260 likes | 275 Vues
Auditor Onboarding. 01-Jul-2019. PRI Registrar. Performance Review Institute (PRI) is an affiliate of SAE International. PRI Registrar was originally created to support the Nadcap program, but has since become a fully independent division within PRI. PRI Registrar is accredited by ANAB for:
E N D
Auditor Onboarding 01-Jul-2019
PRI Registrar • Performance Review Institute (PRI) is an affiliate of SAE International. • PRI Registrar was originally created to support the Nadcap program, but has since become a fully independent division within PRI. • PRI Registrar is accredited by ANAB for: • ISO 9001 • ISO 14001 • The full suite of Aerospace (AS9100, 9110, and 9120) • We also perform unaccredited ISO 45001 audits.
Organization Sales Brett • Staff contact information can be found in the PRI Registrar Staff Directory at this link.
Assignment Scheduling • Assignment and scheduling are managed through the RMS online system. • New contracts (initial audits) are typically arranged by the Sales rep. • Surveillance and recertification audits are coordinated by the Scheduling Coordinator (Danyel Coyne).
Assignment Scheduling • Surveillance dates are usually based on the tentative date the auditor establishes with the client while on-site at the previous audit. • When selecting dates, the auditor should be mindful of the following: • The first surveillance following a Stage 2 should be scheduled no more than 12 months from the last day of the Stage 2 audit. • No calendar year can pass without an audit for the client, or their certificate must be suspended. • PRI Registrar has a policy of “target dates” to keep client audit cycles on-track. • Attempt to keep surveillance audits within 60 days (+/-) of the target date.
Assignment Scheduling • For the details of scheduling in the RMS online system, see the RMS Auditor Guide at the this link. • The Auditor Guide will also include information on the use and importance of the scheduling calendar in the RMS system.
Audit Instructions • PRI Registrar’s instructions for conducting an audit are documented in the Auditor Work Instructions. • The most up-to-date version of this procedure is available at this link. • The work instructions should be read in depth prior to the start of an auditor’s first audit with PRI Registrar.
Audit Documentation • All PRI Registrar audit documentation is made available to the auditor through the RMS online system for each assigned audit. • Documentation is divided between some direct input into RMS, and some minimal forms that are downloaded and re-uploaded when complete. • When a form must be downloaded, RMS pre-fills header information into the form. • If needed, blank templates of all documents are available at the following links: • AQMS • ISO 9001 • ISO 14001 • Guidance on which forms are required for particular types of audits is documented in the appropriate RF-115 Audit Document Listing (available at the above links for each standard type). • PRI Registrar highly recommends the use of the RF-115 Audit Document Listing as a reference during completion of audit documentation. • Direction on completing specific forms is available in the Audit Documentation Expectations form (available at this link).
Multisites • When conducting a multisite audit (or several sites for Aerospace), PRI Registrar typically treats each site visit as a separate “audit”. • Each visit will have its own audit number, audit documentation, and audit team. • If different auditors are assigned to different sites, then a “Master Lead” auditor will be assigned to coordinate the multiple teams and paperwork. The Master Lead will also be responsible for writing a “synthesis report”, summarizing the effectiveness of the client’s management system as a whole. • For Aerospace, the Master Lead will be assigned as the lead auditor in OASIS, and will be responsible for approving NCR closures. • For Aerospace audits, OASIS treats multisite audits in a different way than the RMS system. • For details on navigating and reconciling multisite audits between the two systems, see the OASIS NextGen (G2) and AQMS:2016 for Auditors presentation at this link.
NCR Closure • NCR Timelines • Interactive spreadsheet available at this link.
NCR Closure • NCR Timelines
NCR Closure • NCR Dispositions • When closing an NCR, the verification statement must be specific. Generic statements (e.g., “Objective evidence reviewed and NCR closed.”) are not acceptable. • On-site verification is not necessarily required for major NCRs; the auditor shall indicate whether a site visit is necessary for closure.
Expert Review • “Expert Review” is the term PRI Registrar uses to refer to the review for registration decision. • Reviews are conducted by contract auditors trained to PRI Registrar’s Registration Decision process. • If you are interested in becoming an Expert Reviewer, please let us know. • Reviews are based on the criteria listed in the REG-FRM 76 / 76 AS Registration Decision Reports (available for general reference at this link). • For more details on the registration decision process, see the Registration Decision Training (available at this link).
RMS / OASIS • ISO 9001 / ISO 14001 / ISO 45001 • ISO audits are conducted within PRI Registrar’s internal Registrar Management System (RMS). • Scheduling, audit documentation, NCR management, and expense reporting are all conducted in RMS. • More detail on the uses and functions of RMS are available in the RMS Auditor Guide at the this link.
RMS / OASIS • AS9100 / 9110 / 9120 • Aerospace audits are managed through a combination of RMS and OASIS. • Scheduling and expense reports (as well as collecting PRI Registrar-specific audit documentation) are done through RMS. • Audit documentation and NCR management are conducted in OASIS, as per industry requirements. • For more detail on using OASIS within PRI Registrar’s process, see the OASIS NextGen (G2) and AQMS:2016 for Auditors presentation at this link.
Auditor Training • Periodically, PRI Registrar will provide training to auditors (either on-site or off-site) on a variety of topics, including the PRI Registrar process, industry requirements, as well as other topics considered to be of interest. • PRI Registrar will provide recorded trainings on a roughly quarterly basis. These trainings can be downloaded and reviewed at the auditor’s convenience. • Auditor Advisories are sent to auditors via email based on the need to provide urgent training on a single topic. • When an off-site training is accompanied by a request for an acknowledgement, the auditor is expected to complete the training and submit the acknowledgement in a timely manner.
Auditor Resources • Auditor resources are available on PRI Registrar’s website. These resources can be accesses via the RMS help tab (Help -> Auditor Help), or directly at this link. • Resources include: • Previous Auditor Advisories • The auditor expense report spreadsheet • Auditor reference materials (including tools, policies and instructions) • Auditor training materials (presentations from both on-site and off-site trainings) • Audit document templates • OASIS training materials • RMS training materials
Auditor Scorecard • PRI Registrar has established a process for evaluating auditor performance based on a variety of metrics, including: • staff feedback • customer feedback • percentage of trainings completed • witness audit outcomes • These metrics are used to determine auditor risk levels, and periods for auditor witnesses by PRI Registrar. • Scorecards are distributed to auditors on a semi-annual basis. • For details on the criteria used, see the Auditor Report Card at this link.
Auditor Competency • PRI Registrar does not self-authenticate auditors. In order to maintain confidence in an auditor’s ongoing basic competency, we require that auditors have an active certificate from a recognized Auditor Authentication Body in the standard to which they wish to audit. • In addition to basic auditing, there are scheme-specific competencies that must be met in order to perform a particular audit.
Auditor Competency • QMS / AQMS • Auditors must be competent to the IAF code associated with a client in order to audit by themselves. • Two criteria are required to establish competency: • General background / knowledge • Work experience, audit logs, interview, etc. • A demonstration of competence • Testing, academic degree, witness audit, etc.
Auditor Competency • EMS • Auditors must be competent to the IAF code, as well as the aspect(s) / impacts of the client in order to audit by themselves. • Three criteria are required to establish competency: • At least one year’s work experience within an EMS • Complete PRI Registrar testing on EMS fundamental concepts and aspects • Complete PRI Registrar testing on individual IAF codes • The auditor may substitute acceptable testing from other registrars in place of the second two criteria above. • Substitutions are subject to approval by PRI Registrar.
Ethics Policy • PRI Registrar has an auditor ethics policy, which must be reviewed and affirmed annually. • The policy is available at this link.
ITAR Policy • PRI Registrar has an ITAR/Export Control policy, which must be reviewed and affirmed annually. • The policy is available at this link.
Travel Policy • PRI Registrar reimburses auditor travel fees (though not auditor travel time). • Reimbursement and expense reporting policies are available in the PRI Registrar Auditor Travel Guidelines and the Travel & Expenses Presentationat at this link. • Highlights include: • Expenses are due within 7 days of the end of the audit • Receipts must be submitted for most expenses • Receipts for food must be itemized • Auditors may choose to use PRI’s online travel service, in which case, airfare is paid directly by PRI • If interested, contact the PRI Registrar office for details.
Questions • If you have any questions, please do not hesitate to contact: Pete Kucan or Samantha Brock