Unit- 4

Quality Management Systems

 Quality Management Systems
• A quality management system (QMS) is a set of
policies, processes and procedures required for
planning&execution(production/development/
service) in the core business area of an
organization.
 ISO 27001-2005
ISO 20000-1:2011
Information
Service Management Security
Management
System

Management
Systems

ISO 9001:
2008 ISO 31000 Risk
Quality Management
Management
System
ISO 22301
Business Continuity
Management
 International Standardization Organization
• It is a worldwide federation of national
standard bodies from some 100 countries, one
from each country.
• ISO is a non-government organization
established in 1947. The mission of ISO is to
promote the development of standardization
and related activities in the world with a view
to facilitating the international exchange of
goods and services.
 Understanding the Standards – Scope
• Determine your Scope of Registration
• How many people within your organization
support this Management System?
• How many processes are included?
• How many locations?
Requirements for Certification
 Stages for Registration
Submit application to registrar
• Stage 1: Assessment of readiness
• Stage 2: Assessment for registration audit
• Registration/certification awarded for 3 years
• Surveillance audits (at least annually)
• Recertification audit at the end of 3rd year
Benefits of ISO
Benefits of ISO 9000 Standards :
• Achievement of international standard of
quality.
• Value for money.
• Customer satisfaction.
• Higher productivity.
• Increased profitability
• Improved corporate image
• Access to global market
• Growth of the organization
• Higher morale of employees
What is a Quality System?
• A “Quality System” is your organization’s
blueprint: it identifies your business model and
processes, provides details about how your
people will work together to get things done,
and establishes specifications for performance
— so you can tell if you’re on track… or not.
 Components of a Quality System
1. Identify and map processes (administrative,
organizational, operational)
2. Determine how processes are
interrelated (that is, identify and map cross-
cutting activities that span organizational
boundaries)
3. Plan for operations and control of these
processes, recognizing that the conditions and
specifications for control of each of the
processes may be different from one another,
4. Plan for dynamically allocating resources to
accommodate the demands of the operations
and control of these processes
5. Identify mechanisms to measure, monitor,
analyze and continuously improve the
processes in the context of the organization
and its environment
6. Establish an Action Plan for proactively
deploying the QMS through the organization
7. Ensure that Records are kept that track
compliance to the QMS and changes that are
made to the QMS itself.
 Quality Audit
• Quality audit is the process of systematic
examination of a quality system carried out by
an internal or external quality auditor or
an audit team.
• It is an important part of an
organization's quality management system and
is a key element in the ISO quality system
standard, ISO 9001.
 Quality Auditing
Auditing
• “ Auditing is the process of gathering and
evaluation of the economic information with
the purpose of reporting on it”.
• The term Audit refers to a regular examination
and checking of accounts or financial records,
settlement or adjustment of accounts.
• It also refers to checking, inspection and
examination of Production Processes.
Purpose of Quality Audit
• To establish the adequacy of the system.
• To determine the effectiveness of the system.
• To afford opportunities for system analysis.
• To help in problem solving.
• To make decision making easier etc.
Primary Objectives of Audit
• Examining the system of internal check.
• Checking arithmetical accuracy of books of
accounts, verifying posting, casting, balancing
etc.
• Verifying the authenticity and validity of
transactions.
• Checking the proper distinction between capital
and revenue nature of transactions.
• Confirming the existence and value of assets
and liabilities.
Objectives
Types of Audit
1. Financial Audits
2. Operational Audits
3. Integrated Audit
4. Forensic Audits
5. Investigative Audits
6. Compliance Audit
7. IS Audits
1. Financial Audit
• A third party examination of a company’s
financial records and reporting activates.
• Its objectives is to review the financial
statements
• An to state whether these statements provide
true view of transactions performed by an
organization.
• The audit opinion is intended to provide
reasonable assurance, but not absolute
assurance
2. Operational Audit
• Operational Audit is a systematic review of
effectiveness, efficiency and economy of
operation.
• Financial data may be used, but the primary
sources of evidence are the operational
policies and achievement related to
organizational objectives.
• Internal controls and efficiencies may be
evaluated during the type of review.
3. Integrated Audit
• This is a combination of an operational audit,
department review and IS audit application
controls review.
• An audit is called an integrated audit, where
auditors, in addition to an opinion on the
financial statements must also express an
opinion on the effectiveness of a company's
internal control over financial reporting.
4. Forensic Audit
• Forensic Audit an examination and evaluation
of a firms or individual financial information
for use as evidence in court.
• A forensic audit can be conducted in order to
prosecute a party for fraud, embezzlement or
other financial claims.
• Forensic auditing aims at legal determination
of whether fraud has actually occurred.
5. Investigative Audit
• This is an audit that takes place as a result of a
report of unusual or suspicious activity on the
part of an individual or a department.
• It is usually focused on specific of the work of
a department or individual
• An investigative audit is the same as a forensic
audit.
• The investigative auditor complies evidence
and is often asked to testify if the individual
responsible for the theft is eventually
prosecuted.
6. Compliance Audit
• A compliance audit is a comprehensive review
of an organization adherence to regulatory
guidelines.
• Independent accounting security or IT
consultants evaluate the strength and
thoroughness of compliance.
 Audit Checklist
• It is a Periodic, independent, and documented
examination and verification of activities,
records, processes, and other elements of a
quality system to determine their conformity
with the requirements of a quality standard
such as ISO 9000.
 Planning and Preparation for Quality Audit
• An audit plan explains the expected scope and
functioning of the procedure under which
financial books of a company are minutely
inspected to ensure they are accurate. 
• Audit plans make sure priorities within
the audit process are addressed and direct the
nature, timing and extent of the program's
success.
 Internal Quality Audit
• Internal Quality Audits, sometimes called first
party audit, are conducted by the organization
itself, or on its behalf for management review
and other internal purposes.
• Internal audits can form the basis for an
organizations self declaration of conformity.
Prepare for an Audit
• Define Audit Objectives
• Define Audit Scope
• Define Audit Resources
• Define Audit Criteria
• Prepare and Distribute an audit notification to
auditee
• Gather and understand relevant documents
• Prepare work plan