how to communicate).
7.5 Documented information
-
Verified documented information required by the ISO 9001:2015 standard.
-
Verified documented information that shows the effectiveness of the QMS.
-
Documented information containing appropriate identification, format (language, software version, graphics) and media (paper, electronic).
-
Documented information is reviewed and approved for suitability and adequacy.
-
Controlled documented information and making it available and suitable for use. "Tell me how you protect your documented information".
-
The organization controls the distribution, access, retrieval, use, storage, preservation, legibility, control of changes, retention and disposition of documented information.
-
Verified documented information of external origin is identified, as appropriate, and controlled.
8 Operation
8.1 Operational planning and control
-
The organization has planned, implemented and controlled processes needed to meet the requirements of products and services.
-
Reviewed how requirements for products and services are determined.
-
Reviewed how criteria for processes and acceptance for products and services are determined.
-
Reviewed how resources are determined.
-
Reviewed how process control is implemented.
-
Documented information that demonstrates processes have been carried out as planned and can demonstrate conformity of products and services.
-
The output from the planning process is suitable for operations.
-
Planned changes are controlled, how unintended changes are reviewed and what actions are taken to mitigate any adverse effects, as necessary.
-
Reviewed how outsourced processes are controlled.
8.2 Determination of requirements for products and services
-
Processes are created for communicating with customers on information relating to products, services, contracts, order handling, customer views, perceptions and complaints.
-
Processes are created for handling or treatment of customer property and specific requirements for contingency actions.
-
Process to determine the requirements for products and services to be offered to potential customers and how the process is established, implemented and maintained.
-
Product and service requirements including statutory and regulatory requirements are defined.
-
The organization reviews customer requirements for delivery and post-delivery. The review is conducted prior to the organization's commitment to supply products and services to the customer.
-
The organization resolves differences in the contract or order requirements from those previously defined.
-
Reviewed documented information of reviews describing new or changed requirements to products and services.
-
Reviewed documented information of amended reviews and how relevant personnel are made aware of those changes.
8.3 Design and development of products and services
-
The design and development process is established, implemented and maintained.
8.3.2 Design and development planning
-
Reviewed determining the stages and control for design and development, and how the organization considers the nature, duration and complexity of the activities.
-
Reviewed required verification and validation.
-
Reviewed responsibilities and authorities.
-
Reviewed how interfaces are controlled between individuals and parties.
-
Reviewed the need for involvement of customer and user groups.
-
Verified documented information that confirms design and development requirements have been met.
8.3.3 Design and development inputs
-
Determined requirements essential for the type of products and services being designed and developed, the organization shall consider functional and performance requirements.
-
Reviewed statutory and regulatory requirements.
-
Reviewed standards or codes of practice that the organization has committed to implement.
-
Reviewed potential consequences of failure due to the nature of the products and services.
-
Verified that the inputs are complete and unambiguous.
-
Verified documented information on design and development inputs are retained.
8.3.4 Design and development controls
-
The organization applies controls to the design and development process.
-
Reviewed the results to be achieved are defined.
-
Reviews are conducted to evaluate the ability of the results of design and development to meet requirements.
-
Verification of activities are conducted to ensure that the resulting products and services meet the requirements for the specified application or intended use.
-
Validation of activities are conducted to ensure that the resulting products and services meet the requirements of the specified application or intended use.
-
Any necessary actions are taken on problems determined during the reviews, or verification and validation activities.
-
Verified documented information of these activities are retained.
8.3.5 Design and development outputs
-
The organization ensures the design and development outputs meet the input requirements.
-
The organization included or referenced monitoring and measuring requirements, as appropriate, and acceptance criteria.
-
The characteristics of the products and services that are essential for their intended purpose and their safe and proper provision.
-
Verified documented information on design and development outputs are retained.
8.3.6 Design and development changes
-
The organization identifies, reviews and controls changes made during, or subsequent to, the design and development of products and services, to the extent necessary to ensure that there is no adverse impact on conformity to requirements.
-
Documented information on design and development changes, the result of reviews, the authorization of changes and the actions taken to prevent adverse impacts are retained.
8.4 Control of externally provided processes, products and services
-
The organization ensures externally provided processes, products and services conform to specified requirements.
-
Controls applied to externally provided processes, products and services when products and services are intended for incorporation into the organization's own products and services.
-
Products and services are provided directly to the customer or a process, or part of a process, is provided by an external provider as a result of a decision by the organization.
-
The organization determines and applies criteria for the evaluation, selection, monitoring of performance and re-evaluation of external providers.
-
Verified documented information of activities and actions arising from the evaluations.
-
The organization determines controls applied to the external provision of processes, products and services and the resulting output.
-
The organization considers the potential impact of the external provided processes, products and services on its ability to meet customer and applicable statutory and regulatory requirements.
-
The organization determines the verification, or other activities, necessary to ensure the externally provided processes, products and services meet requirements.
-
The organization communicates to external providers its requirements for the processes, products and services to be provided.
-
The organization communicates approval of product and services; methods, processes and equipment; and the release of products and services.
-
Control and monitoring of the external providers' performance is conducted by the organization.
-
The organization verifies or validates activities that the organization, or its customer, intends to perform at the external providers' premises.
8.5 Production and service provision
8.5.1 Control of production and service provision
-
The organization has documented information that defines the characteristics of the products to be produced, the services to be provided or the activities to be performed and the results to be achieved.
-
The organization verifies the availability and use of suitable monitoring and measuring resources.
-
The implementation of monitoring and measuring activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met.
-
The organization verifies the use of suitable infrastructure and environment for the operation of processes.
-
The organization verifies the appointment of competent persons, including any required qualification.
-
Implemented actions to prevent human error (i.e. poke yoke, visual locations, checklist, emergency stops, templates, document control).
-
Implemented of release, delivery and post-delivery activities.
8.5.2 Identification and traceability
-
Reviewed how organization identifies outputs from the process to ensure conformity.
-
Reviewed how the organization identifies the status of process outputs.
-
The organization controls the unique identification of process outputs when traceability is required. Verify documented information of traceability, where required.
8.5.3 Property belonging to customers or external providers
-
Reviewed what care is provided to customers' or external providers' property.
-
The organization identifies, verifies, protects and safeguards customers' or external providers' property which is provided for use or incorporation into the organization's products or services.
-
Review retained documented information for property that is damaged or otherwise found to be unsuitable for use.
8.5.4 Preservation
-
The organization ensures preservation of the process outputs to ensure conformity to requirements.
8.5.5 Post-delivery activities
-
The organization considers meeting post-delivery activities, statutory and regulatory requirements.
-
Reviewed potential undesired consequences associated with its products and services.
-
Reviewed the nature, use and intended lifetime of its products and services.
-
Reviewed customer requirements and feedback.
8.5.6 Control of changes
-
The organization reviews and controls changes for production or service provision.
-
Reviewed retained documented information describing the results of the review of changes, the person(s) authorizing the change and any necessary actions arising from the review.
8.6 Release of products and services
-
Reviewed the appropriate stages product and service requirements have been met.
-
Products and services are not released to the customer until the planned arrangements have been satisfactorily completed, unless otherwise approved by relevant authority and, as applicable, by the customer.
-
Verified retained documented information that shows evidence of conformity with acceptance criteria and traceability to person(s) authorizing the release.
8.7 Control of nonconforming outputs
-
Outputs that do not conform to requirements are identified and controlled.
-
Appropriate action is taken for nonconforming products and services (also include after delivery of product or during/after the provision of services).
-
Action is taken for correction, segregation, containment, return or suspension of provision of products and services.
-
Action is taken for informing the customer and obtaining authorization for acceptance under concession.
-
Verify conformity to the requirements when nonconforming outputs are corrected.
-
Retain documented information that describes the nonconformity, describes actions taken, describes any concessions obtained and identifies the authority deciding the action in respect of the nonconformity.
9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation
-
The organization has determined what needs to be monitored and measured, the methods to be used, when it will be performed, analyzed and evaluated.
-
The organization evaluates the performance and effectiveness of its QMS.
-
Review retained appropriate documented information.
-
The organization monitors customers' perceptions of the degree to which their needs and expectations have been fulfilled.
-
The organization monitors and evaluates conformity of products and services.
-
The organization measures the degree of customer satisfaction and the performance and effectiveness of the QMS.
-
The organization evaluates if planning has been implemented effectively.
-
The organization analyzes the effectiveness of actions taken to address risks and opportunities.
-
The organization measures the performance of external providers.
-
The organization evaluates the need for improvements the the QMS.
9.2 Internal audit
-
Internal audits are conducted at planned intervals.
-
The organization has established, implemented, and maintains an internal audit program.
-
The importance of the process, changes affecting the organization and the results of previous audits are considered.
-
Audit criteria and scope are created for each audit.
-
Auditors are objective and impartial.
-
Audit results are reported to relevant management and top management.
-
Appropriate correction and corrective actions are taken without delay.
-
Review retained documented information.
9.3 Management review
-
Management reviews are conducted at planned intervals.
-
Inputs to management review include status of actions from previous management reviews.
-
Review changes in external and internal issues relevant to the QMS.
-
Review customer satisfaction and feedback from relevant interested parties.
-
Process performance and conformity of products and service.
-
Review nonconformities and corrective actions.
-
Review Monitoring and measurement results.
-
Review the performance of external providers.
-
Review adequacy of resources.
-
Review effectiveness of actions taken to address risks and opportunities.
-
Review opportunities for improvement.
-
Verify outputs to management review includes opportunities for improvement.
-
Review any need for changes to the QMS.
-
Review resource needs.
-
Verify retained documented information.
10 Improvement
10.1 General
-
The organization determines and selects opportunities for improvement to improve products and services, corrects, prevents or reduces undesired effects and improves the performance and effectiveness of the QMS.
10.2 Nonconformity and corrective action
-
The organization reacts to nonconformity, including complaints, by evaluating how its takes action to control and correct it and how it deals with the consequences.
-
The organization evaluates the need for action to eliminate the cause(s) of the nonconformity, in order that it does not recur or occur elsewhere.
-
The organization evaluates the effectiveness of actions taken.
-
The organization updates risks and opportunities determined during planning, if necessary.
-
Verify any changes made to the QMS, if necessary.
-
Verify retained documented information that provides evidence of the nature of the nonconformity and any subsequent actions taken and the results of any corrective actions
10.3 Continual improvement
-
Verify how the organization continually improves. Does it consider the results of analysis and evaluation and the outputs from management review to determine if there are needs or opportunities that shall be addressed as part of continual improvement?
Sign Off
Sign Off
-
Non-Conformance(s) - minor and/or major
-
If Non-Conformance(s) noted - Provide CAPA Number(s)
-
Opportunity for Improvement(s)
-
Observation(s)
-
Date Closing Meeting Conducted
-
I, the undersigned, have completed this audit in an accurate manner. I have attached evidence as required and declare this assessment complete.
-
Type full name in box provided and add signature (required)