Document Name
Doc. ID
PRM/IQA
Version No
1.2
Process Manual for  Internal Audit
Date
10-12-2020












Author:
Sankar
Reviewed and By:
Selvakumar
Page 1 of 9






 
Process Manual for Internal Audit
- 1.2
Document Name
Doc. ID
PRM/IQA
Version No
1.2
Process for  Internal Audit
Date
10-12-2020












Author:
Sankar
Reviewed and Approved By:
Selvakumar
Page 2 of 9






Document Control
Docu m e n t
Des c ri p t i o n:
This document the Process of Audit at   Information Dynamics
Docu m e n t
I d e n t ifi c a t i o n:
PM /IQA /1.2
S e curi t y
C la s sifi c a t i o n :
I n t e rnal
L oc a t i o n:
IDI server












Autho r iz a ti o n
N a me   of  t h e p e rs o n
D a t e   ( dd - m m m - yyyy)
P r e par e b y:
QAG Team
08-12-19
Re v i e w e b y:
Sankar
08-12-19
Ap p r o v e d   b y:
Selvakumar
10-12-19

















C hange  L og
Docu
m
e
n
t
V
e
rsi
o
n
D a t e   of
C ha n ge
S e c t i o n
A/M/D
Bri e f   d e scr i pti o n of   c h a n g e
Re v i e w e b y
1.0
10-08-19
All
A
In alignment of new standard
QAG Team
1.1
10-12-19
All
A
Mapped ISO 27001 controls  and ISO 20000 controls
Sankar
1.2
10-12-20
Annual reciew
Sankar




























Confidentiality Agreement 
This   document   is   copyrighted   and   all   rights   are   reserved.   This   document   may   not,   in   whole   or   in  part,   be   copied,   photocopied,   reproduced,   translated,   or   reduced   to   any   electronic   medium   or  machine-readable   form   without   prior   consent,   in   writing,   from   an   authorized   representative   of  Information   Dynamics.   This   document   is   for   internal   use   only   and   may,   in   whole   or   in   part,   be  provided   to   anyone   outside   of   Company,   including   customer,   clients,   or   prospects   after   taking   an  approval from an authorized representative of Information Dynamics.
Document Name
Doc. ID
PRM/IQA
No
1.2
Process Manual for  Internal Audit
Date
10-12-2020












Author:
Sankar
Reviewed and By:
Selvakumar
Page 3 of 9






TABLE OF CONTENTS
Document Name
Doc. ID
PRM/IQA
Version No
1.2
Process Manual for  Internal Audit
Date
10-12-2020












Author:
Sankar
Reviewed and Approved By:
Selvakumar
Page 4 of 9








  Purpose




To   establish   and   maintain   a   uniform   and   controlled   methodology   for   planning,   scheduling,  conducting,   reporting   on   and   following   up   with   Internal   Quality   Audits.   To   ensure   that   timely  and information is to the right people/function at all times.
ISO 27001:2013 domain reference: 9.2 – Internal Audit
ISO 20000:2011 domain reference: 4.5.4.2 – Internal Audit

  Scope




Applicable to all the projects executed in Information Dynamics all the procedures detailed in  Information Dynamics.

  Definitions and Acronyms




ISO : International Organization for Standardization
QAG : Quality Management Group
MR : Management Representative
PL : Project Lead
TL : Team Lead
PM : Program Manager
IQA : Internal Quality Audit
LA : Lead Auditor
NC : Non Conformance
CPA : Corrective Preventive Actions
Document Name
Doc. ID
PRM/IQA
Version No
1.2
Process Manual for  Internal Audit
Date
10-12-2020












Author:
Sankar
and By:
Selvakumar
Page 5 9







  Process Inputs




 Approved list of auditors

  Criteria




Initiation from MR/Senior Management to conduct the internal audit

  Responsibility




Activity
Responsibility
Developing IQA objectives
QAG
Preparing the Audit Calendar
QAG
Approving the Calendar
MR
Preparation of plan
QAG
Approval of audit plan
MR
Intimating the functions/projects about the audit 
QAG
Facilitate in performing IQA
LA
Conducting IQA
Internal Qualified Auditors
Preparing the NC report
Internal Qualified Auditors
Preparing Audit Findings report
LA
Closing IQA NCs
PL/TL/OM
To conduct up audit to verify the  implementation of CPA
Internal Qualified Auditors
Updating consolidated NC report
QA
Updating the consolidated NC analysis report
QA
Updating the consolidated NC CPA report
QA




































  Activities




Plan for Audit:
QM   and   QA   will   discuss   and   develop   the   IQA   objectives   and   initiate   the   preparation   of  audit calendar.
The internal audit frequency is once 6 months.
Document Name
Doc. ID
PRM/IQA
Version No
1.2
Process Manual for  Internal Audit
Date
10-12-2020












Author:
Sankar
Reviewed and Approved By:
Selvakumar
Page 6 of 9






Preparation   of   an   audit   calendar   specifying   the   month   and   tentative   dates,   audit   area   and   the  auditors etc done by QAG.
The IQA calendar is approved by MR.
QAG prepares the audit plan based the calendar.
MR approves the audit plan prepared.
QAG   identifies   the   audit   team   and   the   Lead   Auditor   for   conducting   the   audit.   The   Audit  team is selected from the Approved List of Auditors.
MR facilitates in conducting IQA.
QA   informs   the   auditee   and   the   management   about   the   scheduled   date   for   audit.   The   IQA  plan   which   comprises   of   auditor,   auditee,   function   names,   objectives   etc   are   sent   via   mail   to  them.
QA updates the NC and Observation in NC report
Conduct Audit:
Internal   Auditor   conducts   an   opening   meeting   with     ISO   Steering   Committee   and   the  to formally the audit. 
Internal   Auditor   discuss   with   ISO   Steering   Committee,   auditee   management   to   understand  the various activities in the organization.
Auditor conducts interviews with the auditees per the objectives defined in plan. 
Auditors   verify   the   project-related   documents   and   quality   records   to   evaluate   their  effectiveness   in   following   the   quality   system   and   note   the   comments   made   by   the   auditee  the using Audit Observations sheet.
Internal   Auditor   conducts   a   closure   meeting   in   which   the   status   and   the   observations  identified during audit are explained to MR and ISO Steering Committee.
Prepare Non-Conformance Audit Findings Report:
Internal   Auditor   lists   down   the   Non   Conformities   and   Observations,   if   any,   with   respect   to  the System. 
Internal   Auditors   classifies   Non   Conformities   and   Observations   based   on   the   severity   of   the  issue.
Internal   Auditor   prepares   the   Non   Conformance   report   and   initiates   the   preparation   of  Findings Report.
Document Name
Doc. ID
PRM/IQA
Version No
1.2
Process Manual for  Internal Audit
Date
10-12-2020












Author:
Sankar
Reviewed and Approved By:
Selvakumar
Page 7 of 9






Internal   Auditors   gets   the   Non   Conformance   report   reviewed   by   Head   of   quality.   Review  happens via mail.
Internal Auditor prepares the Audit Findings Report
QAG any serious issues to the MR
QAG delivers the Non-conformances report to the concerned PM.
Audit findings report is published.
Conformance  – Deviation from the standard requirements and need to be fixed on an  immediate basis.
Observation  – Weakness in the process/ system and might potentially to a Non conformity
SFI  – Scope for Improvements – Improvement areas in the process which can be implemented
Track & Close NC’s:
Root   cause   analysis   is   done   and   correction,   corrective,   preventive   actions   are   planned   for   the  NCs   by   PL/TL   using   NC   report.   Date   of   closure   is   also   mentioned   by   PL/TL   in   the   report.  NCs needs to be closed within a week from the date of audit been conducted.
QAG reviews the NC report and gets it signed by PL/TL. Review happens via mail.
NCs are before the date mentioned in NC report.
If   any   of   the   NC   is   not   closed   before   the   committed   closure   date,   prior   approval   is   obtained  from   PM   and   QAG.   Once   NCs   are   closed,   the   actual   closure   date   is   updated   in   the   NC  report.
Internal   qualified   auditors   verify   the   closure   of   the   NC’s   through   conducting   follow   up  audits.
QA   updates   the   consolidated   NC   report,   consolidated   NC   analysis   report   and   consolidated  NC Corrective, Preventive action report.
Document Name
Doc. ID
PRM/IQA
No
1.2
Process Manual for  Internal Audit
Date
10-12-2020












Author:
Sankar
Reviewed Approved By:
Selvakumar
Page 8 of 9






none

  Verification




The QAG shall audit the audit records during IQA.
Management review 

  Work Products




IQA calendar
IQA plan
Audit Observations Report
NC Report
Audit Findings Report
Consolidated NC report
analysis report for NCs 
Consolidated CPA report for NCs

  Measurements




Document Name
Doc. ID
PRM/IQA
Version No
1.2
Process Manual for  Internal Audit
Date
10-12-2020












Author:
Sankar
and Approved By:
Selvakumar
Page 9 9






Number of head counts involved in IQA
Number NCs raised Vs Number NCs closed

  Exit Criteria




NCs are analyzed and CPA implemented to close the NCs.

Associated Documentation




Internal Audit Plan
Internal Audit Schedule

KPI





KPI

Frequency

Objective

Data Source

Threshold
Internal Audit
Yearly
measure  compliance of  implemented  controls against the  international  standards
Internal Audit  reports
Atleast to be  conducted once  a year covering  Security and  Service  standards