Sustainable Fibre Alliance
Internal Audit Procedure
Document Reference:
SCS-038-01.0-EN
Internal Audit Procedure
Document No: SCS-038-01.0-EN
Page 2 of 10
Approvals
The signatures below certify that this Scheme Certification Manual has been reviewed, approved and demonstrates
that the signatories are aware of all the requirements contained herein and are committed to upholding them.
Name
Signature
Position
Date
Prepared by
Charles Hubbard
Operations Manager
(Temp.)
02/08/2021
Reviewed by
Lesley Colvin
Standards and
Compliance Manager
03/08/2021
Approved by
Una Jones
Chief Executive
05/08/2021
Amendment Record
This procedure reviewed to ensure its continuing relevance to the systems and process that it describes. A record of
contextual additions or omissions is given below:
Page No.
Context
Revision
Date
Internal Audit Procedure
Document No: SCS-038-01.0-EN
Page 3 of 10
Internal Audit Procedure
Document No: SCS-038-01.0-EN
Page 4 of 10
Contents
CONTENTS 4
P010 INTERNAL AUDIT PROCEDURE 5
1. INTRODUCTION & PURPOSE 5
2. REFERENCES 5
3. TERMS & DEFINITIONS 5
4. APPLICATION & SCOPE 5
5. REQUIREMENTS 5
6. PROCESS 6
6.1 Audit Planning 6
6.2 Audit Preparation 6
6.3 On-site Audit 7
6.4 Wrap-up Meeting 7
6.5 Follow-up 7
6.6 Reporting 7
6.7 Review 7
6.8 Records 7
6.9 Audit Process Matrix 8
6.10 Internal Audit Process Map 10
Internal Audit Procedure
Document No: SCS-038-01.0-EN
Page 5 of 10
P010 Internal Audit Procedure
1. Introduction & Purpose
The purpose of this procedure is to define the Sustainable Fibre Alliance’s (SFA) process for undertaking internal audits
in order to assess the effectiveness of the application of their Internal Management System (IMS) and also to define
the responsibilities for planning and conducting audits, reporting results and retaining associated records.
2. References
Reference
Title & Description
Internal Management System Manual
F010-1
Internal Audit Schedule
F010-2
Internal Audit Plan
F010-3
Internal Audit Assignment
F010-4
Internal Audit & Gap Analysis Checklist
F010-5
Internal Audit Report
F010-6
Internal Audit Feedback
3. Terms & Definitions
Term
Definition
Non-conformity
Non-fulfilment of a requirement
Corrective Action
Action taken to eliminate the cause of a non-conformity
Audit
A systematic, independent documented process for obtaining and evaluating audit
evidence objectively to determine the extent to which audit criteria are fulfilled
4. Application & Scope
The scope of this procedure is focused on assessing the effectiveness of the SFA’s IMS. Where such processes are
found to be deficient, the audit will lead to improvement in those processes.
Using the process of audit, SFA ensures that all internal audits are conducted with due professional care, integrity and
independence. All conclusions derived from the audit are based upon objective and traceable evidence.
5. Requirements
An audit of the IMS is conducted at planned intervals to:
• Determine whether the IMS conforms to planned arrangements
• Determine whether the IMS is properly implemented and maintained
• Provide information on the results of audits to the SFA Board and Management
Internal Audit Procedure
Document No: SCS-038-01.0-EN
Page 6 of 10
6. Process
Internal auditing is undertaken at least once annually. The maximum interval between audits is twelve months. Audits
may be completed with a greater frequency if determined by the Standards and Compliance Manager or as
determined by:
• ISEAL Code of Practice requirements
• Customer complaint
• IMS requirements
• Business objectives
• Corrective actions
• Statutory/legal requirements
• Management decisions
• Concerns raised by 3
rd
parties
• Results of 3rd party audits
• Employee concerns
• Management Review concerns
6.1 Audit Planning
The Standards and Compliance Manager is required to:
• Establish and communicate internal audit schedule
• Establish and implement internal audit plan
• Appoint audit team leader where required
• Select audit team, see 6.1.1 below
• Assign audit duties to the auditor team
6.1.1 Audit Team Evaluation & Selection
To ensure impartiality and objectivity, the audit team will include personnel from departments not directly
associated with the area/department being audited.
Audit team members are selected on the basis of:
• Education: secondary or higher
• Work Experience: more than 5 years
• Relevant Training: provided in-house or externally
• Audit Experience: demonstrable knowledge/skills
6.2 Audit Preparation
The Audit Team is required to:
• Review relevant management system documents and records
• Determine their adequacy with respect to the audit criteria and with the requirements of the IMS
• Review and prepare the internal audit checklist
• Arrange audit appointment
Internal Audit Procedure
Document No: SCS-038-01.0-EN
Page 7 of 10
• Issue the audit checklist to the responsible manager
6.3 On-site Audit
The Audit Team is required to:
• Conduct opening meeting
• Sample and observe process inputs/outputs
• Record objective evidence to verify process compliance or non-conformance
• Generate audit findings
6.4 Wrap-up Meeting
The Audit Team Leader and responsible manager are required to:
• Review audit conclusions and discuss recommendations for improvement
• Decide whether any non-conformances observed should be included in correction reports or solved immediately
• Minor areas of non-conformance are taken care of immediately
• Prepare an audit report
• Review audit report with the responsible manager
• Corrective actions are reviewed by the responsible manager and close out action is agreed upon
• The audit leader and responsible manager sign off audit report
6.5 Follow-up
The Auditee/Responsible Manager is required to:
• Ensure corrective actions are implemented and are closed-out within the agreed timeframe
• Ensure non-conformances are closed-out within the agreed timeframe
• Ensure the status of corrective actions and any non-conformances are kept up-to-date
6.6 Reporting
The Standards and Compliance Manager is required to:
● Review audit conclusions
● Identify trends
● Make recommendations for improvement
● Finalise the internal audit report
● Issue internal audit report to the Chief Executive
6.7 Review
The Chief Executive is required to:
● Consider and act upon audit findings during the management review process
● Use the internal audit report to promote best practice
● Ensure records are maintained
6.8 Records
All documentation and records generated by the internal audit process are managed in accordance with IMS Clauses
4.2.3 & 4.2.4.
Internal Audit Procedure
Document No: SCS-038-01.0-EN
Page 8 of 10
6.9 Audit Process Matrix
Action
Responsibility
Output
6.1 Planning
Establish and communicate internal audit schedule
Standards and
Compliance Manager
(S&CM)
F010-1
Establish and implement internal audit plan
F010-2
Appoint the audit team leader where required
Select the audit team
Assign audit duties to the auditor
F010-3
6.2 Preparation
Review relevant IMS documents and records
Audit Team
Determine their adequacy with respect to the audit criteria
Review relevant requirements of ISEAL Codes of Practice
Review and prepare the internal audit checklist
F010-4
Arrange audit appointment
6.3 Audit
Sample and observe necessary process inputs/outputs
Audit Team
Record objective evidence to verify process compliance
Generate and record audit findings
F010-4
6.4 Wrap
-up meeting
Decide whether any non-conformance observed should be included in
correction reports or whether they can be solved immediately
Audit Team Leader
and Responsible
Manager
Minor areas of non-conformance are taken care of immediately, while a
conclusion for the audit as a whole is written down
An audit report is prepared which is examined together with the manager
responsible for the area in question
F010-5
Corrective actions are reviewed by the manager responsible and close out
action is agreed upon
The audit leader and responsible manager sign off audit report
The reports are given to the S&CM & the responsible manager
6.5 Follow
-up
Ensure corrective actions are closed-out within the agreed timeframe
Responsible Manager
Ensure non-conformances are closed-out within the agreed timeframe
Ensure status of corrective actions and non-conformances communicated
to the S&CM
Internal Audit Procedure
Document No: SCS-038-01.0-EN
Page 9 of 10
Action
Responsibility
Output
Provide feedback on the audit process
F010-6
6.6 Reporting
Review audit conclusions
Standards and
Compliance Manager
Identify trends
Make recommendations for improvement
Finalise internal audit report
Issue internal audit report to the Chief Executive
6.7 Review
Consider and act upon audit findings during Management Review
SFA Board
Use the internal audit report to promote best practice
Internal Audit Procedure
Document No: SCS-038-01.0-EN
Page 10 of 10
6.10 Internal Audit Process Map
Audit Considerations
• ISEAL Code of Practice
requirements
• Customer complaint
• IMS requirements
• Quality objectives/policy
• Corrective actions
• Statutory/legal
requirements
• Management decisions
• 3
rd
party concerns
• Results of 3rd party audits
• Employee concerns
• Management Review
Additional Considerations
• Status
• Importance
• Frequency
Document review
Conduct audit
Verify close-out at
follow-up meeting
Recommendations for
improvement
Management review
Non-
complian
ce
Close-out corrective
actions
NO
UPDATE
Review audit findings
Standards and
Compliance Manager
Audit Team
Responsible Manager
Chief Executive and SFA
Board
YES
Initiate corrective
actions
Devise audit plan
F010-2
Prepare audit schedule
F010-1
Assign audit duties
F010-3
Prepare audit checklist
F010-4
Prepare audit report
F010-5
Provide feedback on
audit F010-6
