Document Control (Metadata)
| Field |
Value |
| Document ID | QA-WIN-AUDIT-EG |
| Version | v1.0 |
| Status | Implemented |
| Effective Date | 03/01/2026 |
| Function Owner | Quality Assurance (QA) |
| Approved By | Quality Unit Director |
| Controlled System of Record | GitHub |
| Change Control | QMS-???? |
| Last Review Due | 03/01/2026 |
| Next Review Due | 03/01/2026 |
WIN Execution Guide — Internal Audit
Non-Authoritative Execution Guide Notice
This WIN Execution Guide is non-authoritative and supports execution of controls
defined in the QA Family Pack. Authority for audit scope definition, risk
classification standards, corrective action governance, and final closure
resides solely with the QA Family Pack and the Quality Management System (QMS).
Purpose
To support consistent planning, execution, documentation, classification,
and closure of internal audits in alignment with WIN-QA-AUDIT and associated
Audit Record requirements.
Scope
This WIN Execution Guide applies to internal audits conducted under QA
governance, including audit planning, evidence evaluation, documentation
of findings, risk classification, corrective action linkage, and formal
closure verification.
- Audit scope and criteria definition
- Execution of audit activities
- Documentation of findings
- Risk classification
- Corrective action linkage
- Audit finalization and closure verification
This Execution Guide does not define audit frequency, regulatory
interpretation, acceptance thresholds, or disposition authority. All final
audit governance decisions remain under Quality Unit authority.
Family Pack Anchor
Section 6 — Auditable Artifacts (AA)
6.11 AA-REC-QA-AUDIT-APR (Audit Record)
- Audit scope and criteria
- Audit findings
- Risk classification
- Corrective action linkage
- Closure verification
Section 7 — WIN (Control Requirements)
WIN-QA-AUDIT — Internal Audit
Defines audit planning, execution, and documentation workflow.
- Guides finding classification and corrective action linkage.
- Controls finalization and closure documentation.
Associated AA: AA-REC-QA-AUDIT-APR
Authority Statement:
The AA and WIN above are authoritative and maintained under formal change
control within the QA Family Pack. This Execution Guide reproduces them
verbatim for execution support only.
BPO-Owned Execution Zone — WIN Execution Guide
Step 1 — Establish Audit Scope and Criteria
- Define audit scope, boundaries, and applicable functional areas.
- Identify governing procedures, regulatory anchors, and internal criteria.
- Document defined scope and criteria in AA-REC-QA-AUDIT-APR.
Step 2 — Plan and Prepare the Audit
- Confirm auditor independence from the audited function.
- Develop audit agenda or checklist aligned to defined criteria.
- Notify audited function leadership of audit schedule and expectations.
Step 3 — Execute the Audit
- Perform document review, interviews, and on-site observation.
- Collect objective evidence aligned to audit criteria.
- Document evidence clearly and contemporaneously.
Step 4 — Document Audit Findings
- Record findings in AA-REC-QA-AUDIT-APR.
- Reference applicable requirement or criteria.
- Describe objective evidence supporting the finding.
- Ensure findings are factual and free from opinion.
Step 5 — Apply Risk Classification
- Assign risk classification consistent with approved QMS framework.
- Document rationale for assigned classification.
- Escalate high-risk findings per QA governance expectations.
Step 6 — Link Corrective Actions
- Initiate or reference associated Quality Event or CAPA record.
- Document corrective action linkage within the Audit Record.
- Confirm responsible owner and due date assignment.
Step 7 — Conduct Closing Meeting
- Review findings with audited function leadership.
- Confirm understanding of findings and risk classification.
- Document closing meeting completion in the Audit Record.
Step 8 — Finalize Audit Documentation
- Ensure all required fields of AA-REC-QA-AUDIT-APR are complete.
- Verify scope, criteria, findings, classification, and corrective linkage are documented.
- Submit record for required QA/QU review.
Step 9 — Verify Closure
- Confirm corrective actions are completed.
- Verify effectiveness where required under CAPA process.
- Document closure verification in AA-REC-QA-AUDIT-APR.
- Record formal audit closure authorization.
Authority Reminder
This WIN Execution Guide is non-authoritative and exists solely to support execution.
Audit governance, risk classification standards, corrective action approval,
and closure authority reside exclusively with the QA Family Pack and Quality Unit.
Consistency Assessment (Non-Authoritative)
Based on the provided text, the execution steps align with the intent and control
framework defined in AA-REC-QA-AUDIT-APR and WIN-QA-AUDIT. No conflicts identified.