Title Page

  • Audit date :

  • Audit reference :

  • Auditor :

  • Auditee :

Mandatory Audit Questions

  • Are procedures being audited meeting the requirements of the where applicable e.g., ISO 9001:2015 and customer-specific codes of practise?

  • Are documents accessible and readily available on the master register?

  • Are documents in use the correct revisions?

  • Have the relevant staff been trained on these documents?

  • Are training records up-to-date with the current documents?

  • Any NC Raised in Previous Audit closed?

Audit Specific Questions

  • Is the organization's strategic direction defined to achieve its goals?

  • Evidence

  • Is the company aware of the key internal and external issues that influence the business

  • Evidence

  • Are processes in place to capture, monitor and review these issues

  • Evidence

  • Has the organisation identified the needs and expectations of internal & external parties

  • Evidence

  • Has the organisation undertaken a SWOT analysis to review and evaluate current business strategies

  • Evidence

  • Are weaknesses and threats identified in the SWOT analysis used as inputs to the identify risk and opportunity

  • Evidence

  • Is there a register of identified internal & external risks and their treatment

  • Evidence

  • Are policy statement(s) regarding the organization's purpose and strategic direction in place e.g., Mission Statements, vision and core values

  • Evidence

  • Is there evidence that all pertinent internal and external issues at reviewed periodically

  • Evidence

  • Are records of meetings available where context is routinely discussed and monitored

  • Evidence

  • Are structured risk assessments of external and internal issues available

  • Evidence

  • Is feedback obtained from employees through opinion surveys

  • Evidence

  • Is documented information describing organizational context, included as part of a quality manual

  • Evidence

  • Do documented interested parties include as a minimum customer, partners, end users, external providers, owners, shareholders, employees, government agencies, regulatory authorities, local community [if applicable]

  • Evidence

  • Has the organisation considered which stakeholder requirements generate compliance or legal obligations and those that are relevant to the management system, & is this documented

  • Evidence

  • Are relevant are requirements of interested parties used as inputs into the management system planning process, as potential risks and opportunities

  • Evidence

  • Is there evidence that interested parties’ requirements are reviewed and updated when changes in their requirements occur, or when changes within the organization’s management system are planned.

  • Evidence

  • Has the organisation document the scope of the management system management this must be retained as documented information

  • Evidence

  • Does the scope describe the range of products services; different sites and activities, facilities, remote locations; external provision of processes, products and services, common support provided by centralised functions that are covered under, and supported by the management system.

  • Evidence

  • Where exclusion to non-applicable requirements of the ISO9001standard apply are these documented and justified

  • Evidence

  • Is there a process model that explains the key processes of the business and how each relates and links to the others such as design and development, manufacturing, customer service and purchasing.

  • Evidence

  • Are process inputs and outputs defined and interactions documented.

  • Evidence

  • Has the organisation determined which processes are responsible for meeting which requirements

  • Evidence

  • Has the organisation document the supporting management system processes and their sequence and interactions such as human resources, finance, document control, training and facilities maintenance, etc. Note: depth of process explanation may be as detailed as the company chooses

  • Evidence

  • Where used are outsourced processes controlled and are controls defined and described

  • Evidence

  • Does the organisation monitor the outsourced process for effectiveness and improvement

  • Evidence

  • If an outsourced process is controlled through purchasing, is there documented objective evidence to ensure that these processes are being controlled beyond the basic purchasing requirements

  • Evidence

Opportunity For Improvement

  • Number of OFI raised :

  • Details

  • Have the OFI details been added to HubSpot

Non-conformance

  • Number of Non-conformances raised :

  • Details

  • Have the Non-conformance details been added to HubSpot

The templates available in our Public Library have been created by our customers and employees to help get you started using SafetyCulture's solutions. The templates are intended to be used as hypothetical examples only and should not be used as a substitute for professional advice. You should seek your own professional advice to determine if the use of a template is permissible in your workplace or jurisdiction. You should independently determine whether the template is suitable for your circumstances.