Step 1 is to fully understand the standard or requirement which we are auditing against
If it is a regulation – what is the current issue (are there any changes due – check for Notice of Proposed Amendments) the more background knowledge the better able you are to make good audit decisions.
It if is an internal process or Procedure – who is the owner or responsible person (do they know that you are going to be auditing there procedure?) it is good business manners to inform them – again take the opportunity to ask if there are any planned changes to the procedure or process.
Always taking the opportunity to ask open questions which will aid and benefit understanding of the background related to the audit subject matter.
How does the role the Quality Assurance (QA) Auditor differ within the EASA environment compared to say other aviation regulatory systems? (FAA for example?)
Well the first thing to consider is that the role of the Quality Assurance Auditor within the EASA system is quite specific in that it requires “Independence” This is not the case for example when you consider ISO 9001-2015.
9001: 2015 has removed the requirement for a single point of contact regarding the QMS replacing it with a new section on leadership to better emphasis a greater involvement from the leadership team. Compare with EASA where we have specific roles and responsibilities (Including Independent Compliance Manager (CM) and a clear understanding of who is managing each business objective, whilst still ultimately identifying the responsibility of the nominated persons.
Mature Quality Control Processes which are overseen by effective Quality Assurance/Compliance Management audit processes provide a significant benefit to the organisation where the focus movers from simple regulatory compliance to effective development of the organisations systems which provide key benefits in organisational optimisation.
It is important to communicate in the most effective way the objectives of any audit and audits which are performed in respect of showing compliance with EASA Regulation EC 965/2012 is no different in this regard.
Audits should focus on all elements which are critical to demonstrating regulatory compliance as well as organisational compliance in particular to also pay attention to elements which impact operational safety and security.
As you become familiar with this process you will start to understand that there are two options and a challenge to consider:
Option 1 - To develop an EASA Compliant Auditing Program which ensure compliance with the regulatory objectives.
Option 2 - To develop an Organisation Auditing Program which ensures compliance with the regulatory objectives but goes on to set and meet further organisational objectives which provide a far wider and deeper understanding of the organisational exposures.
Firstly to consider exactly what we mean by surveillance audits.
So to perform any audit requires a standard with which to compare or reference against, in this regard surveillance audits are no different from most other types of audit.
What is different is that surveillance audits are essentially audits without portfolio. Means they are “extra” to the audit program and provide the opportunity to provide additional oversight and confidence in the effective delivery of the compliance system.
Firstly to understand that both System and Process audits are in fact compliance audits then to understand that a System typically consists of multiple processes.
Next to consider that when we perform an audit it is in effect performed against a "standard" such standard could be for example directly taken from the applicable aviation regulations, or it could be an organisational standard which is referenced to the aviation regulations, but enhanced in some way to meet the organisations specific objective.
The best way to deal with such an endeavour is to start by looking at the system in total and comparing it against the regulatory requirement to ensure that there are no "gross" errors.
Compliance audits are designed to give assurance that activities have been performed properly. It should be understood of course that Compliance Audits are of course reactive (means we have to review evidence which is either post an event or concurrent with an event).
As we know certain areas of our Aviation Business, (and it is fair to say in aviation there are many) can be described as high risk. For these area, among the many mitigation techniques which are available Quality Audits can play a supporting role, by establishing ongoing conformity with company processes and procedures.
When we consider compliance audits whilst it may be satisfactory the reality is that it is an unknown if the compliance will be satisfactory next week or next month. The compliance audit typically requires a lower level of auditor competence and is presented typically as a completed checklist of observed conditions at the time of the audit.
An important part of the competence development of an auditor is the development of your interviewing skills. You have the opportunity in a gentle and encouraging way to elicit all manner of information from the auditee.
Yes Interviewing is a skill - You will get better at interviewing the more interviews that you carry out.
The objective of the interview is to obtain as much information as possible from the auditee which can then be used as a check and validate the process and procedure – such verbal information can be very valuable and helps to provide a more holistic understanding.
If you are new to auditing or you have limited experience then the challenge of performing an audit can be quite daunting. It is not at all unusual to feel like a fish out of water (so to speak). The best way to approach this is to be professional in our approach – to understand the audit subject and to use the knowledge of the auditee to our advantage.
Let’s consider the purpose and role of an EASA compliant Audit, and at the same time to consider how it differs from other types of Audit.
What the Audit is?
The Joint Airworthiness Authority (JAA) implemented and EASA continued the role of Quality Assurance (It should be noted that the one of the unique aspects of this role is the need to demonstrate independence from the function or activity). A Quality Assurance Audit (Now referred to also as a Compliance Audit specifically looks at the organisations process and procedures with too primary objectives). Firstly to demonstrate compliance with the regulatory requirements and secondly to demonstrate also compliance with the company procedures.
How to Ensure the Independence of Audits within an EASA Part 147 Organization
When we talk about the Quality System we are off course considering both the function of QA & QC.
The QA audit process must be independent which means the auditor is not involved in the day to deliver delivery of training or management of processes.
It should also be understood that the audits do not replace the need for ongoing Quality Control (QC) activities.
The audits which we will carry out are considered as “compliance audits” and essentially follow a prescriptive checklist ensuring that all elements of the process are delivering in accordance with both the regulatory and organizational requirements.
An essential requirement of our audit program is to cover the entire organizational system, notionally this should be done on an annual basis, we should also be mindful that some areas may require more frequent auditing, whilst some areas may be audited on a less frequent basis.
The primary reason to perform audits is to ensure regulatory compliance with external requirements and full compliance with internal organizational requirements. The secondary reason is to enable an understanding of opportunities to seek out improvement.
Audits should never appear as adversarial or confrontational, rather they are a method which should be fully supported by the auditee to demonstrate compliance in all necessary areas.
SofemaOnline is developing a portfolio of online training courses written by professionals with many years of experience.
Here we look at techniques to support an effective Aviation Quality Assurance Audit and the way we ask questions during an audit, to enable us to take the maximum benefit from the responses we receive.
For the most effective outcome the Auditor should remain in control of the process from start to finish. The auditor has (or should have) the full attention of the Auditee and must ensure that you understand the responsibility to obtain the information necessary to make the correct determinations.
So how are we going to ask questions, in such a way that we quickly get to the substance of what we are trying to audit? Although we ask questions of each other all day long we seldom consider which technique works best and how we may improve our questioning skills.
