ISO 9000:2000 Series TickIT Auditor/Lead Auditor Training ... - IRCA

Certification criteria for 

ISO 9000:2000 Series TickIT 

Auditor/Lead Auditor Training Course

ights reserved. No part of this publication may be reproduced, stored in a retrieval 

All 

or transmitted in any form or by any means - electronic, mechanical, 

system 

recording or otherwise, without prior permission of the CQI International 

photocopying, 

of Certificated Auditors (IRCA). 

Register 

Acknowledgements: 

Course Criteria have been prepared with the assistance of Ken Johnson C.Eng, 

These 

FCQI for the TickIT Auditor Training and Qualification Committee (TATQC), a joint 

FBCS, 

Computer Society/IRCA Committee. 

British 

March 01 First issue VD SF 

01/1 

November 00 Draft 1 KSJ SF 

00/1 

Copyright IRCA – 2001 

Rev Date Details TAM Director

CERTIFICATION CRITERIA FOR THE ISO 9000:2000 SERIES TICKIT AUDITOR TRAINING COURSE 

__________________________________________________________________________________ 

CONTENTS 

1. INTRODUCTION 

2. LEARNING OBJECTIVES 

3. ENABLING OBJECTIVES – KNOWLEDGE & SKILLS 

4. TRAINING METHODS 

5. COURSE CONTENT 

6. COURSE DURATION 

7. TUTORS & DELEGATES 

8. VARIATIONS 

9. DELEGATE ASSESSMENT & EXAMINATION 

10. COURSE PUBLICITY & ADVERTISING 

APPENDIX 1: NOTES FOR GUIDANCE 

___________________________________________________________________________________ 

Page 1 IRCA/2212/07/1 Jan 07

of the certification requirements common to all courses are detailed in Section 2 of 

Many 

Approval Requirements for Organisations Providing Certified Auditor Training. These 

IRCA/2000; 

course requirements are in addition to the requirements of IRCA/2212 and are mandatory. 

general 

is essential, therefore, that applicants for certification of, and existing providers of any IRCA 

It 

TickIT Auditor/Lead Auditor training course are familiar with the requirements of 

certified 

IRCA/2000. 

completion of an IRCA certified ISO 9000:2000 Series TickIT Auditor/Lead Auditor 

Successful 

course will satisfy the training requirements for IRCA certification to all grades of Quality 

training 

Training Organisations which are approved by IRCA to provide this course may use the TickIT Logo 1 

TickIT name and logo are protected marks governed by the TickIT Logo Regulations. 

The 

of the Logo Regulations and the TickIT Guide are available from the DISC TickIT Office. 

Copies 

Standards Institution 

British 

Chiswick High Road 

389 

W4 4AL 

London, 

+44 (0)20 8996 7427 

Tel: 

+44 (0)20 8966 7429 

Fax: 

tickit@bsi-global.com 

email: 


__________________________________________________________________________________ 

Management System (QMS) auditor, and for IATCA Auditor & IATCA Senior Auditor. 

1 

Internet: www.tickit.org 

___________________________________________________________________________________ 


These criteria have been prepared by the International Register of Certificated 

1.1 

(IRCA) to assist approved training organisations seeking certification of an 

Auditors 

9000:2000 Series TickIT Auditor/Lead Auditor training course. The criteria are in 

ISO 

with the Uniform Requirements for the Provision of Auditor Training 

accordance 

issued by the International Auditor and Training Certification Association 

Courses 

(IATCA). 

To satisfy the training requirements for initial certification as an IRCA TickIT auditor, 

1.2 

shall have successfully completed a training course, which has been 

applicants 

by IRCA as being in compliance with these criteria, within the three years 

certified 

to making application. 

prior 

The principal aim of this course is to equip delegates with the knowledge and skills 

1.3 

to perform audits of management systems against ISO 9001, in accordance 

required 

ISO 10011, or its successor; ISO 19011. All references in this document to ISO 

with 

ISO 9001 and ISO 9004 are to the year 2000 issue versions unless otherwise 

9000, 

The training provided by this course shall, wherever practicable, be set in a software 

1.4 

Information Technology (IT) context (see Appendix 2). The primary reference 

and 

to be used for this purpose shall be ISO 9000-3:1997 and the Issue 5 

documents 

Guide. 

TickIT 

These criteria specify the requirements for training courses including the knowledge 

1.5 

skills to be covered during the course. It is mandatory that training courses are 

and 

and delivered in accordance with these criteria, although training 

designed 

may exercise flexibility in the inclusion of additional material, and in 

organisations 

Learning objectives describe in outline what delegates shall be able to do by the end 

2.1 

the course. Delegates will need to demonstrate acceptable performance in all of 

of 

areas in order to complete the course successfully, and training organisations 

these 

need to demonstrate a factual and objective approach to the assessment of 

will 

Describe the purpose of a quality management system and explain the 8 

2.1.1 

of quality management. 

principles 

Explain the purpose, content and interrelationship of ISO 9000, ISO 9001, 

2.1.2 

9004 and ISO 10011 or its successor, ISO 19011. 


Interpret requirements of ISO 9001 in the context of an audit in a software 

2.1.3 

IT systems business environment using the guidance given in ISO 9000- 

and 

Describe the roles and responsibilities of TickIT auditors and TickIT lead 

2.1.4 

auditors. 

Plan and conduct an audit in accordance with ISO 10011 or its successor, 

2.1.5 

19011, demonstrating ability to: 



__________________________________________________________________________________ 

1. INTRODUCTION 

stated. 

the structure and selection of specific training methods used during the course. 

2. LEARNING OBJECTIVES 

delegate performance. 

By the end of the course delegates will be able to: 

3 and the Issue 5 TickIT Guide. 

a) plan and prepare effectively 

___________________________________________________________________________________ 


gather objective evidence, through effective interviewing, observation, 

b) 

and note taking 

sampling 

analyse and interpret information in order to determine conformance 

c) 

requirements. 

with 

Report the audit, including writing valid, factual and value-adding non- 

2.1.6 

reports. 

conformity 

Undertake audit follow-up activities, including evaluating the effectiveness 

2.1.7 

corrective action. 

of 

order for delegates to achieve the overall learning objectives, they will need to acquire and 

In 

specific knowledge and skills. These are specified below as “enabling objectives” and 

develop 

Explain the purpose and business benefits of a quality management 

a) 

system. 

Explain ISO 9001 related concepts and terminology of quality 

c) 

systems, drawing on ISO 9000 definitions in a software 

management 

Explain the terms certification/registration and accreditation, describe 

d) 

certification/registration and accreditation processes and state the 

the 

and benefits of a certified/registered quality management 

purpose 

system. 

Explain the TickIT Uniform Accreditation Arrangements and the TickIT 

e) 

Scheme. 

Sector 

Explain the purpose, content and interrelationship of ISO 9000, ISO 

a) 

ISO 9004 and ISO 10011 or its successor; ISO 19011. 

9001, 

Highlight, during the transition period, and in accordance with 

c) 

needs, the differences between the 1994 and 2000 versions of 

delegates’ 

Describe the difference between auditable standards and guidance 

d) 

documents. 

Explain the intent and requirements of each clause of ISO 9001, drawing 

f) 

ISO 9004, ISO 9000-3 and the Issue 5 TickIT Guide as appropriate to 

on 


__________________________________________________________________________________ 

3. ENABLING OBJECTIVES – KNOWLEDGE & SKILLS 

can be considered as stepping-stones to the achievement of learning objectives. 

3.1 KNOWLEDGE 

By the end of the course delegates shall be able to: 

3.1.1 General 

b) Explain the 8 principles of quality management. 

and IT systems business environment. 

3.1.2 Standards 

b) Outline the process for the continuing development of these standards. 

ISO 9001. 

e) Describe the structure of ISO 9001. 

illustrate the broader intent of the ISO 9001 requirements. 

___________________________________________________________________________________ 


List the benefits of documenting a quality management system and 

g) 

approaches for doing so in a variety of situations but particularly 

suggest 

Explain the difference between legal compliance and conformance with 

h) 

standards. 


Differentiate between the scope of audit and the scope of ISO 9001, 

i) 

the TickIT component of the audit, and describe the basis on 

especially 

exclusion of ISO 9001 management system requirements might 

which 

permissible. 

be 

Describe the roles and responsibilities of TickIT auditors, TickIT lead 

a) 

auditees and guides, in accordance with ISO 10011 or its 

auditors, 

Explain the management responsibilities of the Lead Auditor in 

b) 

the audit and the audit team. 

managing 

Explain the need for effective communication with the auditee 

d) 

the audit process. 

throughout 

Be aware of the role of IRCA and IATCA in the approval of training 

e) 

and certification of auditors. 

courses 

Outline IRCA TickIT auditor certification requirements (IRCA 162 

f) 

refers). 

Describe typical forms of pre-audit contact and their purpose, including 

a) 

they might be appropriate. 

when 

State the purpose of a document review/stage one audit and describe a 

c) 

document review process and outputs. 

typical 

Identify objectives and considerations for an on-site, process-based, audit 

d) 

plan. 

Identify considerations for planning an audit of an activity for which 

f) 

are no documented procedures. 

there 

Explain how to approach a process audit, including audit of process 

a) 

outputs and results of the process in terms of outcomes and 

inputs, 

how process measures, quality objectives and continual 

explain 

would be addressed through such an audit. 

improvement 


__________________________________________________________________________________ 

in a software and IT systems business environment. 

j) Explain the process approach to management systems. 

3.1.3 Audit process and responsibilities 

successor, ISO 19011. 

st nd rd 

in purpose and conduct between 1 , 2 and 3 c) Describe differences the 

audits. 

party 

g) Explain the need for auditor confidentiality. 

h) Outline the content and intent of the IRCA code of conduct. 

3.1.4 Audit planning 

b) Explain the purpose and significance of the audit scope. 

e) Explain the use, benefits and potential limitations of a checklist. 

3.1.5 Conducting the audit 

___________________________________________________________________________________ 


Describe the purpose of, typical content of, and attendees typically 

b) 

at audit meetings, including opening and closing meetings, audit 

present 

Explain the process of, and different methods for, gathering objective 

e) 

during an audit. 

evidence 

Explain the typical role of top management in an audit and suggest 

f) 

for auditing top management commitment. 

approaches 

Describe typical systems for grading non-conformity reports and the 

b) 

and further actions required for different grades of non- 

implications 

Explain the terms correction, corrective action and preventive action and 

c) 

the roles and responsibilities for taking and verifying corrective 

describe 

Identify types of objective evidence that may be required to demonstrate 

d) 

implementation of corrective and preventive action. 

effective 

Draw links between the 8 quality management principles and the 

a) 

of ISO 9001 particularly in a software and IT systems 

requirements 

Interpret and apply ISO 9001 appropriately in an audit situation with 

a) 

reference to ISO 9000-3 and the Issue 5 TickIT Guide. 

particular 

Suggest what objective evidence might be needed to demonstrate 

b) 

with ISO 9001 requirements. 

conformance 

Identify activities and/or processes which organisations may be 

c) 

to exclude from their scope. 

permitted 

Undertake the roles of an auditor and audit team leader, including 

a) 

and co-ordination of the audit team. 

management 


__________________________________________________________________________________ 

team meetings and auditee feedback/review meetings. 

c) Differentiate between documents and records. 

d) Describe the benefits and limitations of sampling. 

3.1.6 Reporting and follow up 

a) State the purpose and typical content of a non-conformity report. 

conformity. 

action. 

e) Explain the purpose of surveillance visits. 

3.2 SKILLS 

By the end of the course delegates shall be able to: 

3.2.1 General 

business environment. 

3.2.2 Standards 

3.2.3 Audit process and responsibility 

3.2.4 Audit planning 

a) Establish audit resource requirements. 

___________________________________________________________________________________ 


Prepare an on-site audit plan that is appropriate to the sequence and 

c) 

of the organisation’s processes. 

interaction 

Perform a document review or stage one audit in order to assess 

e) 

documentation meets ISO 9001 requirements and to determine 

whether 

adequate arrangements are in place to justify proceeding with 

whether 

implementation audit. 

the 

gain an understanding of the process, including its purpose, inputs, 

- 

controls and related quality objectives 

outputs, 

Demonstrate sensitivity to the needs and expectations of the auditee, 

c) 

local customs and culture. 

including 

Make sense of the information gathered in the context of ISO 9001 and 

d) 

audit organisation. 

the 

Evaluate objective evidence gathered and correctly identify conformance 

a) 

non-conformance with requirements. 

and 

Recognise and report positive audit findings and opportunities for 

b) 

improvements. 

Write and grade non-conformity reports based on objective evidence 

c) 

during the course of the audit. 

obtained 

Make recommendations for certification/supplier approval based on 

e) 

findings. 

audit 


__________________________________________________________________________________ 

b) Write an audit scope. 

d) Produce an audit checklist. 

3.2.5 Conducting the Audit 

a) Participate in opening and closing meetings. 

b) Conduct an audit interview and demonstrate ability to: 

- control opening and closing meetings 

- use a checklist effectively and follow audit trails 

- build rapport with the auditee 

- question 

- listen 

- make notes 

- search documents 

- select sufficient and relevant samples 

- provide feedback to the auditee 

3.2.6 Reporting and follow up 

d) Write a meaningful and accurate summary of the audit. 

f) Present audit findings and recommendations to the client. 

___________________________________________________________________________________ 


Evaluate proposals for corrective action and differentiate between 

g) 

and corrective action. 

correction 

Courses shall be highly participative. Training methods selected should seek to 

4.1 

and engage delegates throughout the duration of the course. 

involve 

Knowledge-based sessions may be tutor led, but shall allow for some interaction 

4.2 

delegates, enabling tutors to test learning and delegates to clarify their 

with 

Skill-based content shall be addressed through the participation of all delegates in 

4.3 

practical activities. 

appropriate 

Skills content may be supported by tutor input sessions to address the underpinning 

4.4 

requirements, e.g., best practice techniques for running meetings, 

knowledge 

Methods for validating delegates’ achievement of the Learning Objectives (2.1.1 – 

4.5 

and for providing timely feedback to delegates shall be included in the course. 

2.1.7) 

Delegates shall participate in skills-based practical activities for a minimum of 50% of 

4.6 

course duration. 

the 

Training aids, such as videos, that are directly relevant may be used to supplement 

4.7 

training by the tutors. These may be commercial training videos or videos 

the 

during the course to record and review the performance of delegates. No 

produced 

than three hours of the total course time may be devoted to non-interactive, 

more 

Timekeeping, planning and programme management are essential elements in the 

4.8 

of an audit. Whilst IRCA recognises that effective training is responsive 

performance 

delegates’ needs, any deviations from the timetable shall be managed to ensure 

to 

all learning objectives are adequately covered and delegates kept informed of 

that 

changes. Tutors shall set a good example to delegates and maintain good 

significant 

and timekeeping throughout the course. 

discipline 

Training organisations shall submit session plans or tutor notes for each individual 

4.9 

session. These shall specify: 

training 

training methods or use of exercises etc. are optional, this shall be clearly 

Where 

in session plans. 

indicated 

At the beginning of the course presentation the course provider shall provide the 

5.1 

with a description of the learning objectives, course format and 

delegates 


__________________________________________________________________________________ 

4. TRAINING METHODS 

understanding, as required. 

interview techniques etc.. 

passive training aids. 

a) learning objectives for the session 

b) duration of the session 

c) nature of the activity and training method to be used 

d) organisational arrangements, tutor and delegate briefing details 

e) deliverables required from delegates for practical sessions 

f) materials, exercises and equipment required to run the session. 

5. COURSE CONTENT 

programme, delegate responsibilities and delegate evaluation processes and criteria. 

___________________________________________________________________________________ 


All aspects defined in Clause 2 Learning Objectives and amplified in Clause 3 

5.2.1 

Objectives. 

Enabling 

Local requirements, culture, practices or approaches to auditing and the 

5.2.2 

of ISO 9001 as appropriate for each country in which the course 

application 

The total course time devoted to direct instruction and to assigned team and 

6.1 

activities shall be at least 40 hours net, calculated as detailed in 

individual 

This course shall be presented over five consecutive days, unless otherwise 

6.2 

in writing by IRCA. The following considerations will be taken into 

authorised 

If the course is given through translators, the time shall be increased as necessary to 

6.5 

the learning objectives. 

satisfy 

The course shall be run with two designated tutors, both of whom shall be present 

7.2 

the full duration of the course. At least one tutor shall satisfy the requirements 

for 

a lead tutor as stated in IRCA/2000. Additional resources or trainee tutors may 

for 

used for specific activities, however the two tutors remain responsible for the 

be 

Where the number of delegates is 4 to 10 inclusive, the course may be run with one 

7.3 

tutor, who shall be present for the full duration of the course. That tutor 

designated 

In addition to fulfilling the requirements for tutors as detailed in IRCA/2000, tutors 

7.4 

be able to demonstrate a level of understanding of the ISO 9000:2000 series of 

shall 

that at least meets the learning objectives as detailed in these criteria. 

standards 

tutors shall be thoroughly experienced in the principles and practices of QMS 

Both 

Requests for variations to any of these criteria, or in respect of any special 

8.1 

will be considered for approval on written submission by the 

circumstances, 

training organisation to IRCA. Any such request shall be made 

approved 

upon the reason for the variation request becoming apparent. 

immediately 


__________________________________________________________________________________ 

5.2 The course shall cover: 

is presented. 

6. COURSE DURATION 


account by IRCA when evaluating any request for variation: 

a) reasons for the requested variation 

b) modifications to the training programme/schedule 

c) assessment of impact on the learning process. 

6.3 Although not mandatory, IRCA recommends that this course be residential. 

6.4 All delegates shall be in attendance for the full duration of the course. 

7. TUTORS & DELEGATES 

7.1 The number of delegates per course shall not exceed 20, nor be less than 4. 

entire presentation. 

shall satisfy the requirements for a lead tutor. 

management and audit in software and IT systems business environments. 

8. VARIATIONS 

___________________________________________________________________________________ 


There are TWO independent elements in the assessment of each delegate’s 

9.1 

of the learning objectives, both of which shall be satisfied if the delegate 

attainment 

assessment: Delegates will be required to demonstrate acceptable 

Continuous 

of performance in the 7 learning objectives (2.1.1 – 2.1.7) to 

achievement 

complete the course. Some of these requirements will be tested in the 

successfully 

but training organisations shall incorporate the testing of objectives 

examination, 

2.1.5 and 2.1.6 into formal continuous assessment processes. Refer 

2.1.3, 


written examination: Which shall be one of the IRCA set papers (reference 

A 

latest revision). 

IRCA/146 

Delegates shall sit a written examination of two hours duration using one of the 

9.2 

issues of IRCA set papers. The examination paper has four sections. All 

current 

shall be attempted, a maximum of 100 marks is available, and the pass 

questions 

shall be 70. Delegates shall be required to achieve at least 40% in each section. 

mark 

The approved training organisation may modify these examinations papers to reflect 

9.3 

software and IT business environment as indicated below, but shall not change 

the 

Minor changes in the wording may be made to reflect local language 

9.3.1 

differences 

Changes in wording to better reflect the specific context, e.g. the software 

9.3.2 

IT systems business environment. These changes shall NOT represent 

and 

The NCR form may be replaced by a similar form which is routinely used by 

9.3.3 

approved training organisation. 

the 

A maximum of 25% of each paper may be replaced as indicated below but 

9.3.4 

such that the structure of the paper is changed. 

NOT 

Section 1: May replace 5 of the 15 questions with alternative questions, 

a) 

to be worth 1 mark. 

each 

Section 2: May replace 2 of the 5 questions with alternative questions. 

b) 

questions will require a brief written answer, each of which will 

These 

Section 3: May replace 1 of the 3 questions with an alternative question. 

c) 

question will require a detailed written answer, and will be worth 

This 

Section 4: May NOT make changes except as permitted by clause 9.3.2 

d) 

i.e. change of context. 

above, 

Send to IRCA the alternative question (identifying clearly which 

b) 

it is intended to replace) and its solution for approval before it 

question 


__________________________________________________________________________________ 

9. DELEGATE ASSESSMENT & EXAMINATION 

is to satisfactorily complete the course: 

the structure of the paper: 

substantive changes to either the question or the solution. 

be worth 5 marks. 

10 marks. 

9.3.5 On replacing a question, the approved training organisation shall: 

a) Provide a solution and marking scheme for the alternative question. 

is incorporated into IRCA examination papers. 

___________________________________________________________________________________ 


Course advertising and promotional literature shall not state or imply that this 

10.1 

satisfies more than the training requirements for certification as an IRCA 

course 

Promotional material shall clearly state that, prior to the commencement of the 

10.2 

all delegates are expected to have some understanding of the content, 

course, 

and implementation of the ISO 9000:2000 series of standards, ISO 9000- 

application 

and the Issue 5 TickIT Guide. 

3 


__________________________________________________________________________________ 

10. COURSE PUBLICITY & ADVERTISING 

TickIT auditor. 

___________________________________________________________________________________ 


3.1.2 f) requires that delegates be able to explain the intent and requirements of each 

Clause 

particularly in respect of software and IT systems businesses, and all clauses will be 

clause 

for inclusion in the examination. However, it is recognised that delegates may 

considered 

knowledge of ISO requirements before attending the course, either from previous 

have 

experience or pre-course work. Training organisations will not be expected to 

training, 

a clause by clause analysis of ISO 9001, but will need to satisfy themselves that this 

present 

2.1.3 requires delegates to interpret and apply ISO 9001 requirements in a software 

Clause 

IT systems business environment. 

and 

3.2.2 b) requires delegates to suggest what objective evidence might be needed to 

Clause 

requirements. 

satisfy 

requirements should be tested through practical exercises and it is recognised that 

These 

will only be able to gain this practical experience of very limited parts of ISO 9001. 

delegates 

organisations should use their judgement in deciding which requirements to 

Training 

on in such practical activities. 

concentrate 

move to a process approach to auditing will have particular impact on the planning and 

The 

of audits. The following notes are for guidance and include considerations 

conducting 

· Audit plan includes all activities applicable to the scope of audit and the audit standard 

· Audit trails are established from top level policy to all relevant functions and levels in 

· Audit programme enables links between policy, objectives, targets, monitoring and 

· Audit programme reflects the structure, sequence and interrelationship of processes in 

· Audit programme is sufficiently flexible and enables objective evidence to be gathered 

· Audit programme reflects the organisation’s goals and priorities. 

· The purpose, inputs, outputs, controls and resources applicable to each process are 

· Links are established between processes and high level and local quality objectives. 

· The outputs of the process are compared with desired outcomes, the purpose of the 

· The steps in the process and associated responsibilities are determined, where 

· Inter-relating processes are identified. 


__________________________________________________________________________________ 

APPENDIX 1: NOTES FOR GUIDANCE 

Coverage of ISO 9001 

objective is met. 

Process Auditing 

auditors may need to make when planning and conducting process audits. 

Planning the on-site audit: 

(e.g., ISO 9001 or the contract). 

the organisation. 

continual improvement to be established. 

the organisation. 

to verify activities and results. 

Conducting the audit: 

clear. 

process and any specific quality objectives. 

necessary. 

___________________________________________________________________________________ 


· Process measures are identified. 

· Evidence of continual improvement is sought. 

· Needs of internal and external customers are clear. 

in the year 2000 issue version of ISO 9001 have implications for the process of 

Changes 

review. In many instances it will not be possible to assess whether ISO 9001 

document 

are satisfied in principle from looking only at the quality manual and 

requirements 

Auditors will need to take a more holistic approach to assessing the adequacy 

procedures. 

system documentation (not just procedures) and may perform part or all of this activity 

of 

Training organisations should reflect this more holistic approach in both input 

on-site. 

organisations will need to develop continuous assessment processes to assess 

Training 

performance, as required in Clause 9.1. Such assessment processes should allow for 

delegate 

and objective evaluation, supporting the concept of factual decision making, and 

fair 

by appropriate records. 

supported 

· To assess the ability to plan for an audit, written audit plans and/or checklists might be 

Interactive skills of conducting an audit can be assessed by observing performance of 

· 

activities and assessing them against defined performance criteria (such 

these 

criteria could be based on the enabling objectives contained in this 

performance 

document). 

is intended that the assessment process will support the learning process with constructive 

It 

timely feedback given to delegates. Where practicable, training organisations may build 

and 


__________________________________________________________________________________ 

Document Review 

sessions and exercises. 

Assessment of Delegate Performance 

Methods of assessment should be suitable for the activity being assessed, e.g.: 

evaluated against a marking scheme. 

in opportunities for delegates to improve and be reassessed. 

Session Plans 

A sample of a session plan is provided on the following page. 

___________________________________________________________________________________ 


of the session: To provide delegates with practical experience in preparing an audit 

Purpose 

checklist. 

exercise 

Introduce 

through the exercise brief, highlighting the following points: 

Talk 

to prepare a checklist that will enable the delegates to conduct an 

Task: 

process based audit of that area of the case study organisation. 

effective, 

If the delegates require further help on how to approach the exercise, 

· 

suggested steps that they might follow in order to accomplish 

highlight 

the output from this exercise is part of the formal continual 

Note: 

and will therefore be marked. 

assessment, 

exercise 

Run 

to monitor pairs regularly, and provide clarification, support and 

Tutors 

Lead a brief discussion of the exercise, i.e., how they went about it, 

· 

was easy/difficult etc. Draw out any general points observed by 

what 

Provide feedback to delegates on the results of the exercise and any 

· 

points for improvement at the earliest opportunity. 

further 

delegate 

Handout 

"preparing an 

brief: 

chart process 

Flip 

steps 

checklist 

Audit 

sheets 

pro-forma 

checklist 

Audit 

scheme 

marking 


__________________________________________________________________________________ 

Sample Session Plan 

SESSION PLAN 

Course Title: ISO 9001: 2000 TickIT Auditor/Lead Auditor 

Session Title: Preparing an audit checklist Session Number: 6 Duration: 1 hr 30 mins 

Objectives: 

Learning 

Identify documents and sources of information required to produce a checklist. 

q 

q 

Produce an audit checklist to be used in audit practical later in the course. 

Tutor Notes: Training Activities and Methods 

Materials 

and Equipment 

Introduction 

· Explain that this session builds on the previous session in which the 

OHP session 6 intro 

preparation of an audit checklist was discussed and demonstrated. 

· Opportunity to try it out in practice. 

audit checklist" 

Process: 

· Pairs exercise. 

the task. 

Output: 

· Audit checklist (either on the pro-forma sheets, or using any format 

preferred by the delegates) 

· A list of the documents and sources of information used in the 

preparation of the checklist. 

coaching as required. 

Time for exercise: 1 hour 

Feedback from exercise 

· Collect output from delegates 

tutors during the exercise. 

Marking exercise 

· Mark each submission in accordance with the marking scheme. 

___________________________________________________________________________________ 


Establishing requirements, including implied requirements 

1. 

Application of ISO 9001 to in-house development 

2. 

Overview of software development and testing methods, including RAD 

3. 

Planning and risk management 

4. 

Reviews 

5. 

Verification, Testing, Validation, Field Testing and Acceptance Testing 

6. 

Process/product monitoring and measurement 

7. 

Configuration Management 

8. 

Backup, Security and Archiving 

9. 

Contemporary Issues (e.g. Security management, Outsourcing, Facilities 

10. 

screen-based quality systems) 

Management, 

Current Quality Initiatives (e.g. EFQM, CMM, ISO/IEC TR 15504, Bootstrap) 

11. 

Established and more recent National and International Standards in the IT Sector 

12. 

ISO 12207, ISO 9126, ISO 14598, BS 7799 and TL9000,) 

(e.g. 

about and discussion of the above topics may be introduced through examples 

Information 

the course material, exercises, tutorial sessions, handouts and videos. (See Clause 1.5 

in 

references have been made to ISO 9000-3:1997, the guidance material therein must 

Where 

related to ISO 9001:2000 using Annex B, Table B.1 

be 

course providers may use Part E of the Issue 5 TickIT Guide as this contains the 

Alternatively, 

of the ISO 9000-3:1997 material allocated as appropriate to each clause of ISO 

majority 

is likely that ISO 9000-3:1997 will be revised and re-issued in 2001/2. In which case, the 

It 

in the revised standard will take precedence over ISO 9000-3:1997 and the Issue 5 

guidance 


__________________________________________________________________________________ 

APPENDIX 2: NOTES FOR TickIT SECTOR GUIDANCE 

Recommended topics for inclusion in the context of software and IT auditing 

above). 

9001:2000. 

TickIT Guide. 

___________________________________________________________________________________

ISO 9000:2000 Series TickIT Auditor/Lead Auditor Training ... - IRCA

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?