aSQ The aUdITInG h a n d b o o k Fourth Edition J.P. Russell, editor The ASQ Auditing Handbook H1435_Russell_pi-378.indd 1 11/2/12 10:19 AM Also available from ASQ Quality Press: Quality Audits for Improved Performance, Third Edition Dennis R. Arter The Internal Auditing Pocket Guide: Preparing, Performing, Reporting and Follow-up, Second Edition J. P. Russell Auditing Beyond Compliance: Using the Portable Universal Quality Lean Audit Model Janet Bautista Smith Process Driven Comprehensive Auditing: A New Way to Conduct ISO 9001:2008 Internal Audits, Second Edition Paul C. Palmes AS9101D Auditing for Process Performance: Combining Conformance and Effectiveness to Meet Customer Satisfaction Chad Kymal Lean Acres: A Tale of Strategic Innovation and Improvement in a Farm-iliar Setting Jim Bowie Lean ISO 9001: Adding Spark to your ISO 9001 QMS and Sustainability to your Lean Efforts Mike Micklewright The Quality Toolbox, Second Edition Nancy R. Tague Mapping Work Processes, Second Edition Bjørn Andersen, Tom Fagerhaug, Bjørnar Henriksen, and Lars E. Onsøyen Root Cause Analysis: Simplified Tools and Techniques, Second Edition Bjørn Andersen and Tom Fagerhaug The Certified Manager of Quality/Organizational Excellence Handbook, Third Edition Russell T. Westcott, editor To request a complimentary catalog of ASQ Quality Press publications, call 800-248-1946, or visit our website at http://www.asq.org/quality-press. H1435_Russell_pi-378.indd 2 11/2/12 10:19 AM The ASQ Auditing Handbook P , i , U rinciPles mPlementation and se Fourth Edition ASQ Audit Division J. P. Russell, Editor ASQ Quality Press Milwaukee, Wisconsin H1435_Russell_pi-378.indd 3 11/2/12 10:19 AM American Society for Quality, Quality Press, Milwaukee 53203 © 2013 by ASQ All rights reserved. Published 2012 Printed in the United States of America 18 17 16 15 14 13 5 4 3 2 1 Library of Congress Cataloging-in-Publication Data The ASQ auditing handbook : principles, implementation, and use / ASQ Quality Audit Division ; J.P. Russell, editor.—4th ed. p. cm. Rev. ed. of: The quality audit handbook. 3rd ed. c2005. Includes bibliographical references and index. ISBN 978-0-87389-847-8 (alk. paper) 1. Auditing—Handbooks, manuals, etc. I. Russell, J. P. (James P.), 1945– II. ASQ Quality Audit Division. III. Quality audit handbook. HF5667.Q35 2013 657′.45—dc23 2012039493 No part of this book may be reproduced in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Publisher: William A. Tony Acquisitions Editor: Matt Meinholz Project Editor: Paul Daniel O’Mara Production Administrator: Randall Benson ASQ Mission: The American Society for Quality advances individual, organizational, and community excellence worldwide through learning, quality improvement, and knowledge exchange. Attention Bookstores, Wholesalers, Schools, and Corporations: ASQ Quality Press books, video, audio, and software are available at quantity discounts with bulk purchases for business, educational, or instructional use. For information, please contact ASQ Quality Press at 800-248-1946, or write to ASQ Quality Press, P.O. Box 3005, Milwaukee, WI 53201-3005. To place orders or to request a free copy of the ASQ Quality Press Publications Catalog, visit our website at http://www.asq.org/quality-press. Printed on acid-free paper H1435_Russell_pi-378.indd 4 11/2/12 10:19 AM Contents List of Figures and Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x Foreword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii Notes to the Reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xviii Part I Auditing Fundamentals ................................... 1 Chapter 1 Types of Quality Audits/Part IA .............................. 2 1. Method ......................................................... 2 2. Auditor- Auditee Relationship ...................................... 4 3. Purpose ......................................................... 6 4. Common Elements with Other Audits ............................... 8 Chapter 2 Purpose and Scope of Audits/Part IB ......................... 11 Audit Reason ...................................................... 11 1. Elements of Purpose and Scope ..................................... 13 2. Benefits of Audits ................................................. 16 Chapter 3 Criteria to Audit Against/Part IC ............................. 18 Discussion ......................................................... 18 Audit Requirements ................................................ 18 Chapter 4 Roles and Responsibilities of Audit Participants/Part ID ....... 21 Audit Participants .................................................. 21 Roles and Responsibilities ........................................... 22 Chapter 5 Professional Conduct and Consequences for Auditors/Part IE ... 26 1. Professional Conduct and Responsibilities ........................... 26 2. Legal Consequences .............................................. 38 3. Audit Credibility ................................................. 41 Part II Audit Process ............................................. 47 Chapter 6 Audit Preparation and Planning/Part IIA ...................... 49 1. Elements of the Audit Planning Process ............................. 51 2. Auditor Selection ................................................. 59 3. Audit- Related Documentation ...................................... 63 v H1435_Russell_pi-378.indd 5 11/2/12 10:19 AM vi Contents 4. Logistics ........................................................ 67 5. Auditing Tools and Working Papers ................................. 70 6. Auditing Strategies ............................................... 75 7. Communication and Distribution of the Audit Plan ................... 79 Chapter 7 Audit Performance/Part IIB .................................. 82 1. On- Site Audit Management ........................................ 82 2. Opening Meeting ................................................. 85 3. Audit Data Collection and Analysis ................................. 89 4. Establishment of Objective Evidence ................................ 97 5. Organization of Objective Evidence ................................. 98 6. Exit and Closing Meetings ......................................... 101 Chapter 8 Audit Reporting/Part IIC .................................... 107 1. Report Development and Content .................................. 107 2. Effective Reports ................................................. 116 3. Final Audit Report Steps .......................................... 118 Chapter 9 Audit Follow- up and Closure/Part IID ........................ 121 1. Elements of the Corrective Action Process ........................... 121 2. Review of Corrective Action Plan ................................... 123 3. Verification of Corrective Action .................................... 126 4. Follow- up on Ineffective Corrective Action ........................... 128 5. Audit Closure .................................................... 129 Part III Auditor Competencies ................................... 133 Chapter 10 Auditor Characteristics/Part IIIA ............................ 134 Education and Experience ........................................... 134 Interpersonal Skills ................................................. 136 Personal Traits ..................................................... 138 Chapter 11 On-Site Audit Resource Management/Part IIIB ............... 139 Time-Management Skills ............................................ 139 Chapter 12 Conflict Resolution/Part IIIC ............................... 141 Causes of Conflict .................................................. 141 Managing Difficult Situations ........................................ 142 Team Conflict ...................................................... 144 Chapter 13 Communication and Presentation Techniques/Part IIID ....... 145 Basic Rules for Effective Communication .............................. 145 Communication Technology ......................................... 146 Presentation Techniques ............................................. 150 Chapter 14 Interviewing Techniques/Part IIIE ........................... 151 Conversational Process .............................................. 151 Avoid Asking Leading Questions ..................................... 152 Interviewing a Group of People ...................................... 153 Using a Translator .................................................. 153 Corroborating Information ........................................... 153 Potential Problems .................................................. 154 H1435_Russell_pi-378.indd 6 11/2/12 10:19 AM Contents vii Chapter 15 Team Dynamics/Part IIIF ................................... 157 1. Team Building ................................................... 157 2. Team Facilitation ................................................. 159 3. Stages of Team Development ....................................... 160 Part IV A udit Program Management and Business Applications .................................... 163 Chapter 16 Audit Program Management/Part IVA ....................... 164 1. Senior Management Support ....................................... 164 2. Staffing and Resource Management ................................. 165 3. Auditor Training and Development ................................. 166 4. Audit Program Evaluation ......................................... 170 5. Internal Audit Program Management ............................... 174 6. External Audit Program Management (Supplier Audits) ............... 181 7. Best Practices .................................................... 186 8. Organizational Risk Management ................................... 188 9. Management Review Input ........................................ 194 Management Review ................................................ 195 Chapter 17 Business and Financial Impact/Part IVB ..................... 196 1. Auditing as a Management Tool .................................... 196 2. Interrelationships of Business Processes ............................. 199 3. Cost of Quality (COQ) Principles ................................... 200 4. Emerging Roles of the Auditor ..................................... 205 Part V Quality Tools and Techniques ............................ 207 Chapter 18 Basic Quality and Problem- Solving Tools/Part VA ............ 208 Pareto Charts ...................................................... 208 Cause-and-Effect Diagrams .......................................... 209 Flowcharts and Process Mapping ..................................... 210 Statistical Process Control (SPC) Charts ................................ 215 Checklists, Check Sheets, Guidelines, and Log Sheets .................... 220 Scatter Diagrams ................................................... 224 Histograms ........................................................ 225 Root Cause Analysis ................................................ 227 Plan-Do-Check-Act (PDCA/PDSA) Cycle ............................. 230 Chapter 19 Process Improvement Techniques/Part VB ................... 232 1. Six Sigma and the DMAIC Model ................................... 232 2. Lean ............................................................ 234 Chapter 20 Basic Statistics/Part VC .................................... 250 1. Measures of Central Tendency ...................................... 250 2. Measures of Dispersion ........................................... 251 3. Qualitative and Quantitative Analysis ............................... 253 Patterns and Trends ................................................. 255 Chapter 21 Process Variation/Part VD .................................. 260 1. Common and Special Causes (Theory of Variation) .................... 260 H1435_Russell_pi-378.indd 7 11/2/12 10:19 AM viii Contents 2. Process Performance Metrics ....................................... 264 3. Outliers ......................................................... 265 Chapter 22 Sampling Methods/Part VE ................................. 266 Types of Sampling .................................................. 266 Statistical Sampling (Random and Systematic) .......................... 268 Sampling Standards (Acceptance Sampling). . . . . . . . . . . . . . . . . . . . . . . . . . . . 269 Proportional Stratified Sampling ..................................... 272 Risks in Sampling .................................................. 273 Sampling Summary ................................................. 275 Chapter 23 Change Control and Configuration Management/Part VF ...... 278 Document Control .................................................. 278 Configuration Management Control .................................. 279 Conclusion ........................................................ 280 Chapter 24 Verification and Validation/Part VG ......................... 281 Techniques ........................................................ 281 Process Auditing and Techniques ..................................... 282 Chapter 25 Risk Management Tools/Part VH ............................ 283 Quantification of Risk ............................................... 283 Failure Mode and Effects Analysis .................................... 284 Critical to Quality .................................................. 285 HACCP ........................................................... 287 HHA .............................................................. 288 Appendix A ASQ Code of Ethics ...................................... 291 Appendix B Notes on Compliance, Conformance, and Conformity ........ 292 Compliance ........................................................ 292 Conformance ...................................................... 292 Conformity ........................................................ 292 Appendix C Example Guide for Technical Specialists (or Subject Matter Experts) ........................................... 294 Introduction ....................................................... 294 Contact ........................................................... 294 Job Description ..................................................... 294 The Report ........................................................ 295 Appendix D The Institute of Internal Auditors Code of Ethics ............ 296 Introduction ....................................................... 296 Applicability and Enforcement ....................................... 296 Principles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297 Rules of Conduct ................................................... 297 Appendix E History of Quality Assurance and Auditing ................. 299 Quality Assurance and Audit Functions ............................... 299 Theories and Practices in Auditing .................................... 301 Environmental, Safety, and Health Programs and Audit Functions ........ 304 H1435_Russell_pi-378.indd 8 11/2/12 10:19 AM Contents ix Appendix F Certified Quality Auditor Body of Knowledge ............... 306 Six Levels of Cognition based on Bloom’s Taxonomy (Revised) ........... 315 Appendix G Example Audit Program Schedule ......................... 317 Appendix H Example Third- Party Audit Organization Forms ............. 323 Appendix I Example Audit Reports .................................... 333 Appendix J Product Line Audit Flowchart .............................. 343 Appendix K First, Second, and Third Edition Contributors and Reviewers .......................................................... 345 Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351 Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363 H1435_Russell_pi-378.indd 9 11/2/12 10:19 AM