Redline Internal Audit Report with airSlate SignNow

Redline internal audit report

the broadcast is now starting all attendees are in listen-only mode hi I'm the webinar organiser Louise King thank you for joining today's webinar on internal auditing today's presenters are howard doors and gary cornell both senior environmental auditors and consultants at the british safety council you have joined today's webinar listing through your computer's speaker system by default if you'd like to call in using their phone especially if you having audio issues to first locate your Audio pane and select choose telephone please feel free to send us your questions through this session simply click on the questions pane on the right hand side and click and just type your question and click send at the end of the presentation we respond to your questions if we don't have time to answer all of them we will answer remaining questions via email after the session ok let's get started I will now take you over to Howard or hello Howard so ease hi everybody good afternoon welcome to this webinar on internal auditing in the context of ISO 14001 2015 my name is Howard as the resis mentioned I am senior consultant environmental advocate at Bridge City Council and there I am just a very quick overview as to who I am some of you might know me those of you that signed in today so tribes environmentalists broad range of experience across a number of sectors from an auditing and environment manager appointed view principal select areas of interest I guess or expertise include compliance management I'm involved in training and auditing here British Safety Council as well as support organizations about a big magical systems I'm also a lead tutor with respect to the I'm associates took it in environmental management before handing over to Gary I just wanted to perhaps put the session to a bit of context I'm sure that many of you already have a good awareness now of the revised and enhanced requirements of 14001 2015 but it's worth it's worth just refreshing some of the key issues aspect to the standard so you'll be aware already that there's a new common structure to the standards that has been developed in all future management systems so the existing quality one this environmental standard also the future health and safety management system standard ISO 45,000 one that's just going through I think hopefully its final consultation now we'll all have very similar overall structure and the idea there obviously is that we'll be able to easily integrate them and that perhaps from an auditing point of view as well will be beneficial because hopefully there'll be some commonality between some limit or the main elements again I guess providing some context for this section is that some of the revised and enhanced requirements of 14 require us to think slightly differently so there's requirements for example to think around the organizational context so those are the external issues that Mar writes impact on the business so it's not just thinking about how we interact with environments in terms of emissions discharges waste but also thinking about the external issues that might actually also impact on on business operations there's a requirements and think about our stakeholder requirements the needs and expectations we need to identify risks opportunities for the business environmental manager presents both risks and opportunities in the sense of there's obviously a potential to harm the environment but also by modifying operations that presents presents us with opportunity as well and then this new entirely new term but certainly if this is the language that's been introduced now in terms of 14001 compliance obligations so we're not just looking at our legal requirements but also perhaps some obligations that we voluntarily that we choose to comply with perhaps some key requirements for us to stakeholders and other customers perhaps some other things that we need to think about include include taking a life cycle perspective respect to our employment management activities so thinking how we could reduce our overall footprints as big both upstream and downstream so that will take into account the activities of our some of our suppliers our and outsource activities those that we can control and perhaps influence there's a key requirement now in the standards that you'll be aware of in relation to leadership and there's a requirement for our top management to demonstrate leadership so again from an internal audit point of view ethic that might present some interesting interesting questions and then just a couple of things sister mentioned communication enhance requirements for engagement perhaps not journey not only internally but also externally with our interested parties and again the ongoing requirement to ensure that we have competent people within the organization to contribute to overall environmental performance improvement serveral may enhancer is trying to encourage your environmental measures systems to be integrated within core business processes traditionally I think unfortunately 14001 and vomit matrix ISM have been has been bit of a bolt-on onto business processes but now hopefully with revision we should see more integration with respect to what gary is talk about at any moment now the context here is with this particular clause in the standards which is performance evaluation some common areas there that most of us will be familiar with already the idea of monitoring and measurement but perhaps again a slight enhancement here not only do we need to want to measure but you also need to analyze and evaluate our performance so there's a little bit more work required there evaluation of compliance obviously respectable perhaps legal and other requirements our compliance obligations gary is going to talk about how we might approach internal audits in the context of 14 and then also within this particular clause the requirement for a management review so that's a very brief overview very brief introduction to 14001 2015 that i'm sure you'll be aware of I'll hand over now so Gary who's going to take us through approach for internal auditing point of view over to you Gary definitely everybody welcome to this webinar on internal auditing just to introduce myself my name is Gary Cornell I've been working in environmental management for around about 25 years I've worked as an environmental associate British Safety Council for last couple years or so and I've spent 10 years working in certification working around the world with different businesses and I'm currently working on a book on ISO 14001 implementation which is due out later this year hi Gary before you sorry to interrupt you I can see we can see your control panel on your screen you want to minimize that yep I believe that if you click on the orange arrow button there you get there you go no worries next going during this presentation we're going to look at the background to this this approach to auditing which might be slightly different to what you've experienced before we'll look at what I our management system should be delivering forwards and understand a little about the structure the standard and what that mean to our internal audits will then go through the process of planning the audit conducting it and evaluate ignored it and looking at what should happen as a result of the audit this audit approach was developed for some time ago now as a response to businesses that wanted to get more value out of their audits and both internal and external audit there was a concern and perhaps estill is that audit can become too focused on paperwork in bureaucracy rather than really helping the business to improve environmental performance so this approach was designed by businesses to really focus on reality look at behaviors behaviors of people behavior management and the outcomes that have been achieved from the management systems it's used in a range of industries the different types of industries though typically at the moment the ones I'm aware of that they tend to be larger international organizations although this process could be easily applied to any organization so if we look at the traditional approach to auditing typically the auditor would compare the businesses documents against the clauses and standard they're looking to check if they're documented procedures that cover the clauses and understand the written into procedures or manuals the audit might test them that the records are in place that these procedures being followed and that the father the procedures have been followed as described what you typically find then is where there's gaps in the procedures or gaps in following procedures it'ld result in non conformance and I suspect that many of you if not most of you familiar with that traditional approach to auditing however with the new standard the list of mandatory documents required is a lot shorter and the old standard there was a phrase implemented maintained documented procedures and that's gone from the new standard so the list of mandatory documents is reduced significantly so for the auditor it's no longer appropriate to simply check that procedures are in place that meet the standard because the standard doesn't require that anymore so the responsibilities change in most cases what I've seen is that it's been auditors looking to determine if there's a process in place to achieve the requirements for the different clauses and then a check to see if they're evidence that the processes is is happening the does though still remain this focus on documented evidence things like risk registers aspects registers compliance registers interested parties registers records forms etc to show the evidence that these things are happening and as we as with before the conformance e's are typically raised if the if the documentation isn't isn't in place but let's take a step back and let's look at the basics of the 14001 standard starting with defining what is your ISO 14001 management system supposed to do and these three we're going to go through three bullet points and these three bullet points are in the standard they described at the start of the standard as to what your management system should be delivering the first one is to protect the environment meet compliance obligations and enhance environmental performance so the two of those meeting meeting compliance obligations and anthem environmental performance exactly as a written under standard the third protecting the environment is actually defined in the standard is achieved in environmental objectives but for simplicity let's call it detecting the environment because it it makes a little bit more sense to us so any ISO 14001 environmental management system should achieve these three things protecting the environment meeting compliance obligations enhancing environmental performance and we can look at it like this we can put it into these these boxes and then we can drill into these each of these three boxes in turn and look to see what the standard requires overs so if we take protecting the environment are in our management system should protect the environment from pollution incidents from the impact of our business activities that's the aspects and impacts the new standard also puts more emphasis on the use and disposal of or products or services and the materials and resources that we use that's the life cycle thinking and the impact that suppliers have so these are the issues that need to be managed to ensure we can protect the environment or reduce harm to the environment a 40 one of those who were to take pollution incidents we see that there's a bunch of things that the standard requires us to have in place and this section covers things that you need to have need to happen to protect the environment from the pollution incident so these are the processes typically needed to manage the business in order to protect the environment from pollution incidents policy commitment identifying the risks of incidents controlling them put in place competency equipment emergency response cleanup plans so all the things that uses expectations from from the standard as you've done for example so meeting compliance obligations there are different aspects of this so regulatory requirements legislative requirements an S hour sort of managing other requirements that have to be met or the organization's choose chosen to met to meet all those needs expectations of interested parties that the organization's decided it's going to meet so those will become our compliance obligations and again if we drill into one of those look at the legal one there's a series of processes that need to be in place to manage that legal requirements to make sure the business can meet its compliance obligations so again policy commitment but an understanding future and current legislation how to comply with it make you so people know what it not dealing to do etc we're running through that list so we can see that with 14001 there are these three defined results that the system is driving the protecting the environment compliance obligations improving or enhancing environmental performance and the clauses then are the mechanisms that we use to deliver those results what we see is that each clause has a purpose so here can see in this diagram that there's these are typical processes you would find in any business each of the clauses the standards you'd find and one or more of those processes of course it'll vary from place to place but let's just take this as an example in some cases you'll find that these processes are integrated as I've mentioned the standard is really about integration so we will see that there's some processes we'll integrate with other functional disciplines so if we took for example competence and training we may not just see composition training process just for environment but it may be integrated with health and safety or quality or maybe the HR function so orders against a new standard this isn't this is now taking you through a different approach to how you might address auditing against a new standard and it's in four stages and we're going to look at those four stages in 10 we can look at the processes that we have in the business and decide what the expected outcomes are those processes should be not just that the process are being followed but there is something meaningful being delivered that will help us to achieve our three results that we want from our EMS so if we took the competence in training 1 as an example we could define the outcomes as described here now this wording isn't a definitive answer it's not the only way of describing this and it would depend very much on the business and how it's been structured within the business for this example for this audit we could define that the composition training process should deliver or should ensure that management staff and contractors are aware of the environmental impacts associated with our activities and adequately trained incompetent to fulfill their environmental responsibilities and tasks so whatever happening that's what we should see happening as a result of having good composites in training processes if we took emergency planning here we could define the expected outcomes for emergency plans as controls are in place to prevent emergency incidents from causing damage to the environment or breaching or conflicting with compliance obligations so now for example of what an outcome from that process might be inspections we may say something like inspections are identifying and fixing on environmental issues so the key thing is that part of the planning of the audit at this first stage we need to decide what the expected outcomes should be for the processes that we are going to oiled it now strongly suggests at this stage that you get a lot of value from your dates if you get management involved in their stage possibly also the oddity because of what you're doing at this stage is saying this is what we should see happening within the business this is what we're going to audit against the next state is to test to see what is evidence there is for and against the management system delivering those three results that we want we're looking for evidence for and against the business delivering against those three goals for our EMS protecting the environment meeting compliance obligation and hunting environmental performance now this stays my recommendation for all audits pretty much regardless of what scope of your audit you're looking at is to start at the periphery of the business and working towards the center so in a typical site I would start at the south boundary external areas of an external buildings we plant rooms up on the roof warehouses and I'm working in towards the main area of the building and the reason for this is described in this model here so this is a very common feature of many organizations and what we really we can use the audit to test whether isn't this is happening or not so we have standards on one side and across the bottom we have distance from the call the building all of coure in the business so regardless what business is the further away we get away from the core in business we would typically see standards following the red line we typically see standards dropping the further way we get from the core and the reason for that service is because management attention is focused more the core business than what happens to throw other way as where the money is was where the interest is however if we followed the Green Line we see that our environmental risks or the rest is not not meeting expectations very mass increases typically the furthering rate that we go from the core and that leaves a gap between the level of risk and the level of control so by working at the periphery working in towards the core we'll see the worst case scenario first or typically we'd see the worst case scenario first and that gives you self is the auditor the biggest opportunity to fund the most serious issues and so I think applying this process we have the planning stage beforehand this stage two of the audit we're getting out onto the site we start an audit on the periphery and where we're doing the site visit working our way in towards the core the business what are we doing when we're doing that we're looking for facts and evidence we're investigating and trying to discover as much as we can about what's happening we're looking for examples of those three things working or not working when we find something is not meeting admitting that we need to find out as much fat as possible so why who when how what etc and we're going to use all that information later but at this stage we're looking at audit findings that tell us how the business is performing against delivering on these three results at the next stage of it stays three we're going to structure those findings and we're going to make sense of them and we're going to look at examples where the outcomes have been achieved especially especially if this best practice we would include them in but at this stage we wouldn't analyze any best practice examples any further so where we found things that are working really well and particularly if we recognize them as good practice best practice we might highlight them but we wouldn't further analyze them for the ones for the rest of we can we need to figure out what should have been happening so this is where we might look at maybe the documented procedures or anything which describes what should have happened the theory that's documented in our management systems and we'll do this to help us understand the picture a lot more to understand what the root causes of the reasons why things are not working as they should be and we evaluate the findings to loop to see why things didn't work as expected as a number of it causes tools available 5y or you might be using other recons analysis tools in your business and possibly you'd be able to use those which whatever you use the end result should be to link the findings against the expected outcomes of your processes here's an example of a business of worked with and so we was looking at all the the clauses of the management system looked at the different processes there are in the business so those are the the white sheets with the black writing on so we captured what the outcomes of those processes should have been in sequence with the with the management system and then we test each finding against those expected outcomes in order and we work through them in order to see whether or not it failed at that point so for example found an issue and we start with with this one with this example we'd start with was the clear leadership and commitment to addressing those issues if so we'd move one to looking at maybe what was the environmental issue already identified or was it something that the the site hadn't identified if it had been identified we maybe work to look at how people been trained or are they competent okay so they've been competency we move on to was there good operational control in place and we'd worked through the different stages of our AMS looking to see whether or not that finding was as a result of the that outcome not not working not being delivered now this stage again as you said there's a lot of value in doing this work with the oddity and senior management involvement and that's to get their input into this auditing process first to get their understanding is really good get their engagement into the process because it really helps them to understand the audit conclusions when you present the only conclusion to them once we've connected each finding against those expected outcomes and we know which of the processes in the business is not working then we can create a statement to capture what the audit is found what Stan's wrong with the management system in some ways making that statement is almost the opposite of the original expected outcome statement but it's then it's quite easy to relate that back to the clause in the management system so if we look at this one as an example this is not a real example but it's typical what we might find if we was using this process so the audit findings in this case barrels of oil left outside post and risk of pollution waste not segregated impacting on interested parties expectations that's related to the contractual agreement potentially compliance issue equipment lot less equipment left running against the site's own operating procedures that impact on the environment moments Hasnat enhancing the environmental performance aside and we found all these issues in remote areas of the site following that there isn't a root cause analysis and the root cause analysis found that inspection programs don't define what areas will be inspected result in some like cases that be visited inspections carried out during a very quick 30-minute site walk-around which doesn't leave enough time for spotting issues so we found examples or findings of things not working and not delivering against the the three outcomes of our EMS we looked at which of our processes wasn't working and we looked at those processes and found the root cause of that gap within those processes and our non-conformance therefore is that inspection is not identifying all the environmental risks at the site levy then connect that back to our Clause 9.1 with monetary measurement Nasus and evaluation as a result to these sort of audits and what you should expect to find is that there's three areas of improvement and the first one is that dealing with the findings those are dealt with as actions the second part is the root cause analysis which should result in improvements to the management system so we're looking to improve the management system at this stage to prevent the inspection or to improve the inspection process then the third bit is the non conformance but at this stage we can start to try to understand well why was the why was there an issue with the inspection processes what does it tell us about the way that the management system is is designed the way this implemented the way that it's understood or reviewed what does it tell us about the the management system more generally so was this this non-conformance a result of lack of lack of understanding about lack of resources so we can start to see take a big step back and look at understanding our management systems and particularly looking at where our improvements could be delivered in the future so I hope that you find that in these four stages and they really are a different way of looking at auditing against your environmental management systems really focusing on what to do must be delivering is it delivering those things and where we're finding that it's not delivering them looking at one of what of our processes are not working which resulted in that happening in some ways it's a very simple approach to follow but it does have very many advantages and the first I would say by agreeing what the expected outcome should be of the process is your audited and getting management commitment to that you get clarity and the starting point with the audit it's hard to argue during the audit against the outcomes if they're really clear and easy to understand by looking at what's really happening looking at the operation looking at the business and the team what's happening we can look behaviors people standards that have been achieved your audits will be factual and realistic there is lot less reliance and documentation as evident it's only going which is ever only going to be testing the theory I've got so many samples of auditing business here would be in order since several years before using the old traditional approaches only for this audit process defined series of worrying problems things that the business didn't want to be in place or or wasn't happy with and it wasn't delivering what the business really wanted from their management system so this approach links the reality with the management systems as a big advantage to management and staff as they understand the audit findings and the non-conformance is never for all a fan that there's a huge opportunity to get more management engagement in the process from the initial planning to the evaluation the findings and that's this can really help close a gap between you and your audit and the management and their decisions after you finish the audit so the benefit of the audit isn't at the end of the audit it's the week after when management gets it together and we decide what we're going to do next so really that's the end of the presentation about that process for those that are members by Yuma there is a an article that I wrote for the environmentalist magazine but just about this time last year actually called the end result and so if you naima member you can read more about this on the on their website thank you thank you very much I'm Gary I think that was really excellent and I've had some really good questions as well from the audience so I think we'll just go through some progressions now if that's okay the first question was from Derek and he said do you have any real-world life cycle perspective examples and what is the typical way to demonstrate what you have and that you have considered these yeah it's a good question and actually I guess the short answer is at this stage there's not many organizations that are really looking at lifecycle analysis and the ones I've seen to doing it almost separate to their environmental management system almost as a standalone process I always say with this one again linking it back to the processor start with the with the status of the first page looking at the what process has been developed to manage the lifecycle analysis and seeing what that the outcomes of that should be and then testing those outcomes I guess the question is is asking about the integration of the lifecycle analysis thinking within the management system so I would say that's the approach to take so if you're going to audit against it again follow that process which is the very start looking at well what what do you expected outcomes of having that lifecycle analysis process in place agreeing those those outcomes and having that clear definition while those outcomes should be and then testing whether those outcomes are happening in practice okay we have another question while we have a comment from John who said this is one the best ISO 14:5 14001 presentations I've seen and let's use this presentation part of an internal auditing training will the slides be available and I believe the slides will be available afterwards if people email webinar at Brit Safet org I can send them over to you and question from mark which is in a typical company such as of like an office or workshop or a yard a fairly low risk in terms of environment what audits might you expect to see in an audit schedule for the environment previously the types of specific environment audits he'd seen include evaluation of environmental legal legal compliance waste management Shh excetera yes it's a good question and I think it's sort of links back to I always talk about around the traditional approach to auditing which is we get a list of clauses from the standard and we audit against each clause and the Addison method some you know had some value in that to some extent but I think really to move your audits on to another level work on the basis that there's three outcomes from your from your management system and those those outcomes will cover typical sort of things that you might have already added you in your program as you're describing it around waist etc so so if I must throw that so the rule book in the bin think about those three outcomes look for examples of those three outcomes in in your yard or your workshop protecting the environment is there examples of not been it not the business not protecting the environment not meeting its compliance obligations and not enhancing its environmental performance look for those things and then follow that process Luke to see why those things are happening link it back to the processes it should be in place okay great thank you we have them one more question and from Steve how should the internal audit go and house internal audit go about auditing section 5.1 on leadership yeah it's a really difficult work I think for many internal auditors because we're basically what would be Nast is to audit our bosses or the people have paid our wages how do we go about doing that I think the key thing to remember with this one is section 5.1 is a potential route caused by other aspects of your management systems are not working and if you go through the process of getting the outcomes understood they start with the senior management for example is are the conflicting business priorities that mean that the environmental requirements being prioritize are there mixed messages of disagreement within the management teams so this statement should really look to see documents oven like this consists in decision management a decision-making the senior management no conflicting messages or priorities so get those agreed at the start with senior management that that's what should be happening in order to make the rest of it work that consistency in decision-making for example no conflicting message or conflicting priorities when you carry out the audit then check to see if those outcomes are causing then of the issues you've been found so when you do that check against for why why did we find the things that we found was it because there was lack consistency decision-making or conflicting messages of priorities and that's how you can link it back to that part of the standard that causes standard and now that discussion with management are you taking them away from being told that they've done something wrong the outcomes that are not not happening as they should be happening and again making this connection with management both at the start and the end of the audit you're really helping them to understand why you making those statements for my experience of top management and not-stupid well not always and when it's clear and it makes sense they'll be more readily able to accept this type of audit finding especially been able to to use the process to allow them to come to this conclusion themselves okay great thank you I actually have another couple of questions do we have time for these okay yes Louie yeah yes like okay I've got a question for Gary's or eliminators oh okay let's go remember okay and Chetan says is it necessary to have objective targets and programs for every department of the organization as required under 4.3.3 some departments say like accounts I have nothing to do the environment can you explain it it's a good point because yeah if you interpret the statement that way you can see that every every organize every part of the business should I would look at it in terms of and this is really talking about the implementation side of the standard I would look at it in terms of where the significant environmental aspects and impacts are so as if that organization has to deal with significant aspects and impacts then yeah definitely there needs to be something in place to help them manage it equally that those other aspects of the business that need that need to be managed so the other way of looking at it is from that Department point of view how do they impact on the environment or what is their interface with your environmental management system so rather than starting with each department has to have the plan objectives targets and plans is to start with thinking understanding what are the interfaces of that department if you look at it remember that diagram we had with the hexagons and the processes and where within that diagram and does that department fit what processes is in interface with which helps deliver our our EMS so the ideal I guess is that it's each area each department can recognize where it can impact or influence on on your environmental performance and put put those things in place but objectives targets it plans in place it's the ideal but depending on where you are in your implementation you focus on the more significant ones first I would definitely recommend that so focusing on on the most significant ones the ones with the most significant aspects and impact looking at those ones first and then over time you might need to encourage or work with other departments so they can start to look to see where their interfaces are thank you okay so the last question I have from the audience is from Anna and says please how frequently should an ISO 14001 audit be carried out in a limestone quarry yeah it's how long is a piece of string that one I'm afraid and it's as appropriate there was a definite requirement of the standard that you would audit or you would have editors evidence avoidance against the whole of the standard at once every three years and that that's the expectation that once it was within the three-year cycle that's the you know that the expiry of your certification so within that three years you would have audited the whole of your management system want so there's a there's an opportunity to maybe chunk it down into different stages so you're looking at different aspects at different at different times that's difficult when you if you want to apply this style of auditing because you're not pre selecting which clauses you're looking at at the start you end up saying what clauses you've looked at at the end so it's it's as appropriate and I would I would probably what I'd recommend is think about how you would include that into your risks and opportunities so one of the things with this standard is I think this has been described as it's a network of interrelated requirements so the audits the audience is one requirements risk an opportunist is another but you could consider more what how do your audit help manage your risks and opportunities so how does your audit program your audit process help to manage those and that might help you to define what's the most appropriate frequency for your audits at that particular site Thank You Howard did you yes please thanks Gary thanks it was really interesting as well actually it was the audio processor that you've outlined and it's given me a bit of food food for thought as well going forward with respect to the audience that we undertake a pretty steady council the other thing I was in terms of the benefits as well in terms of the approach because one of the things I'm as as auditors we tend to come across as well as that with environmental management of the management process it seems as if as mentioned in my opening sort of pitch really an Thomas managers tend to be a bit of a bolt on and and engagement with other members of the organization's staff and management has been not limited but not as much as it could be perhaps and so perhaps is really interesting so the terms of defining what the outcomes are and getting at an early stage the audio process defining what they are and that helps understanding and an overall improvement in terms of performance overall so I thought that was really I was really interesting if I can just come back as well to to Derek I think there it's the questions beginning assuming still still with us into the life cycle the standard doesn't explicitly ask for lifecycle assessment and that's probably not what you're asking him in the question but recently I've done some work with some some other organizations who are there in transport and logistics so they have the part of the supply chain as it were of a wider organization and they use a lot of packaging and so the conversations that we've been having during our visits is what the sources of your packaging where you're getting your packaging from and what the environmental performance what's the environmental credentials and performance for the packaging materials and it's in the first instance so to where you're going then obviously the site itself uses packaging the partnership logistics operation but then because of the way the products are then distributed that packaging material by the end-user is disposed of and the idea then is if we think both ups and downs to can that packaging material be designed in a way that can be either reused by the end-user or perhaps made of material that is more easily recycled or perhaps even compostable dare I say so that there is minimal or indeed zero impact at the end of that of that life so they were this organization we're talking to have started considering and taking that life cycle perspective I'm sure it'd be difficult for all organizations all organizations to do that but I'm thinking automotive sectors I have dealings with automotive engineering construction retail in fact as well you know they all use lots of materials and we need to think those we need to think more holistically both upstream and downstream in terms of how those materials might end up in the environment and you just thought it was just brought to light recently was it last month with World Oceans Day in the amount of packaging that appears plastics in particular appearing on a beach in the middle of the Pacific Ocean thousands and thousands of miles away from anywhere you know all organizations use use these materials can can we be a little more bit more thoughtful in terms of types and the nature materials that we are discarding end-of-life so that's a bit of a comment there on life's not an easy not an easy one to to think about by final pitch then therefore Gary was the approach to auditing really really really interesting we're really good I'm just wondering whether because of the planning seems to be a lot of once a preparation planning required in the first instance which is worry but this need time increased amount of time that might be required for audits because again recent audits I've been on some of the organizations that we audit they are audited by sales and certification bodies and their own customers and this can be audited to death a little bit sometimes I'm just wondered whether it is this approach that you're suggesting is more or less time required scary yeah I would say from from what I've seen it's around about the same it's just the focus on different parts of the audit that is different so certainly the planning bit is definitely more focused on that but the value comes by that discussion engagement with management and and the oddity and getting that agreement of what what the business would be delivering and so although it's it's more time in the planning stages it's a lot of value in doing that so there's there's perhaps they're more time in looking at what's happening in in practice so with the traditional approach might SEC record a audit there might be two or two-and-a-half days spent looking at the documentation and then maybe half a day following up and looking around the site this disorder approach you've spent a lot more time on the site looking at what's happening so two days doing that and then one day really looking at the root causes and looking at the processes it should have been delivering and seeing which of those worth failing and and then then the rest is is about the same so the rested in terms of the you know the wrap-up close up and all that is about the same so it's from what I've seen that there's there's not a lot of difference in the time it's just the focus and the way that you spent in that time which is different yeah yeah good excellent thanks guy so much okay so M thank you very much we do have a few more questions but um if it's a k-mer ian paul and gary witty while using his answers afterwards to the questions and in response to your question nailed the email address is webinar at breakfast org that you need to email to get the slides we will also send a recording of today's presentation round two tomorrow more morning yes so thank you very much to everyone who's joined today and thank you for the great feedback and then I hope you all have a great day so thank you very much and thank you Gary and Howard okay thanks guys actually thank you thanks