Competency Unit: Exemplar Global TL Leading Management Systems Audit Teams

Transcription

1 Please visit: for your region s Principal Office contact details. info@exemplarglobal.org Competency Unit: Exemplar Global TL Leading Management Systems Audit Teams How to use this document The purpose of this Competency Unit is to give Training Providers detailed information on the performance criteria required of those who are seeking to become certified Exemplar Global Leading Management Systems Audit Teams Auditors. This competency unit applies to the knowledge requirements for several Exemplar Global personnel certification programs. A Training Provider is someone who has received the Exemplar Global Training Provider and Examiner Certification Scheme (TPECS) certification for the development and delivery of the acronym examination. A potential Exemplar Global TL Auditor is someone who conducts Leading Management Systems Audit Teams audits. To become a certified Exemplar Global TL Auditor, an individual must show evidence that they have adequate skills in the five (5) areas of Competencies shown in the tables below. These individuals show competency by meeting the performance criteria shown in the second column. Training Providers are responsible for ensuring that these individuals provide adequate evidence of the performance criteria, according to the Evidence Guide. Training Providers use an accompanying Examination Profile to document how evidence will be collected and are authorized to administer the TPECS Competency Unit examination through their TPECS certification. All TPECS examinations will measure the performance criteria shown in this competency unit as written. Document Ref: TCD41 Exemplar Global TL Comp Unit Edition: 4 Page: 1 of 5 Issued: 3-Feb-14 Printed : 3-Feb-14

2 1.1 The roles and responsibilities of audit team leaders as identified in ISO 19011:2011 are understood and applied when planning a team audit. 1. Establish and plan the activities of an audit team. 1.2 The audit objectives, scope, and criteria are understood and incorporated into the audit planning. 1.3 Appropriate audit methods are selected as outlined in ISO 19011: The requirements for selecting audit teams are understood and applied. 1.5 Auditor responsibilities are determined to achieve audit objectives and selected audit methods. 1.6 An audit plan is prepared that identifies and allocates team members according to audit criteria, objectives, scope, and selected audit methods and determines the need for technical experts. 1.7 The risks to an audit programme, risks associated with the audit process and the achievement of the audit objectives are understood and considered in the development of the audit plan. E1.1 On-site team audit activities are planned and documented. The feasibility of an audit based on available audit team resources and associated risks are accurately determined. Appropriate checklists and other suitable work documents are accurately prepared, including confidentiality and information security agreements. E1.2 Relevant reference standards and other relevant documents are identified without error or omission and made available to appropriate team members as applicable. E1.3 Various audit methods are described and selected for specific audit scenarios. The use of on-site and remote-auditing techniques is explained. E1.4 An audit team is selected based on the auditee s business operations, required competencies, experience, and role in the audit. E1.5 Audit team members are assigned audit tasks that best match their competencies and experience with the auditee s business operations. E1.6 A written audit plan, which identifies the objectives of the audit, audit timings, the roles and responsibilities of all team members, is accurately prepared and meets the requirements of ISO 19011:2011. E1.7 Risks to the organization created by the audit are identified, evaluated, and addressed in the audit plan (e.g., the audit team s presence posing threats to products/services, not achieving objectives, not completing the audit, etc.). See E Annex Document Ref: TCD41 Exemplar Global TL Comp Unit Edition: 4 Page: 2 of 5 Issued: 3-Feb-14 Printed : 3-Feb-14

3 2. Communicate effectively with the auditee and audit client. 2.1 The objectives and purpose of the opening meeting are understood and opening meetings are conducted so that the audit scope, objectives, and criteria are properly communicated. E2.1 A detailed and precise agenda for an opening meeting is developed, that includes all relevant items outlined in ISO 19011:2011, and methods for managing the opening meeting are described Organize and direct audit team members. 2.2 The communication responsibilities of team leader and audit team members during the audit are understood and applied. 2.3 Effective conflict management skills are used during the audit. 2.4 The objectives and purpose of the closing meeting are understood and closing meetings are conducted so that proper information regarding the audit findings and conclusions and the audit s next steps are communicated. 3.1 Audit team members roles and responsibilities are defined and the audit team s tasks and timelines are managed throughout the audit. E2.2 The types of communication (e.g., formal arrangements for communication within the audit team or with the auditee and client, periodic communication of the audit progress with auditee, etc.) required at certain points in an audit (e.g., audit progress, risk of not achieving audit objectives, adjustment of audit plans, etc.) are described. E2.3 Typical areas of conflict among team members or between the audit team and auditee are identified for a given audit situation, and resolutions for those situations are described (e.g., techniques of conflict resolution, timeframes, points of agreement, etc.). E2.4 A detailed and precise agenda for a closing meeting is developed, that includes all relevant items outlined in ISO 19011:2011, and methods for managing the closing meeting are described. E3.1 The roles and responsibilities of the audit team members, including their independence and competence, is documented in the audit plan (see E1.6). Methods in which team activities may be managed during an audit are explained, including methods that may be used to ensure effective and efficient audit outcomes Document Ref: TCD41 Exemplar Global TL Comp Unit Edition: 4 Page: 3 of 5 Issued: 3-Feb-14 Printed : 3-Feb-14

4 3.2 Audit progress is monitored against the audit plan (e.g., schedule, the audit criteria and objectives, etc.). E3.2 An audit plan is analyzed against current audit progress for a given audit scenario. Appropriate actions are described that will ensure continued progress towards meeting the audit plan and 4. Prepare and complete the audit report. 5. Use remote auditing methods. 3.3 Team briefings are scheduled and conducted, and the purpose and content of these briefings are understood. executing the closing meeting on time. E3.3 The written audit plan (see E1.6) includes appropriate team briefings. Information is collected in order to prepare for team member briefings. The briefings include the review and exchange of information, assessment of audit progress, and reassignment of work as needed. 3.4 Lead the team to reach consensus on audit findings. E3.4 Techniques for reaching consensus on audit findings are described. Actions that must be taken when consensus cannot be achieved (e.g., documentation in the audit report, etc.) are explained. 4.1 Distribution of the audit report is agreed with the audit client and documented in the audit procedures or audit plan. 4.2 The audit report summarizes the audit findings objectively, using only verified facts. 4.3 The follow-up activities are agreed upon and documented in the audit report. 5.1 The feasibility of using remote auditing activities is determined. E4.1 The process for audit report distribution is described, including issues related to recipients, security, timeline, how the report will be distributed, etc. E4.2 An audit report is prepared accurately addressing all the findings of a given audit, including the relevant items outlined in ISO 19011:2011. E4.3 Typical audit follow-up activities are described (e.g., corrective action requests, improvement opportunities, verification of actions, etc.) and the process by which these activities are managed is explained (e.g., actions taken by audit team and team leader, information security, etc). E5.1 The feasibility of using remote auditing methods for a given audit is evaluated (e.g., based on the confidence in the management system, type of interactions with the auditee required, evidence to be collected, audit criteria or objectives, etc.) and recommendations are made for specific parts of an audit where remote auditing may be utilized B Document Ref: TCD41 Exemplar Global TL Comp Unit Edition: 4 Page: 4 of 5 Issued: 3-Feb-14 Printed : 3-Feb-14

5 5.2 Remote auditing methods are incorporated within an audit plan and indicated in audit reports, where applicable. E5.2 The written audit plan (see E1.6) appropriately designates where remote auditing may be used in order to enhance the efficiency and effectiveness of the audit. The use of remote auditing methods in an audit is 5.3 Various types of technology and tools are used to collect objective evidence when conducting remote auditing activities. appropriately indicated in the audit report. E5.3 The types of technology available (e.g., conference call, web/internet meetings, etc.) are described and appropriately used. The ways in which auditing tools or work documents are used within a remote auditing situation are described. Document Ref: TCD41 Exemplar Global TL Comp Unit Edition: 4 Page: 5 of 5 Issued: 3-Feb-14 Printed : 3-Feb-14