Pass ASQ CQA Exam in First Attempt Guaranteed!
Get 100% Latest Exam Questions, Accurate & Verified Answers to Pass the Actual Exam!
30 Days Free Updates, Instant Download!
CQA Premium Bundle
- Premium File 103 Questions & Answers. Last update: Feb 09, 2023
- Training Course 101 Lectures
Last Week Results!
|Download Free CQA Exam Questions|
Size: 80.68 KB
Size: 80.34 KB
Size: 95.91 KB
ASQ CQA Practice Test Questions and Answers, ASQ CQA Exam Dumps - PrepAway
All ASQ CQA certification exam dumps, study guide, training courses are Prepared by industry experts. PrepAway's ETE files povide the CQA Certified Quality Auditor practice test questions and answers & exam dumps, study guide and training courses help you study and pass hassle-free!
2. Audit Process
6. 2A5 Auditing tools and working papers
Document situations observed, issues identified, information collected, facts supporting the opinion, and analysis made during the audit. So, when you conduct an audit, you see the number of things you observe, the number of documents you collect, the number of people you interview, the number of facts you collect, and whatever papers or documents you use to record all of that information is your working paper. Working papers are basically the backup to support the findings that you have made in the audit. So these are the backup papers. These working papers do not form part of the report, but they are backup information related to the audit done. Since this topic is auditing tools and working papers, let's understand what the most important auditing tools are.
One of the most important auditing tools is sampling. Sampling is something based on which you do the audit and draw conclusions. So when you look at the number of pieces, let's say millions of pieces, millions of records, and millions of documents, you take a sample out of that. Your sample should be a random sample so that it is a true representation of the whole population. So you must ensure that whatever sample you draw is random so that you can make a judgement about the entire population based on those samples.
This topic will not include much discussion of sampling. In Section 5 of the Body of Knowledge of CQA, there is a topic on the sampling plan. We will be talking about sampling in more detail in Section 5E. So let's come back to working papers. When we say "working papers," these could be checklists. These could be log sheets where you log all the information you have observed during the audit. This could also be forms that you used during the audit.
Some of the examples of forms will be the forms to record the meeting or the attendance for the opening or closing meeting. So, out of these three things listed in working papers, the most important thing is checklists. So let's keep our focus on checklists. So when we talk about checklists, a checklist could be a scoring checklist or it could be a non-scoring checklist. Before we talk about scoring or nonscoring checklists, let's understand the checklist as a tool for auditing. Let's understand that the checklist serves as a memory aid. This is not a hard and fast rule that you must follow. This is something that is there to remind you or to help you as an auditor. As a result, a checklist should always be regarded as something that aids the auditing process. Not that auditing should be driven by the checklist. So before starting the audit, based on the objective and scope of the audit, the lead auditor prepares the checklist.
And this checklist basically ensures that the whole scope is covered. Since this audit needs to be done within a defined time frame, the checklist also helps with time management. Another important benefit of a checklist is that it ensures that the audit is done consistently. Because a number of auditors or different auditors do this audit, that audit should be consistent because now they have a certain path to follow. When you use a checklist, you use it for recording things as well. As a result, a checklist also serves as a working paper on which you keep track of which documents or items you have seen.
So all those things you keep recording on the checklist So this checklist also acts as objective evidence of the audit and helps in keeping notes related to the audit process. If the audit is related to a standard work process, then you can keep on revising or updating your audit checklist based on whatever you have observed in the previous audits. As a result, the checklist may also aid in the future improvement of the audit process. So these are some of the benefits of using an audit checklist. Now, let's look at a few things related to the development of audit checklists. So, as I previously explained, the audit team leader is responsible for establishing the checklist and assigning responsibility to team members.
So, if there are a number of team members, then specific topics or specific chapters in the checklist could be assigned to two different team members. so that these team members could look into different departments, different processes, etc. When it comes to the checklist, there is a common question about whether or not it should be given to Audit prior to performing this audit. It is not uncommon to send the audit checklist to the auditor beforehand. Sending the checklist before the audit helps in a number of ways, and one important benefit is that the auditor can prepare for the audit. So looking at the checklist, the auditor can decide what all people need to have available. So the audit can make sure that those people are available during the time of the audit and that all supporting documents are needed.
So Auditory could ensure that those documents are available, as well as the people who have them or are knowledgeable about them, during the audit. So, in some ways, sending an audit checklist to audit ahead of time is beneficial. In addition, we previously discussed how a checklist can help with memory. This is not something that must be followed step by step. As an auditor, you don't have to go through the checklist point by point. And this checklist, or whatever you are using for the audit, could be modified as the audit progresses. So, depending on the availability of time and the findings that you have observed during the audit, you can expand or contract the audit checklist. Now, let's look at the audit checklist's contents. So, the audit checklist will have a number of questions related to the audit.
Yes, no, or an explanation could be given in response to those questions. So an example of a question with a yes or no answer would be whether the list of calibrated instruments is being maintained by auditing or not. The answer to that will be yes or no. Another point that requires clarification is how change management is implemented on the project. So this could be a question that requires more explanation than a simple yes or no answer. So the checklist will have questions related to both of these types—yes, no, or questions that need explanation.
Now, coming back to the topic about which we talked earlier as well, scoring versus non-scoring checklists, As a result, the questions on the scoring checklist could be graded as fair, good, or excellent, or on a scale of one to five. This is something where the answer to any question will be in terms of a score, and at the end of that audit, the whole audit will give an overall score for the audit. So, out of 100, let's say Auditory has a score of 67 or something.
So this is a scoring checklist. A non-scoring checklist is something where you don't put these scores; you put answers in terms of yes or no, or you put answers in terms of explanation. As a result, findings in terms of observations or nonconformities are produced. In my professional life, I have seen most of the audit checklist in the form of a non-scoring checklist. I have not seen many scoring checklists being used, but I have seen the scoring checklist being used by safety professionals. So if there is a safety audit there, I have seen the checklist, which has scores against each point. But in the quality field, I have hardly seen any checklists, which are scoring checklists where the score is given at the end of the audit. Another thing in terms of a checklist is a checklist related to quality awards. The Malcolm Bail Bridge National Quality Award is one example of this. They use a scoring checklist. So there is a complex mechanism for scoring. All the requirements related to quality awards are evaluated based on a score.
So I'm not going into detail about that. But yes, in the case of quality awards, there are checklists that are scored, and there are benefits and disadvantages related to each of these. The benefits of a scoring checklist could be that you could use a score as a reference to determine whether there has been an improvement in the company or the auditing process or not.
So if you keep track of the score, that basically tells you whether there is an improvement or not, but many times that score really might not be very relevant, and it might not be easy to score everything. If you want to improve your organization, then rather than working on scores, what you will be working on is What are the opportunities where you want to improve, and what are the problems that you want to resolve? So there, you might want to use a non-scoring checklist. So let's not go into that discussion of scoring versus non-scoring, but in the quality field, as I earlier said, most of the checklists that I have seen in real-life examples are non-scoring checklists.
After talking about the difference between scoring and non-scoring checklists, let's look at another classification of checklists, which is generic versus specific use checklists. So a checklist could be generic. Let's say you are doing an ISO 9001 audit for a number of your suppliers. In that case, you'll have a generic checklist that basically lists all of the ISO 9001 requirements, and you can use the same checklist with any number of suppliers. So this is an example of a generic checklist.
A specific-use checklist will be the one that has been prepared specifically for a particular audit. This could be the case if you are conducting an audit in relation to a contractual requirement, such as a purchase order. So in this case, the checkpoints will be very specific to the audit being done. So each time you do an audit, you make a separate checklist. So this is the difference between the generic and specific use checklists. So with this, we complete the topic of auditing tools and working papers. Now, let's.
7. 2A6 Auditing strategies
Strategies. We will be talking about five strategies related to audit, and these are forward tracing, backward tracing, discovery, horizontal, and vertical audit. Let's talk about forward and backward tracing first. Before talking about forward and backward tracing, let's take an example where a part has to go through four processes. So let's say here we have input, and then this input goes to process number one, which goes to process number two. And then it goes to process number three, and then it goes to process number four. So there are four processes. And then, after this, this goes to the customer. Now, what we do in forward tracing is follow this process. We conduct audits as the process or item flows. So the examination of the audit begins at the beginning of the process and ends at the end of the process. So let's say this is a manufacturing process that is going through these four steps.
So the auditor will follow a specific item through step one, then follow that item to step two and check whether all of the processes and requirements associated with that item are met or not. So the auditor follows from point number one to point number four. This is forward tracing. The advantage of the forward tracing is that it gives the auditor a good picture from the beginning to the end of the process. When you are a new auditor or you are doing an audit of a new process, it's always good to use the forward tracing because in the forward tracing, let's say you have a flow chart or a flow diagram that this particular component uses. And then you follow that flow diagram. And as the item or the product moves, you will understand what is happening.
And as an auditor, this will give you a good idea about the whole process. So this was a forward trace. As opposed to forward tracing, what we do in backward tracing is begin at the end and work backwards. So let's take the same example of input here. Then process one, process two, process three, and process four. And then this goes to the customer. So as an auditor, you don't begin at process number one. You begin your audit here, at process number four, or at the end of process number four. So you begin with the end. In a real-life example, what you do is you don't go through the receipt of material, and then, in step 1234, what you do is you go to the final warehouse where all the finished products are kept. And then you trace all the requirements back and see whether all those requirements related to that product were met or not. So you start with the warehouse. You start with the dispatch section. So you first go to the dispatch section, and from the dispatch section, you pick a piece of merchandise.
You check the item's traceability and notice that this piece number is this. Then you go back to item four and see whatever records and whatever requirements were related to that item, whether those were met or not. So in this audit strategy, what you do is begin with the end objective in mind and see whether all those things are being met or not. Forward tracing is good when you are auditing a new process because, as you move along the process, you learn about the process as well. But when you are doing backward tracing, it is always good to do this. When you have a good knowledge of all the processes, because you are picking a product at the end, then you should have a good idea of what should have happened before this. So this is backward tracing. So after talking about forward and backward tracing, the third audit strategy is the discovery method, or the random audit.
So here, you neither begin at the beginning nor at the end of the process. You randomly begin somewhere in the middle. What you don't want to do here is go through all of the processes and steps. What you do is do a random audit, pick some piece in the middle of the process, and see whether the requirements at that particular point are being met or not. The advantage of this is when you have time limitations because you really cannot follow all four steps or all 20 steps a product is required to meet. If you don't want to do that, you can do this audit in the middle. To do this audit, you might need to have a flowchart, which will give you a good idea of what has happened before that point, the point at which you are doing the audit, or what is supposed to happen after that point. This is a flexible audit and saves time.
However, you will need to be much more skilled and knowledgeable about the process that you are auditing for this. So, when conducting a discovery audit or a random audit, make sure to keep proper notes on what specific piece, what specific item, what specific thing you have seen, what is the revision, what is the status, and all of that. You need to keep a proper record of that. So that when you need to explain the problems or issues that you have identified to the audit, you have the complete reference to that specific item. And once again, you go for this strategy or approach when you are very knowledgeable about the process that you are auditing. So now we have talked about three strategies. The forward tracing, backward tracing, and discovery methods Another two strategies are horizontal versus vertical audits. So here you need to decide whether you are doing a horizontal audit or a vertical audit.
Let's understand this with the help of this table here. So here I have ISO 9001 2015 requirements and ISO 9001 2015 top-level requirements. And here I have the number of departments that the organisation has. Assume I'm auditing the organization, which has a sales department, a design department, a production dispatch department, and an art department. Now, how do I audit this organization? One way to audit this organisation could be to look at one particular component in the ISO standard. Let's say improvement. I'm only interested in improvement, and I look at the improvement process in sales, in design, in production, in dispatch, and after sales. This is a horizontal audit.
A horizontal audit is an audit of a specific component of the system. As opposed to the horizontal audit, the vertical audit is where you are auditing a particular function or department. Let's say an example of a vertical audit is auditing the production department. And here in the production department, we are looking at all the requirements related to the ISO 9000 standard. So in the production department, we look at the context of the organization, at the leadership, at the planning, and so on. This will be a vertical audit. So let's look at some more details related to a horizontal or vertical audit. So, here is the horizontal audit. Horizontal audit is also called the "element audit method," because here we are auditing a specific element. In the earlier example, we were performing a horizontal audit of the improvement process across all functions.
In this case, we want to check if that particular element is being effectively implemented in all departments or not. So this will be a horizontal audit, since we are doing an audit of a specific component, a specific element of the system. So it is much easier for the auditor to do this audit. So the auditor knows that among all the checkpoints this person has to make, this person goes to different departments and checks those particular elements. So this is much easier for the auditor. But the problem here is that what we're looking at is a specific element. What we are not looking at is the interaction between different elements. Vertical auditing has this disadvantage. Vertical auditing is also called department auditing. In the example that we were showing, we were doing the audit of the production department for all the elements of ISO 9001 standards. So this is also called the department method, and we do the audit of several elements in that particular single department.
This basically saves time because you don't need to move around to different departments and do the audit. So in one department, you do the audit of all the elements related to the quality system. Since in this case we are doing an audit of all the elements in a particular department, the auditor should have a good knowledge of all the requirements related to that particular department. So these were horizontal and vertical audits. in real life. Generally, you do not have a very specific horizontal or vertical audit. Generally, you have a mixture of those. So you don't go to a supplier and audit one of their departments, or just one of the system's elements. This is something you might do in your internal audit because an internal audit of the organisation is something you might want to do once for your production department. The next month, you want to do an audit of your design department. In that case, you are conducting a vertical audit.
8. 2A7 Auditing plan
Let's talk about the proportion of the plan and what all is included in an audit plan. So, here is the list of items that are generally covered in an audit plan. And these are the audit objectives: why this audit is being done, the audit scope, what is the scope, what is included in the audit, what is not included in the audit, and what are the functions or processes to be audited? Then we must specify the auditing criteria, such as whether the audit is for ISO 9001 requirements, a contract requirement, or any other criteria. And this plan should also talk about the location, date, expected time, and duration of the audit.
And it includes the audit team members as well. So these are the typical elements of an audit plan. And here we are talking about the audit plan for a specific audit. I'm not talking about the whole audit programme for the organization. That is something we will discuss later. Here we are just focusing on a single audit. So these are the elements that an audit plan needs to have. And this plan needs to be communicated. And when it comes to communication, we need to provide formal notification when it comes to a second-party or third-party audit, because these are external parties. But if this is an internal or first-party audit, in that case, you might not need to provide a formal notification. An email should work for that. So this was about the notification of the audit. When it comes to a second or third-party audit, they should be notified as soon as possible.
This is applicable for first-party audits as well, but it is more important in the case of second-party and third-party audits that the notification is given to the audit well in advance of the deadline so that they can make all necessary arrangements. What is required for a successful audit? The audit plan needs to be communicated to the client, who has requested this audit. This plan also needs to be communicated to the audit and other stakeholders, as applicable. So this was about the audit plan. So far, we've discussed elements of audit planning, process, auditor selection, documentation, logistics, tools, strategies, and a plan in the context of audit preparation and planning. So after talking about audit progression and planning, the next thing will be performing the audit. That is what we will discuss in Section 2B, audit performance.
9. 2B1 On-site audit management for the auditor
Section two of the CQA Body of Knowledge was "Audit Process," which covered topics such as audit proposal and planning, which we have completed, and audit performance, which we are starting now. And then audit reporting, audit follow-up, and audit closure. So here we are at Section Two B, which is Audit Performance. Here we are talking about the actual audit process, when the audit is happening, and what all happens during the audit. in audit performance. These are the topics that we will be discussing here. On-site audit management for auditors and auditories So these are general topics.
And then we will begin with the opening meeting, which is where the audit actually begins: with an opening meeting, followed by data collection, analysis, and discussion of the establishment of objective evidence, organisation of this objective evidence, and exit and closing meetings. So these are the topics that we will be discussing in the audit of our performance. This particular video is about onsite audit management for the auditor. An audit could be done by a single auditor or a team of auditors. When this audit is done by a single auditor, then things are simpler. But when you have a team of auditors doing the audit, then the lead auditor or audit team leader has certain roles. We will be talking about those roles here.
The role of the team leader is to manage the audit, which includes the team, time management, and communication. Let's talk about teams and time management first. In team and time management, the audit team leader or the lead auditor assigns a role to each of the team members, defining what each member is supposed to do as a part of the audit process. So let's say one particular process, one particular function, is done by an auditor. One, the second function or the second department, is taken care of by auditor number two, and so on.
So the role of the team leader is to assign roles to each of the auditors in the team. And then, when this role is assigned, the team leader, the audit team leader, needs to be impartial and objective in allocating the work to the auditor, which will be based on whatever strengths and expertise each of these auditors has. Some auditors might be experts in production, so that particular auditor will be assigned to audit the production department. Another auditor with experience in design work will be asked to audit the design work. For example, some audits might be for a single day, and some audits might be for multiple days. But whatever time frame this audit has, the audit team needs to meet periodically.
They need to meet to assure that the audit is progressing as per the plan. And if there is any need, the roles might need to be reassigned. So let's say the auditor who was doing the audit of the production department finds a much bigger or more significant problem or issue, then the lead auditor might assign some other auditor to assist this auditor in going through all the documents that this auditor needs to go through. So as the audit goes, the team meets together and sees if there is any need to reassign or relocate the work. And time needs to be managed because auditing has to be done within a certain period of time.
This is not an ongoing thing. You need to do this audit in the planned time period, which would be one day, two days, or three days, whatever this is. So to meet that time frame, the work might need to be reallocated. And if the audit is for multiple days, then this team needs to meet together to plan the work for the next day. And in this meeting, which is a daily meeting between auditors, they might discuss what they found in their own area and what discoveries they made, so that the other auditors could also look into those areas. So let's say there are three production areas and three auditors are doing audits of these three production areas, and one of the auditors finds issues related to the calibration of equipment.
So once this information is shared with the other two auditors, the other two auditors could also look into their own area of auditing to see whether the calibration issue is being maintained or managed in those areas or not. So this was about the team and time management. On to the next thing, which is communication. There needs to be regular communication among the team members, as we discussed earlier. This could be done on a daily basis or during lunchtime, whatever the case may be. But then, in addition to that, the auditor should also have a daily meeting with the audit as well. Because whatever has been found in the audit process needs to be communicated. The status of the audit needs to be communicated to the audit as well.
10. 2B2 On-site audit management for the auditee
In an audit process. There are two important parties. The role of guides and observers is one that we must comprehend. Guides are provided by audit to guide the audit team, and we will talk about their role in more detail on the next slide. Observers could be either the audit representative or the client representative. The client who has requested this audit The observer's role is to observe the audit without interfering with it. In general, the role of the guide is to guide the audit team. So, as I said earlier, the roles of guide and observer are to guide and observe, respectively.
They are not expected to interfere in the audit in any way, for any reason. If the guides and observers do not stick to this rule of not interfering in the audit, then the auditteam leader has the right to deny access to the audit and may ask them to leave the audit. Now, coming back to the role of guides in the audit: As we said earlier, the guide is a representative of the audit of the organisation that is being audited. So the guide can help the audit team identify people. So let's say if the audit team wants to audit the production head, the guide will take them to the production head. If the audit team wants to audit the design, then Guide will help them and take them to the design head. So this is one of the important roles of the guide.
And then the guide will arrange access to specific locations. So let's say if some locations are restricted, you need an access pass for that. It is the responsibility of Guide to make that access pass available for the audit team. When you do an audit of a production company or company where there are hazards and safety issues, it is the role of the guide to make this team aware of those routes and requirements related to health and safety. Some auditing locations may have security concerns, while others may have confidentiality concerns.
The guide will inform the audit team about those restrictions and help them get the audit done in a successful way. So in a certain area, you need helmets, glasses, and safety shoes. guide will help them. Some locations prohibit photography due to privacy concerns. The guide will explain that requirement to the audit team. The guide also acts as a witness to the audit. Since the guide is the representative of the audit, he also witnesses that the audit is done as expected. The guide is generally not expected to interfere in the audit or provide any information unless specifically asked. So, if some clarification is required during an audit, the auditor may request that the guide provide that clarification or assist in the collection of some samples. Collecting some information is where Guideit can help with the audit.
ASQ CQA practice test questions and answers, training course, study guide are uploaded in ETE Files format by real users. Study and Pass CQA Certified Quality Auditor certification exam dumps & practice test questions and answers are to help students.
IT Certification Tutorials
- Top 12 Cloud Certifications in 2018
- Top 7 Cybersecurity Certifications to Consider in 2019
- Great Business Analysis Techniques to Make Your Project Unique
- How to Survive or Adapt to The Fast-Changing Digital World? Can Dell EMC Provide an Answer to This Question?
- GAQM CSM-001 Certified Scrum Master - Chapter 04 - Meetings in Scrum Part 2
- Python Institute PCAP - Modules; Packages and Object Oriented Programming in Python Part 2
- PMI PMP Project Management Professional - Introducing Project Risk Management Part 2
- CompTIA CASP+ CAS-004 - Chapter 01 - Understanding Risk Management Part 2
- DA-100 Microsoft Power BI - Part 2 Level 3 - Transform Menu Part 2
- CompTIA CASP+ CAS-004 - Chapter 04 - Implementing Security for Systems; Applications; and Storage Part 2
- IIBA CBAP - Part 4 Introduction
- MB-210 Microsoft Dynamics 365 - Create and Manage Product and Product Catalog
- Salesforce Certified Platform App Builder - 5 - Business Logic and Process Automation Part 2
- Amazon AWS Certified Data Analytics Specialty - Domain 3: Processing Part 7
- Google Professional Cloud Network Engineer - Designing; Planning; and Prototyping a GCP Network Part 2
- SPLK-1003 Splunk Enterprise Certified Admin - Splunk Post Installation Activities : Knowledge Objects Part 6