Technical Audit in Steel Industry
Technical Audit in Steel Industry
Technical audit is an audit which is performed by an auditor who is a technical person with an in-depth knowledge of the subject matter. The technical audit a systematic, documented verification process of objectively obtaining and evaluating the audit evidence, in conformance with the audit criteria and followed by communication of the results for the people who have initiated the audit with some purpose. In technical audit, the technical aspects of every system, equipment, process, stores and inventories, spare parts, administration, commercial activities and all the inputs are studied without any prejudices.
Technical audit is conducted against an objective which is generally of technical nature and consists of the verification, monitoring and analysis of the available data and submission of technical report containing recommendations. The technical audit is normally associated with examination, verification, and evaluation, assessment, and check activities. For the technical audit, the auditor is required to have the knowledge of the auditing process, technology, design and engineering, relevant standards and regulatory norms, and latest developments in the fields for which the audit is being conducted.
Technical audit differs from the audit of systems (e.g. quality management system, and environment management system etc.) with respect to scope definition and the objectives. Both types of the audits are conducted by an authorized person for the purpose of providing an independent assessment. Both types of audits are conducted within the defined geographical boundaries. In case of the system audit, the audit is mainly focused on the system having the adequacy and compliance with the system standard as well as the controls applied to achieve this compliance. Hence the audit process is more or less a mechanical process. On the other hand, the technical audit is focused on the objective of the audit. In this type of audit the stress is to study the present status along with the present and the past performance of the processes, practices, and procedures related to the audit objectives and provide recommendations as per the audit scope. Hence, the technical audit is more complex than the system audit. However, it provides some flexibility to the auditor.
Further, while a system audit can be conducted by a trained auditor with the experience and knowledge of the auditing but limited technical knowledge of the processes of the plant, the technical audit needs an additional requirement of the in-depth knowledge of the subject matter in addition to the training and experience in auditing. The technical audit is to be carried out by a technical person with a proven track record and vast hands‐on experience in the assessment, analysis, and advising. For the technical audit, there is a necessity for a very detailed planning and preparation of a comprehensive check-list.
Technical audit is normally conducted for an industry, for a plant, or for a unit, department, or division of an organization. It is conducted based upon the agreed upon requirements. It is always conducted against an objective or a combination of several objectives. It is a focused audit and the analysis of the data and the information as well as the recommendations of the audit are provided to meet the objectives of the audit. The audit is required to be conducted in a professional manner and is not to be dragged for a long time.
The objectives of a technical audit can vary from one plant to other plant. The objectives of technical audit can be one or more of the objectives which are enumerated as (i) status of the technology, (ii) operational practices, (iii) operational efficiency, (iv) manufacturing process, (v) health of the plant and equipment, (vi) maintenance practices, (vii) energy conservation, (viii) waste management, (ix) quality systems, (x) compliance with regulatory norms with respect to safety, environment, and labour laws etc., (xi) quality and marketability of the products, (xii) cost reduction and (xiii) infrastructure supporting the operations, (xiv) training requirements based on the knowledge and experience of the work force, (xv) valuation of the assets, (xvi) preparedness against risks or natural disasters, and (xvii) many more.
The assessment findings of a technical audit are only as good as the knowledge and experience of the auditor who performs the audits and assessments. Auditor is to be technically competent and sound. He is to be even tempered, is required to possess integrity, remain objective, and report only what is observed. He is to maintain proper confidentiality of the findings. He is required to have good information gathering and communication skills. His capabilities are to include the demonstrated ability to extract and provide information, analyze that information, and report the results accurately. He is to be qualified to perform the audit duties by virtue of education, training, and/or experience. He is required to know the audit techniques, is to be competent in the subject under assessment, and is to be familiar with basic quality system concepts and principles. The key is that the auditor is to possess the needed audit expertise and subject matter knowledge for the scope of the audit. There are normally three general requirements for the auditors as given below.
- The auditor is to have the adequate professional proficiency for the audit. He is required to have the technical knowledge and auditing skills necessary for the audit.
- The auditor is to be free from personal and external barriers to independence, organizationally independent, and able to maintain an independent attitude and appearance. He is to maintain independence so that audit findings are both objective and viewed as objective by knowledgeable third parties. The auditor is to consider not only whether he is independent and whether his attitudes and beliefs permit them to be independent but also whether there is anything about his actions in some situations which might lead others to question his independence. All situations deserve consideration because it is essential not only that the auditor is to be independent and objective in fact but also the knowledgeable third parties consider him to be so as well.
- The auditor is to use due professional care in conducting the audit and in preparing related reports. It is the auditor’s responsibility to follow all applicable standards in conducting audits. Auditor is to use sound professional judgment in determining the standards which are to be applied to the audit. Exercising due professional care includes use of sound judgment in establishing the scope, selecting the methodology, and choosing the tests and procedures for the audit. The same sound judgment is to be applied in conducting the audit and in reporting the findings.
Type of technical audit depends on the function, size, and the type of the plant, the depth to which the audit is needed, and the potential and the magnitude of the results desired from the audit. There are normally two types of technical audits. These are namely (i) preliminary or quick audit, and (ii) detailed audit. Preliminary audit is also known as ‘walk-through’ audit while the detailed audit is full diagnostic audit. These two types of audits differ from the point of view of the depth of the data collection and analysis which can be different depending on the scope and objectives of the audit.
The preliminary audit is carried out in relatively short time. There is no measurement and no detailed collection of data is done. It is normally carried out with readily available information with respect to the audit objective. Only the available information and visual observations are generally used for simple analysis in this type of the audit. The effectiveness of the audit results is dependent on the accuracy and the authenticity of the available information. The outcome of this audit is normally general in nature.
In case of detailed or diagnostic audit, the systems and the practices followed against the audit objectives are assessed in depth. Hence, more detailed data and information are needed. Data is generated not only by observations but also by going in details the previous records and analyzing them. Also, measurements are done during the audit wherever necessary. The number and the comprehensiveness of the measurements depend on the availability and the authenticity of the previous data which is available. Hence longer time is needed for this type of the audit. The results of the detailed audit are more accurate, comprehensive, and useful, since they are based on the actual situation existing. More specific and accurate recommendations for improvement can be given based on detailed audit.
During the technical audit, the following seven attributes of the data or the information are to be maintained and ensured.
- Effectiveness – It deals with the information being relevant and pertinent to the audit objectives as well as being delivered in a timely, correct, consistent and usable manner.
- Efficiency – It concerns the provision of information through the optimal (most productive and economical) usage of resources.
- Confidentiality – It concerns with the protection of the sensitive information from the unauthorized disclosure.
- Integrity – It relates to the accuracy and completeness of information as well as to its validity in accordance with the organization’s set of values and expectations.
- Availability – It relates to the information being available when needed for carrying out the audit, and hence also concerns the safeguarding of the resources.
- Compliance – It deals with complying with the laws, regulations and contractual arrangements for meeting of the audit objectives i.e., externally imposed criteria for the data and the information. This essentially means that audit is to be conducted within the ambit of rules, regulations and/or conditions of the organization.
- Reliability of the information – This means the data and information used for the audit is to be reliable.
The problems or failures associated with the technical audit are due to the lack of audit preparation, checklist, or audit criteria elements, auditor skills and knowledge, commitment from the management, and bureaucratic reporting. The audit checklist is for the reference of the auditor and helps the auditor to conduct the audit work in a systematic and consistent way. Systematic approach to the auditing is the first element for successful technical audit. The systematic audit program includes initiating the audit, preparing for onsite audit, conducting on site audit, report preparation and submission.
The scope and objective of the technical audit defines the boundaries of the audit. There are basically three steps in the technical audit (Fig 1). These are (i) planning and preparation, (ii) execution which includes collection of data, its analysis and evaluation, (iii) documentation and reporting. Each of these three main steps has several sub-steps. These sub-steps are dependent on the nature of the audit and the objective of the audit.
Fig 1 Three steps of the technical audit
Before the start of the audit, it is desirable to have an opening meeting with the organizational management where the issues to be discussed are (i) the authority for the audit, (ii) the audit planning (including the timing, logistics and hospitality issues during the audit), (iii) the purpose and scope of the audit, (iv) the details of how the audit to be conducted, (v) the information needed during the audit, (vi) the expected product of the audit (e.g. an audit report), (vii) assurance for the confidentiality of the received data and the confidentiality and dissemination of the audit results, and(viii) the schedule for the audit and its documentation/report etc.
Planning and preparation
It includes preliminary assessment and information gathering. Although concentrated at the beginning of an audit, planning is an iterative process performed throughout the audit. This is because the results of preliminary assessments provide the basis for determining the extent and type of subsequent auditing. If the auditor finds after analysis that the information collected is not sufficient in arriving at a conclusion, then he can find it necessary to reevaluate their earlier conclusions and other planning decisions made based on those conclusions.
The auditor is to gather knowledge and inputs on several aspects of the organization to be audited. He is to understand the organizational structure as well as the function and the operating environment of the organization. This is to include a general understanding of the various practices and functions relating to the audit, the types of information systems supporting the activity, as well as the environment it is operating. Understanding the organization helps to decide what to audit, and to what extent.
The auditor can gather the required information by reading available background material including organization publications, annual reports and independent audit/analytical reports, review of the long-term strategic plans, interviewing of the key personnel to understand various issues, and by visiting the key organization facilities. The extent of the knowledge of the organization processed by the auditor before the start of the audit makes him understand the nature of the organization and the level of details at which the audit work is to be carried out. The auditor is also to use this information in identifying potential problems during the audit and in the formulation of the audit plans.
Execution of the audit plans
Competent, relevant and reasonable data and information is to be obtained for the audit. The amount of the data and the quality of the data to be collected depends on the audit objective and the auditor’s knowledge, experience and the judgement. Data collection techniques are to be carefully chosen. The auditor is required to have a sound understanding of techniques and procedures chosen. Further, only the reliable data is to be collected and there need to be documentary evidence of the data. Also, the collected data is to be such that it can be analyzed.
Data collection methods can include recorded interviews, answer to questionnaires, flow charts, equipment lists, written manual, policies and procedures, and copies of the available records with the organization. Physical evidence is obtained by observation. However, it is better to take photographs in case of physical observations. The auditor is required to adequately document the audit evidence.
The collected data is then to be analyzed with respect to the audit objectives. In case of inadequacy of the data to meet the audit objectives, additional data need to be collected. The analysis of the data can be done by using the data analysis techniques.
Documentation and reporting
Auditor is to adequately document the audit evidence in working papers, including the basis and extent of the planning, work performed and the findings of the audit documentation is to include a record of (i) the planning and preparation of the audit scope and objectives, (ii) the audit programme, (iii) general information pertaining to the organization, (iv) the evidence, information and the data collected, (v) points discussed in interviews clearly stating the topic of discussion, person interviewed, position and designation, time and place, (vi) observations made by the auditor during the audit (the observations can include the place and time), and (vii) reports and data obtained from the records directly by the auditor or provided by the organization (the auditor is to ensure that these records carry the source, the date, and the time). At various points in the documentation the auditor can add his comments and clarifications on the concerns, doubts and need for additional information.
The report is to be made in time. It is to be complete, accurate, objective, convincing, and as clear and concise as the objective permits. The report can be broadly structured under the different headings namely (i) introduction, (ii) general information of the organization, (iii) objectives, scope and methodology and the limitations of the audit, (iv) procedure adopted, techniques used, and assumptions made during the auditing, (v) data and data analysis, (v) outcome and the audit results and findings, and (vi) conclusions and recommendations if any. The findings and the results are to be supported by the data analysis, facts, and the background information.