Effective date: Standard Operating Document No:

Procedure for Management SOP/QMS/002

Review
SOP Author: Rev:V1

Revision History

Date Version Author Change Summary

V1 Initial release

Author Reviewed By Approved By

Name
Signature & Date
Effective date: Standard Operating Document No:
Procedure for Management SOP/QMS/002
Review
SOP Author: Rev:V1

1. TITLE:
Standard operating procedure for conducting Internal audit.

2. PURPOSE:
2.1. To establish a process for conducting internal audits for the Organization to
determine whether company’s QMS is in compliance with customer and
regulatory requirements.
2.2. To find out any scope of improvement.
2.3. To assign roles and responsibilities for the same.

3. SCOPE:
3.1. The procedure covers the procedure for Comapny’ internal audit program.
3.2. Managing the findings of external audit.

4. EXCLUSIONS:
4.1. This procedure doesn’t include procedure for auditing suppliers.

5. REFERRENCES:
Sl Document Title Document No. Document
No. location/path
1 Quality Manual
2 ISO 13485
3 ISO 19011

6. DEFINITIONS:
6.1. Audit: systematic, independent and documented process for obtaining
objective evidence and evaluating it objectively to determine the extent to
which the audit criteria are fulfilled.
6.2. Auditee: organization as a whole or parts of thereof being audited.
6.3. Audit criteria: set of requirements used as a reference against which
objective evidence is compared.
6.4. Audit evidence: records, statements of fact or other information which are
relevant to audit criteria and verifiable.
6.5. Audit findings: results of the evaluation of the collected audit evidence
against audit criteria.
6.6. Audit plan: description of the activities and arrangements for an audit.
6.7. Audit scope: extent and boundaries of an audit.
6.8. Objective evidence: data supporting the existence of something.

6.9. Objective evidence: data supporting the existence or variety of something.

7. ROLES & RESPONSIBILITIES:

Effective date: Standard Operating Document No:
Procedure for Management SOP/QMS/002
Review
SOP Author: Rev:V1

Role Responsibilities

Lead Auditor 1. Finalizes the audit plan and audit

report.
2. Responsible for ensuring the
feasibility of audit with respective Dept.
Head.
3. Conducts opening and Closing
meeting.
4. Follow-up on actions taken on audit
findings.
Dept. heads 1. Ensures that all documents are in place
according to the audit plan.
2. Responsible for taking actions against
audit findings and implementing them.
Department representative 1. Stays and supports the audit team
throughout the audit.
2. Responsible for providing
documents,records asked by the audit
team.
3. Responsible for implementing
corrective action which can be
implemented immediately.
Audit team members 1. Supports the lead auditor in
conducting the audit.
2. Gather objective evidence.
3. Interview auditees
4. Review of documents, records.
5. Grading the non-conformity.

Functional Group Responsibilities

Executive management 1. Reviews the audit plan and report.
2. Ensures the implementation of
corrective actions.

Quality Assurance 1. Monitors the process.

2. Ensures the audit process is conducted
as per the SOP.
3. Ensures the timely completion of the
tasks.

Auditees 1. Co-operates with auditors during the

audit activities.
2. Responsible for implementing the
corrective action on audit findings.
Effective date: Standard Operating Document No:
Procedure for Management SOP/QMS/002
Review
SOP Author: Rev:V1

8. PROCEDURE:
8.1. Internal Audit planning:
8.1.1. The audit program shall be planned at least 2 months prior to the audit
date considering the area to be audited.
8.1.2. The auditor shall initiate the audit by contacting with the Dept.Head of
the respective department to be audited for ensuring the feasibility of the
audit.
8.1.3. The results from previous audit and other records such as CAPA shall
act as inputs to the Audit plan.
8.1.4. Lead auditor shall assign roles and responsibilities to the Audit team.
8.1.5. The plan shall be reviewed by the top management before the Audit. If
required any changes recommended shall be reflected in the Audit plan.
8.2. Conducting the Audit:
8.2.1. Opening meeting:
8.2.1.1. The Lead Auditor shall initiate the opening meeting where the
scope, objectives and sequence of the audit and other confidentiality
policies shall be confirmed. The method of communication with
auditee shall also be confirmed.
8.2.2. Collecting and verifying evidence:
8.2.2.1. One member from auditee team shall present with the auditors
during the audit as a representative of the department.
8.2.2.2. The representative shall provide all required records and
evidences asked by the auditor.
8.2.2.3. The depth up to which information will be shared shall be
decided at the Opening meeting.
8.2.3. Generating evidence:
8.2.3.1. The audit team is responsible for collecting required evidences.
8.2.3.2. Objective evidences collected may include any of the
following:
8.2.3.2.1. Documents (Paper and Electronic)
8.2.3.2.2. Records (Paper and Electronic)
8.2.3.2.3. Interviews of auditees
8.2.3.2.4. Observed activities during the audit
8.2.3.2.5. Videos(Live and recorded)
8.2.3.2.6. Photos
8.2.4. Categorization of the Findings:
8.2.4.1. Findings collected during the audit are mainly categorized in to
following grades;
8.2.4.1.1. Compliant: If the evidences are well established
according to regulatory requirements.
8.2.4.1.2. Major Non-conformance: a non-conformity which has
the capability to impact Organization’s intended results, a
repetitive non-conformity, a nonconforming product released
to market.
Effective date: Standard Operating Document No:
Procedure for Management SOP/QMS/002
Review
SOP Author: Rev:V1

8.2.4.1.3. Minor Non-conformance: an occasional non-

conformity which has minor impact on Organization's
intended result.
8.2.4.1.4. Observation/opportunity for improvement (OFI):
area of concern which may turn in to a non-conformity in
future.
8.2.4.2. Any nonconformities found shall be informed to Dept. Head at
a timely manner. Any disagreements with the Dept.head shall be
recorded.
8.2.4.3. Final decision on the nonconformities shall be taken by the
Lead auditor. It is expected from the Lead auditor to dissolve any
disagreements/confusions with Dept. Head before closing meeting
and before final audit report.

8.2.5. Closing the audit:

8.2.5.1. The closing meeting shall be initiated by the Lead auditor.
8.2.5.2. In closing meeting, the audit findings will be explained to the
auditee team.
8.2.5.3. If any non-conformity is corrected during the audit then the
evidences need to be presented by the Department. If the evidence
is found to be compliant with regulatory requirements then that
particular nonconformity shall be marked “Closed”.
8.2.5.4. Closed nonconformities shall be mentioned in the report with
the tag of “Closed”.
8.2.5.5. Followup plan shall also be discussed during the meeting.

8.2.6. Final audit report preparation and distribution:

8.2.6.1. Final audit report shall be prepared and shared within 30 days
from the Closing meeting date.
8.2.6.2. Final audit report shall contain the detailed explanation of the
non-conformities found with evidences. Required corrections may
also be suggested.
8.2.6.3. After approval of the Final audit report, it shall be shared with
the top management and Dept. Head.

8.2.7. Managing audit findings:

8.2.7.1. The representative assigned from the department and the
Dept.Head is responsible for implementing required
Correction/Corrective action/Preventive action for the findings.
8.2.7.2. The corrective action plan shall be prepared and shared with the
Lead auditor within 15-20 working days from the receiving of Final
audit report. They shall be implemented within 30-45 days from the
action plan submission.

8.3. Competency of audit team members:

Effective date: Standard Operating Document No:
Procedure for Management SOP/QMS/002
Review
SOP Author: Rev:V1

8.3.1. In order to be an audit team member, the person must have basic
knowledge of audit process. He/She shall have knowledge on audit
criteria and audit approach.
8.3.2. The member must have skills like gathering evidences, Interviewing
auditees, note taking and reporting, grading the findings.
8.3.3. If the members are lacking the skills needed for auditing, they shall be
trained first. The training may be web-based, courses from a trainer etc.
8.3.4. Lead auditors first must be trained as a audit team member.
Additionally, Lead auditor must have the formal training certificate on
lead auditing.
8.3.5. The lead auditor must have skills like audit planning, conducting
Opening/Closing meetings, managing team members, finalising audit
report, followup on audit.

8.4. Effectiveness Check:

8.4.1. QA shall ensure that actions are taken and implemented for the audit
findings. QA shall track the timeline for implementing the actions
8.4.2. QA shall maintain the database for internal audits.
8.4.3. Lead auditor shall ensure the competency of audit team members.
Auditor evaluation report shall be prepared after the audit by the Lead
auditor.

8.5. Management responsibility:

8.5.1. Management shall ensure that all audit related documents, auditor
evaluation report are inputs to the management review.
8.5.2. Management shall ensure the effectiveness of the process.

9. Risk management:
Hazards
Wrong gradation of findings.
Delay in implantation of actions.
Audit objectives may no be properly
mentioned.
Risk control measure
1. Final decision on grading shall be
taken by the Lead auditor.
2. Auditor evaluation report shall be
prepared after the audit.
1. Time frame is mentioned for corrective
action plan and implementation.
1. Audit plan shall be shared with top
management for review.