Sofema Aviation Services (SAS) www.sassofia.com considers both best practice as well as “pointers” to ensure an effective compliance audit.
Introduction
In the complex environment delivered by EASA, it is necessary to have a proactive approach to maintaining a full understanding of all regulatory obligations. It is incumbent on the organisation to strive at all times to comply with best practices as well as industry standards.
What does an effective EASA Compliant Quality System Look like?
A successful Quality System requires a fully functioning closed-loop system or process which typically delivers compliance oversight processes that provide for an effective environment for raising full awareness of discrepancies as well as an understanding of the appropriate remedial action or mitigation.
Our primary objective is to ensure conformity within a strong & effective organisation.
- Compliance Auditing brings with it the daily challenge of ensuring that the organisation remains at all times fully compliant with both internal and external obligations.
- To support this objective requires a robust and continuous oversight of all internal processes and procedures.
We use compliance auditing technics to:
- Ensure organisational adherence to regulatory and organisational obligations.
- To validate the effective management of the organisational controls.
- To ensure continuous delivery of compliant Quality Control driven processes.
Being able to support an in-depth understanding of non-conformities in your organisation is part of the mission.
Advanced Auditing Techniques may be applied in any audit situation including management system processes, determining the effectiveness of existing or client quality & safety audit systems.
By making the best possible use of Information and visibility of measuring systems it should be possible to reduce the cost of compliance without compromising either the overall product quality or the organisational risk and exposure.
The Role of the Audit and How to Dig Deeper?
As we understand the role of the audit provides us with an opportunity to perform an assessment as well as an opportunity to ensure effective implementation of organisation processes and procedures in conformity with all related requirements.
To take the audit to a higher “advanced level” requires a detailed evaluation (against a standard) of the effectiveness of the Quality Management System (QMS) together with all Quality Control (QC) processes.
Consider the following:
- To achieve conformity without organisational effectiveness does not promote a strong organisation.
- Without full regulatory conformity, the organisation will be exposed (regardless of the effectiveness of the product or process).
EASA / ISO Comparison
What’s in an ISO Audit Program?
- We should start by comparing the difference in focus between an ISO Audit Program and the EASA Audit Program.
- Related to ISO the audit program typically contains 3 primary elements:
o   Compliance
o   Risk Management
o   Continuous Improvement
What’s in an EASA Audit Program?
Related to the audit program essentially the EASA Compliance audit focuses on a single element:
- Compliance
o   Within the EASA Audit environment the primary objective is to ensure compliance (both externally with the regulatory requirements and internally with organisational requirements.
Note: Whilst mention is made within the regulations regarding Continuous Improvement it is not supported by any significant related EASA “Acceptable Means of Compliance” (AMC) or “Guidance Material” (GM) documentation.
Note considering Risk Management:
- EASA requires an active Risk Management environment however this is typically found within the Safety Management System (SMS) rather than within the Quality Management System
Advance Audit Questions which should form the basis of the Audit Interview / Discussions.
Note that these are essentially subjective questions and depending on the answer may oblige you to look further for your answers – however, it is important not to lose sight of the core requirement and every finding must be recorded against a documented requirement/standard.
- Is the process documented understood and correctly defined in accordance with regulatory requirements?
- Are the processes adequately managed and maintained?
- What would cause the procedure/process to be changed?
- Are all relevant responsibilities associated with the process assigned?
- Are all stakeholders impacted by the process competent for the role they perform – how is this managed and measured?
- How is the effectiveness of the process measured? (Does it achieve the required and desired results?)
- Is there training associated with the procedure? If yes how is it assessed and managed?
- How often is the organization analysing associated data? (Is the periodicity effective?)
- Is the organisation able to implement change based on the information being analysed?
Ongoing objectives within an effective QMS include the following:
- The ability to demonstrate on a continuous basis conformity of the QMS to the required standard;
- The need to show in details the full process definition including all process elements inputs and outputs;
- A method whereby the validity of any process is identified;
- The management of the competence of any person who reviews and assesses any data;
- The development of a process to manage the definition of targets and evidence that such targets are met – Key Performance Indicators (KPI);
- A method whereby any identified discrepancies can be formally rectified to include analysis of the root cause together with the development of appropriate responses.
Compliance Auditing – Understanding the Process
In the complex environment delivered by EASA, it is necessary to have a proactive approach to maintaining a full understanding of all regulatory obligations.
- Any issues which are raised as Corrective Action /Preventative Action (CAPA) need to be addressed by the business area owner in a timely and efficient manner.
- All documentation must be controlled within the framework of the organisation, with status and revision control managed and periodically audited for full compliance.
Obligations related to Compliance Auditing
- The Audit Management, Control, and Oversight system should ensure that the established safety and quality procedures are fully complied with.
- In addition to
o   Plan and deliver audits,
o   Review findings,
o   Perform root cause analysis and
o   Develop additional actions where necessary (under the specific control or guidance of the business area owner of post holder).
In an effective Quality Management System QMS monitoring is a continuous process.
Next Steps
Follow this link to our Library to find & Download related documents for Free.
Sofema Aviation Services (www.sassofia.com) and Sofema Online (www.sofemaonline.com) offer multiple soft skills training including the following course: EASA Compliant Aviation Quality Assurance Senior and Lead Auditor Course – 5 Days
Please visit www.sofemaonline.com or email team@sassofia.com for additional details or if you have any questions.
Tags:
Audit, aviation, aviation course, Aviation Quality System, Compliance Audit, EASA, EASA compliant, EASA Compliant Quality System, QMS, Quality Control, Quality Management System, Risk Management, SAS blogs
