INTERNAL AND EXTERNAL AUDITS

Transcription

1 PROCEDURE INTERNAL AND EXTERNAL AUDITS This document is stored electronically. Printed version might not be the latest. SAOCOM PROJECT COMISION NACIONAL DE ACTIVIDADES ESPACIALES BUENOS AIRES ARGENTINA

2 SAOCOM PROJECT Number Title Summary INTERNAL AND EXTERNAL AUDITS This document describes the audit process applied to the contractors during their activities for the SAOCOM Project. Secondary Reference Circulation Level 1 This document is digitally signed Workflow Summary State Assignee Action Completed Date Review mpetruccioli Approved 11-may-2012 Approve jmedina Approved 11-may-2012 Changes Record Issue Date Author PARA Description A HMartirena Creation Comisión Nacional de Actividades Espaciales (CONAE) from Argentina owns the copyright of this document which is supplied in confidence and which shall not be used for any purpose other than that for which it is supplied and shall be only reproduced, copied or communicated, in whole or in part, for internal use of CONAE, directly or by third parties holding confidentiality agreements with CONAE. Any person other than the authorised holder obtaining possession of this document by finding or otherwise, should send it, together with his name and address, in a sealed envelope to: Comisión Nacional de Actividades Espaciales (CONAE) SAOCOM Project Av. Paseo Colón 751 (C1063ACH) Capital Federal ARGENTINA Letter postage need not be prepaid. Other postage will be refunded. Page 2 of 9

3 INDEX INDEX OBJECTIVE SCOPE APPLICABLE AND REFERENCE DOCUMENTS APPLICABLE DOCUMENTS REFERENCE DOCUMENTS DEFINITIONS AND ABBREVIATIONS DEFINITIONS ABBREVIATIONS AND ACRONYMS DEVELOPMENT AUDIT PROGRAM PREPARATION OF AN AUDIT CONDUCTION OF AN AUDIT AUDIT REPORT FOLLOW UP OF RESULTS QUALIFICATION OF AUDITORS AUDITS TO SUB-SUBCONTRACTORS ANNEXES ANNEX A: AUDIT PLAN ANNEX B: AUDIT REPORT... 9 Comisión Nacional de Actividades Espaciales (CONAE) Page 3 of 9

4 1. OBJECTIVE This procedure describes the methodology and responsibilities for managing MPA audit programs and to perform MPA audits to CONAE-PC and to all subcontractors working for the SAOCOM Project. 2. SCOPE This procedure is applicable to CONAE-PC and all CONAE-PC subcontractors working for the SAOCOM project. 3. APPLICABLE AND REFERENCE DOCUMENTS 3.1. Applicable documents ECSS-Q-ST-10C Product Assurance Management. None 3.2. Reference documents 4. DEFINITIONS AND ABBREVIATIONS 4.1. Definitions audit: systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled (audits are independent examinations to determine whether processes and procedures achieve the specified objective. They are an essential tool to identify problem areas). audit criteria: set of policies, procedures, requirements, contracts and agreements. Audit criteria are used as a reference against which audit evidence is compared. audit evidence: records, statements of fact or other information, which are relevant to the audit criteria and verifiable. The audit evidence is based on samples of the available information; therefore there is an element of uncertainty in auditing. audit findings: results of the evaluation of the collected audit evidence against audit criteria. auditee: organization being audited auditor: person with the competence to conduct an audit audit team: one or more auditors conducting an audit, supported if needed by technical experts. Comisión Nacional de Actividades Espaciales (CONAE) Page 4 of 9

5 audit programme: set of one or more audits planned for a specific time frame and directed towards a specific purpose. An audit programme includes all activities necessary for planning, organizing and conducting the audits. audit plan: description of the activities and arrangements for an audit. audit scope: extent and boundaries of an audit. non conformance: non fulfillment of a requirement. Terms like failure or anomaly are considered synonymous to non conformance. corrective action: action taken to eliminate the causes of a detected non conformance or other undesirable situation preventive action: actions taken to eliminate the causes of a potential non conformance or other potential undesirable situation CONAE-PC: part of the organizational structure of CONAE acting as principal contractor 4.2. Abbreviations and acronyms MPA: Mission Product Assurance SAOCOM PLM SOFTWARE: CONAE-PC s Document management system 5. DEVELOPMENT 5.1. Audit program The MPA Manager shall prepare annually a program of audits to be carried out to: - all areas of CONAE-PC - all subcontractors to verify the implementation and effectiveness of the provisions defined in the MPA plan. All areas of CONAE-PC and all subcontractors shall be audited at least once per year. However, some areas or subcontractors could be audited more than once per year considering the results of previous audits. In addition to the planned audits, unplanned audits shall be performed under request of the Project Manager, when necessary to overcome failure, consistent poor quality, or other problems. The audit program shall be approved by the Project Manager. The MPA Manager is responsible for communicating the approved audit program to all relevant parties in a timely manner. The subcontractors shall accept to be audited by CONAE-PC or by a third party agreed between the CONAE-PC and the subcontractors in the framework of the business agreement Preparation of an audit The MPA manager shall nominate the audit team for each audit three weeks in advance of the planned date. When the audit is not feasible, the MPA manager shall agree a new date with the auditee. Comisión Nacional de Actividades Espaciales (CONAE) Page 5 of 9

6 When selecting the auditor, the MPA shall: - ensure the absence of conflict of interests - nominate a lead auditor if the team is composed by more than one auditor. The lead auditor is responsible for the preparation, conduction and reporting of the audit till the issue of the audit report. The nominated lead auditor shall notify the auditee in due time of: - his/her intention to perform an audit; - the objectives and the scope of the audit; - the audit criteria; - the designated audit team; - the audit plan; 5.3. Conduction of an audit The lead auditor ensures the application of conventional good practices during the audit; usually, there is: - an opening meeting, where the auditee is informed on the reasons of performing the audit, the method that will be used and the reporting of the results, - an assessment of the activities of the auditee, by reviewing documentation and/or interviewing the auditee s personnel - an evaluation of the results to determine the degree of compliance with the applicable requirements - a closing meeting to report the results. The auditee shall provide the audit team access to his facilities and data which are relevant to the audit Audit report Upon completion of the audit the lead auditor shall prepare an Audit Report as per Annex B form. The report shall include - reference to findings that showed compliance with applicable requirements (usually under the shape of a brief summary) - non conformities (systematic deviations to applicable requirements) - observations (individual deviations to applicable requirements) - improvement opportunities (findings that can trigger the implementation of an improvements in order to prevent future non conformities). The auditee shall provide an answer to non conformities, observations and improvement opportunities within 30 days of the reception of the audits report. - the disposition of the detected no conformities - the cause analysis, proposed corrective action and deadlines in reference to the detected non conformities, - an analysis of the observations and improvement opportunities and if action will be taken on them. If the decision is to take action, the auditee shall be request to report what action will take and the corresponding deadline. Comisión Nacional de Actividades Espaciales (CONAE) Page 6 of 9

7 The MPA Manager shall revise and approve the audit report and shall distribute it to recipients designated by the Project Manager. The audit reports shall be filed in the SAOCOM PLM SOFTWARE. In case of a finding classified as a non-conformance, the lead auditor shall open a Non Conformance Report in the SAOCOM PLM SOFTWARE of the project Follow up of results The auditee shall keep the MPA Manager informed of the status of any actions related to the nonconformances by means of the SAOCOM PLM SOFTWARE. During each audit, the lead audit shall ensure that the results of the previous audits are reviewed in order to ensure their proper treatment Qualification of auditors The MPA Manager shall ensure the auditors have: - adequate training on auditing management systems - adequate knowledge of the aspects of the project relevant to the audit to be performed Audits to sub-subcontractors The subcontractors shall perform audits of their own project activities and of the project activities of his lower tier supplier(s) to verify conformance with project requirements. Comisión Nacional de Actividades Espaciales (CONAE) Page 7 of 9

8 6. ANNEXES 6.1. Annex A: Audit Plan MISION SAOCOM AUDIT PLAN Organization: Written by : Sites: Date : Dates: Auditors: OBJECTIVE: CRITERIA: SCOPE: AGENDA: Time Auditor Topic/Area Comisión Nacional de Actividades Espaciales (CONAE) Page 8 of 9

9 6.2. Annex B: Audit Report MISION SAOCOM AUDIT REPORT Organization: Written by : Sites: Date : Dates: Auditors: OBJECTIVE: CRITERIA: SCOPE: CONCLUSIONS: Topic/Area Findings Type Comisión Nacional de Actividades Espaciales (CONAE) Page 9 of 9