WCA Audit Document Checklist

3Supplier Selection & Qualification Assessment CriterionSupp lierDellRemarkSelf-Asses s Actual ("0" or "1")1.1Does the Supplier perform a quality survey of proposed Sub-tier Suppliers prior to awarding business and are the results retained in a central location available for the Dell GOE to review upon request?针对在授予业务前之供应商，是否有进行质量調查并且结果集中保留，并可供DELL GOE review.1VM是，在新供應商承認前，都有進行次級供應商調查.1.2Do quality surveys include the following factors appropriate to the products to be supplied:针对产品适合供应，品質調查是否包括以下之因素：1.2.1Manufacturing Facilities (including new sub-tier sites) 生产設施（包括新的次級供應商地點）.1VM 供應商基本資料調查表中有涵蓋.1.2.2Inspection/Testing Planning: To assure implementation of appropriate level of inspections 检验/测试计划： 确保适当的检验水准被执行.1VM QSA Check list 8 .3檢驗檢測中有規定1.2.3Inspection/Testing controls to include sampling plans and work instructions 检验/测试控制：包括抽样计划和工作指导.1VM QSA Check list 8 .3檢驗檢測中有規定1.2.4Inspection/Testing capabilities including in-process and incoming inspections 检验/测试能力包括在制程和进料检验.1VM QSA Check list 8 .8,8.16檢驗檢測中有規定1.2.5Past experience with type of hardware to be supplied 對要供應的硬件的類型過去的經驗1VM QSA Check list 中 2 合同評審與制造能力1.2.6Capability and condition of manufacturing equipment 制造设备能力&条件1VM QSA Check list 中 2 合同評審與制造能力1.2.7Control of engineering drawings, specifications and changes 工程图纸，规格以及变更之控制1VM QSA Check list4.3，4.11有定義1.2.8Control and maintenance of inspection equipment and production tooling .检验设备&产品工具的控制与维护.1VM QSA Check list7.9有定義1.2.9Employee training and certifications 员工培训与证明1VM QSA Check list 7 過程管理7.15項1.2.10Material storage and handling 材料库存与处理1VM QSA Check list 11運籌及倉儲1.2.11Calibration program 校准程序1VM QSA Check list 9 .1儀校管理1.2.12Control of nonconforming hardware and materials 不合格品和材料的控制1VMQSA Check list 10 不合格品管理與品質1. Sub-Tier Supplier Survey 次级供应商調查Action3Supplier Selection & Qualification Assessment Criterion SupplierDell RemarkSelf-Assess Actual("0" or"1")Action3Supplier Selection & Qualification Assessment Criterion SupplierDell RemarkSelf-Assess Actual("0" or"1")Action3Supplier Selection & Qualification Assessment Criterion SupplierDell RemarkSelf-Assess Actual("0" or"1")Action3Supplier Selection & Qualification Assessment Criterion SupplierDell RemarkSelf-Assess Actual("0" or"1")Action3Supplier Selection & Qualification Assessment Criterion SupplierDell RemarkSelf-Assess Actual("0" or"1")Action3Supplier Selection & Qualification Assessment Criterion SupplierDell RemarkSelf-Assess Actual("0" or"1")Action3Supplier Selection & Qualification Assessment Criterion SupplierDell RemarkSelf-Assess Actual("0" or"1")Action3Supplier Selection & Qualification Assessment Criterion SupplierDell RemarkSelf-Assess Actual("0" or"1")Action。

数据库⽇常维护-CheckList_02有关数据库备份检查数据库备份是DB⽇常运维中最基本的也是最重要的⼯作，很多情况下都是做成作业形式实现⾃动化周期性的做全备、差异以及⽇志备份。

那么，如果作业出现问题没有完成⼯作，我们可以设置⾃动报警如email被动提醒我们，当然也可以使⽤下⾯脚本主动地对多个数据库服务上数据库备份情况做详细了解，详细代码分享如下：-----------------------------------------------------------------------------------前⼀周所有数据库备份情况---------------------------------------------------------------------------------SELECTCONVERT(CHAR(100), SERVERPROPERTY('Servername')) AS Server,msdb.dbo.backupset.database_name,msdb.dbo.backupset.backup_start_date,msdb.dbo.backupset.backup_finish_date,msdb.dbo.backupset.expiration_date,CASE msdb..backupset.typeWHEN 'D' THEN 'Database'WHEN 'L' THEN 'Log'END AS backup_type,msdb.dbo.backupset.backup_size,msdb.dbo.backupmediafamily.logical_device_name,msdb.dbo.backupmediafamily.physical_device_name, AS backupset_name,msdb.dbo.backupset.descriptionFROM msdb.dbo.backupmediafamilyINNER JOIN msdb.dbo.backupset ON msdb.dbo.backupmediafamily.media_set_id = msdb.dbo.backupset.media_set_idWHERE (CONVERT(datetime, msdb.dbo.backupset.backup_start_date, 102) >= GETDATE() - 7)ORDER BYmsdb.dbo.backupset.database_name,msdb.dbo.backupset.backup_finish_date---------------------------------------------------------------------------------------------近期每个数据库的备份情况-------------------------------------------------------------------------------------------SELECTCONVERT(CHAR(100), SERVERPROPERTY('Servername')) AS Server,msdb.dbo.backupset.database_name,MAX(msdb.dbo.backupset.backup_finish_date) AS last_db_backup_dateFROM msdb.dbo.backupmediafamilyINNER JOIN msdb.dbo.backupset ON msdb.dbo.backupmediafamily.media_set_id = msdb.dbo.backupset.media_set_idWHERE msdb..backupset.type = 'D'GROUP BYmsdb.dbo.backupset.database_nameORDER BYmsdb.dbo.backupset.database_name---------------------------------------------------------------------------------------------近期每个数据库备份-详细情况-------------------------------------------------------------------------------------------SELECTA.[Server],st_db_backup_date,B.backup_start_date,B.expiration_date,B.backup_size,B.logical_device_name,B.physical_device_name,B.backupset_name,B.descriptionFROM(SELECTCONVERT(CHAR(100), SERVERPROPERTY('Servername')) AS Server,msdb.dbo.backupset.database_name,MAX(msdb.dbo.backupset.backup_finish_date) AS last_db_backup_dateFROM msdb.dbo.backupmediafamilyINNER JOIN msdb.dbo.backupset ON msdb.dbo.backupmediafamily.media_set_id = msdb.dbo.backupset.media_set_id WHERE msdb..backupset.type = 'D'GROUP BYmsdb.dbo.backupset.database_name) AS ALEFT JOIN (SELECTCONVERT(CHAR(100), SERVERPROPERTY('Servername')) AS Server,msdb.dbo.backupset.database_name,msdb.dbo.backupset.backup_start_date,msdb.dbo.backupset.backup_finish_date,msdb.dbo.backupset.expiration_date,msdb.dbo.backupset.backup_size,msdb.dbo.backupmediafamily.logical_device_name,msdb.dbo.backupmediafamily.physical_device_name, AS backupset_name,msdb.dbo.backupset.descriptionFROM msdb.dbo.backupmediafamilyINNER JOIN msdb.dbo.backupset ON msdb.dbo.backupmediafamily.media_set_id = msdb.dbo.backupset.media_set_id WHERE msdb..backupset.type = 'D') AS BON A.[server] = B.[server] AND A.[database_name] = B.[database_name] AND A.[last_db_backup_date] = B.[backup_finish_date] ORDER BYA.database_name---------------------------------------------------------------------------------------------丢失备份---------------------------------------------------------------------------------------------超过24⼩时的数据库备份SELECTCONVERT(CHAR(100), SERVERPROPERTY('Servername')) AS Server,msdb.dbo.backupset.database_name,MAX(msdb.dbo.backupset.backup_finish_date) AS last_db_backup_date,DATEDIFF(hh, MAX(msdb.dbo.backupset.backup_finish_date), GETDATE()) AS [Backup Age (Hours)]FROM msdb.dbo.backupsetWHERE msdb.dbo.backupset.type = 'D'GROUP BY msdb.dbo.backupset.database_nameHAVING (MAX(msdb.dbo.backupset.backup_finish_date) < DATEADD(hh, - 24, GETDATE()))UNION--没有任何备份历史SELECTCONVERT(CHAR(100), SERVERPROPERTY('Servername')) AS Server, AS database_name,NULL AS [Last Data Backup Date],9999 AS [Backup Age (Hours)]FROMmaster.dbo.sysdatabases LEFT JOIN msdb.dbo.backupsetON = msdb.dbo.backupset.database_nameWHERE msdb.dbo.backupset.database_name IS NULL AND <> 'tempdb'ORDER BYmsdb.dbo.backupset.database_name---------------------------------------------------------------------------------------------检查所有备份⽂件⼤⼩ (GB)-------------------------------------------------------------------------------------------SELECT getdate() as,b.server_name, Round(SUM(convert(float,b.backup_size) /1024.0/1024.0/1024.0),2) AS 'backup_size_GB',Round(SUM(convert(float,pressed_backup_size)/1024.0/1024.0/1024.0),2) AS 'compressed_backup_size_GB' FROM msdb..backupset bwhere b.database_name not in ('model','master','msdb','')--and b.type='D'AND backup_start_date>getdate()-1GROUP BY b.server_name-------------------------------------------------------------------------------------------Samezhao。

版本：A3 Audit List of Vendor /供应商检查表一、Provide copies of following documents as at least 2 working days before the audit at our disposal./在我司审核组到贵公司审核前2天,请提供下列文件的复印件给我司1. Quality Manual ISO 9000/质量手册ISO 9000；2. ISO 9000 Certificate/ISO 9000证书；3. Quality Manual ISO14001/质量手册ISO14001；4. ISO 14001 Certificate/ISO 14001证书；5. Contract Review procedure /合同评审程序文件；6. Production flow chart for Oplink’s/提供给我公司的产品流程图7. RMA-procedure flow chart/不良品退货流程图8. Outgoing procedure flow chart/出货检验流程图二、Grade rule/评分规则：(Full Mark 100：score 4 for each item，Rating: 0,1,2,3,4 / 满分100分：每项4分，分为0,1，2，3，4分共5个等级)：●Score 0-no official document, no record to show action is taken.0分—没有书面文件或规定，也没有任何记录及相关证据证明已执行相应条款；●Score 1-no official document, have record to show action is taken.1分—没有书面文件或规定，但有记录或相关证据证明已执行相应条款；●Score 2-have official document, have record to show action is basically taken;2分—有书面文件或规定，而且有记录或相关证据证明已基本按规定执行；●Score 3-have official document, have record to show action is completely taken.3分—有书面文件或规定，而且有记录或相关证据证明已完全按规定执行；●Score 4- have official document, have recored to show achion is well taken.4分—有书面文件或规定，而且记录齐全，所有证据证明已按规定执行且有效。

WCA - Audit Document Checklist-Business Practice (Eng.) WCA-D02 (Issue No.: 08; Issue Date: 29 May 2018)Please prepare the ORIGINAL documentation listed below for audit/verification.请准备以下文件正本供核查1.1 applicable) and hazardous waste treatment supplier (If applicable).被审核方，劳动派遣公司（如适用），危险废弃物处理商（如适用）的营业执照。

1.2 Authorization document of management representative for social compliance management including EHS and labor management社会责任管理者代表的委任书，包括健康安全环境和劳工的管理者代表。

1.3List of all subcontractors (if applicable)分包商清单（如适用）2.1厂规或员工手册，包括以下方面2.1.1Recruitment policy/procedure招聘政策2.1.2Disciplinary policy/procedure and its records纪律处分程序2.1.3Related training records of policy/procedure in social management system社会责任管理体系相关政策程序培训记录2.2Employment / Labor contracts劳动合同2.3Union or employee representative committee procedure/records工会和员工代表委员会程序/记录。

WCA验厂社会责任审核文件清单（中英文对照）社会责任审核所需之文件（中国）Document Checklist for CSR Audit (China)Revision: June 2012WCA审核程序包括：审核前会议，设施巡察，查阅文件，员工面谈及总结会议。

Audit procedures includes: Opening Meeting, Facility Tour, Documents review, Employee Interview and Closing Meeting.请准备以下文件的正本予以审核，并恳请允许复印样本，谢谢！Please prepare the original documentation listed below for verification and sample photocopying, thanks!1.工商营业执照（副本）Business Registration (Official Duplicate)2.工卡或考勤记录（过去十二个月），包括在职与离职人员。

如果是使用电子考勤，审核员可能需要从电脑直接审阅考勤记录，审阅是会在企业职员协助下进行。

Timecards or Attendance Records (Last 12 Months), including active employees and resignation employees. If electronics time card is used, the auditor may need to review the time record directly from the computer, with the assistance from the facility staff.3.工资表（过去十二个月），包括在职与离职人员。

如果工资是通过银行转账发放，请同时提供银行转账记录。

AVON FA checklist序号文件内容负责部门负责人状况文件完成日期补充说明品质验厂文件清单1品质手册（包括质量方针、质量目标、组织架构图、工作职责描述及与品质管理体系相关的程序）2管理评审（程序、议题、报告）3内审文件（程序文件、计划、评审报告）4供应商管控文件（供应商评估控制程序/标准，合格供应商明细，供应商评估报告）COA/MSDS5文件控制程序（包括记录文件）6检验标注/指导书（包括来料检验，制程检验及终检）7作业指导：所有生产工序的指导8事故定义及报告程序9产品召回程序、召回演习报告10客户投诉处理程序及记录11改善措施报告（与事故，内审及投诉相关的）12追溯体系的测试记录13设备保养文件（保养计划，保养程序及保养记录）14监控及测量仪器的校验（计划，程序文件，记录）15书面玻璃及利器管控程序和清理安排16废品控制/存储程序及记录17虫害控制文件（专业虫害控制人员名单，与外部虫害控制公司的合同书，虫害控制记录等）18工艺流程文件19全部流程的风险评估计划及记录20产品设计及开发过程中的风险评估记录21不良品控制程序22产品数量检查指导23合格样品24不良仪器的管控程序及隔离程序25工厂内部的培训计划（计划，程序，记录）26最近三个月的生产日报表27最近三个月的出入库单28最近三个月的IQC检验记录29最近三个月的过程检验记录（组检、巡检）30出货检验记录31第三方测试报告32所有关于IQC,标准定义程序文件33各工序不合格品处理记录、不合格原因和纠正预防措施34玻璃及利器管控程序和清理安排35员工考评记录和程序36产前会议记录37试生产记录、打样38质量事故的定义及程序39客户抱怨、客户满意度调查40文件收发、销毁记录1.0工厂基础设施和生产环境1.0.1在生产，修理，加工，检验，包装及装载的区域是否有足够的照明？1.0.2工厂是否保持清洁、在生产，加工和包装区域是否有秩序?1.0.3工厂是否有单独的检验区与检验台并且通风良好？1.0.4工厂是否有害虫、霉菌和湿度的控制程序文件 、是否有经常巡查、公司内部或第三方检查 ？1.0.5在审核其间有没有发现窗户破损及房顶漏水可能导致产品污染？1.0.6工厂是否实行严格的利器控制程序，以防止剪刀、小刀、刀片、碎玻璃及针等混入产品中？1.1机器设备校准和维护1.1.1工厂是否有书面的文件系统和程序计划安排设备的清洁及维修？1.1.2工厂的机器和设备是否清洁及运行良好？1.1.3机器、设备和工具是否有最近的维护、校准日期及计划日期的标识？1.1.4需要维修机器、设备和工具是否有维修标识以避免意外使用？1.1.5工厂是否有适当，整洁的存储区域储存关键模具？（比如：注射模具有标识的架子上）1.1.6工厂有适当的机器、工具、零部件和设备的库存文件，并保持更新。

信息安全加固手册WINDOWS系统二零零五年四月1 补丁类 (5)1.1 最新的Service Pack (5)1.2 最新的Hotfixs (5)2 端口服务类 (6)2.1 禁止Messenger服务 (6)2.2 禁止Telnet服务 (7)3系统参数类 (7)3.1禁止自动登录 (7)3.2禁止在蓝屏后自动启动机器 (8)3.4删除服务器上的管理员共享 (9)3.5防止计算机浏览器欺骗攻击 (9)4网络参数类 (10)4.1防止碎片包攻击 (10)4.2 keep-alive时间 (11)5用户管理、访问控制、审计功能类 (12)5.1验证Passwd强度 (12)5.2密码长度 (12)5.3密码使用时间 (14)5.4账号登录事件审计 (15)5.5账号管理审计 (16)5.6目录服务访问审计 (18)5.7登录事件审计 (19)5.8对象访问审计 (21)5.9策略更改审计 (22)5.10特权使用审计 (24)5.11进程跟踪审计 (25)5.12系统事件审计 (27)5.13失败登录账号锁定 (28)5.14失败登录账号锁定时间 (29)5.15登录时间到期时自动退出登录 (30)5.16不显示上次登录的用户名 (31)5.17 防止系统保持计算机账号和口令 (32)5.18防止用户安装打印机驱动程序 (34)5.19恢复控制台禁止管理员自动登录 (35)6防病毒 (36)6.1安装防病毒软件及其更新 (37)7 Windows主机上WWW服务的安全增强 (37)7.1启用日志记录 (37)7.2删除未使用的脚本映射 (38)7.3删除IIS默认文件和目录 (39)8修改系统默认日志保存路径 (40)9 SQLSERVER加固 (40)9.1 SP补丁 (40)9.2删除不用的外部存储过程 (41)10替换CMD命令 (41)11 tunnel封装terminal服务 (42)1补丁类1.1 最新的Service Pack风险描述是否已经安装了最新的Service Pack风险等级风险高加固建议从微软的更新网站上下载最新的补丁进行安装加固存在的风险需要重启系统加固风险规避方法加固成果升级后能避免攻击者利用微软已公布的漏洞进行攻击加固具体方法WindowsSP补丁（如WIN2000的SP3）包可以用介质升级；最好选择可以恢复系统的安装方式意见管理员对本条风险加固的意见：●同意●需要修改（描述修改的意见）●不同意（描述不同意的原因）●签名（签字确认）厂商意见厂商维护人员对本条风险加固的意见：●同意●需要修改（描述修改的意见）●不同意（描述不同意的原因）●签名（签字确认）1.2 最新的Hotfixs风险描述是否已经安装了最新的Hotfixs风险等级风险高加固建议从微软的更新网站上下载最新的补丁进行安装加固存在的风险可能需要重新启动系统加固风险规避方法加固成果升级后能避免攻击者利用微软已公布的漏洞进行攻击加固具体方法WIN2000的HOTFIX可以直接点击开始菜单的Windows Update，直接到/zhcn/default.asp升级，最好选择可以恢复系统的安装方式意见管理员对本条风险加固的意见：●同意●需要修改（描述修改的意见）●不同意（描述不同意的原因）●签名（签字确认）厂商意见厂商维护人员对本条风险加固的意见：●同意●需要修改（描述修改的意见）●不同意（描述不同意的原因）●签名（签字确认）2端口服务类2.1 禁止Messenger服务风险描述用于把Alerter服务器的消息发送给网络上的其它机器风险等级风险低加固建议将Messenger服务停止或者禁用加固存在的风险加固成果不会把Alerter服务器的消息发送给网络上的其它机器加固具体方法1、打开控制面板->管理工具->服务窗口2、查看Messenger服务是否已启动3、将服务停止，将其启动类型由“自动”改为“手动”或者“禁用”。

YES NO N/A 5.1Incoming Control/输入控制5.1.1Fasteners associated with CTSreleased by PE (for all currentproducts which were developedw/o deriving critical dimensionsfrom Mattel Mechanical DesignStandards Website) whichincludes but is not limited toscrews, axles, flat headed barbednails and / 与CTS发布的PE（目前所有的产品开发获得关键尺寸从美泰机械设计标准网站的W /O），其中包括但不限于螺丝，车轴，平头钉刺和紧固件(a) Select 1 fastener and checkwhether the critical dimension areproperly identified./选择1的紧固件和检查的关键尺寸是否正确识别(b) Check for the sampling plan./检查的抽样计划GQMP2160C5.1.2Are there controls for preventingincoming materials from beingissued to production prior toinspection?/是否有控制，以防止从原料进厂到半成品，从发行到生产前的检查 Verify control procedures and QCawareness./检验控制程序和质量控制意识GQMP2160C5.2Cat.观察Injection Molding/注塑成型(2160-3.4.7)5.0 Critical To Safety Control Ref #No.求描述Suggested Assessment/建议评估AuditeeYES NON/ACat.观察Ref #No.求描述Suggested Assessment/建议评估Auditee5.2.1MIC (Master Inspection Card) For CTS checks/对于CTS 检查主检查卡（MIC ）Select 2 products with MIC criticaldimension gaging requirements,(perthe dimensions drafted by PE) verify Screw holes, Axle holes, Energy Directors and Post and Sleeve, and other attributes are in compliance with the MIC./MIC 临界尺寸量具的要求，选择2个产品（每起草的PE 的尺寸）检查螺丝孔，轴孔，能源董事及邮袖长，和其他属性都符合的MICGQMP 2160C5.2.2MIC (Master Inspection Card) For CTS checks/对于CTS 检查主验卡（MIC ）Select 2 products with CTSrequirements, review MIC first piecelog, verify parts were first pieced and acceptable at mold startups/parameters change./选择2个产品与CTS 的要求，回顾MIC 第一件日志中，验证部分是第一次在拼凑和接受的模具初创/参数的变化GQMP 2160C5.2.3MIC (Master Inspection Card) For CTS checks/对于CTS 检查主验卡（MIC ）Interview QC and/or IQC to assureCTS checks are performed daily inPIM and/or by batch of subcontracted PIM parts./每天都在的PIM 和/或分包PIM 部分由一批面试QC 和/或IQC ，以确保CTS 检查GQMP 2160CYES NON/ACat.观察Ref #No.求描述Suggested Assessment/建议评估Auditee5.2.4Regrind Usage/回收料的使用Verify regrind percentage usage of regrind does not exceed approved control sheet per relevantdocuments, such as SOP, F/C and test reports. /验证再研磨的研磨材料不超过经批准的控制表按照相关文件，如SOP ，F/ C 和测试报告的使用百分比GQMP-0006-2030C5.2.5Regrind Control/回用料控制Verify (visual check) 5 bags of regrind and visually inspect that there is no contamination, and no other colors are present./验证（目视检查）5袋的回收料，目视检查，没有任何污染，并没有其他颜色GQMP-0006-2030C5.2.6Drying of ABS and other hygroscopic resins/ABS 等吸湿性树脂干燥Verify drying of ABS and otherhygroscopic resins prior toprocessing as per Resin Manufacturers Specifications/验证干燥，ABS 等吸湿性树脂前处理按树脂制造商的规格GQMP 2160CYES NON/ACat.观察Ref #No.求描述Suggested Assessment/建议评估Auditee5.2.7Each molding machine must havean OET Parameter log sheet.Verify on the log sheet that parameter changes are being documented. Parameter checks must be performed daily by PIM and logged if there are any changes. Changes ofsignificance should be commun/每个成型机必须有一个的OET 参数记录表。