This is not meant to scare anyone. It is meant to ensure that you understand to each registrar and each auditor is setting their own ‘interpretation’ of the ‘new’ ISO 9001 is about.
Some, like the last one I experienced, would better be called a business consulting visit than an audit. It was an analysis of what the company was doing and questioning whether their systems ‘make sense’. As with the quote process example, it was not so much does your system meet the requirements, it was more along the lines of whether the auditor agreed it was the best way to be doing something. The lead auditor was an ex-DCAS and his approach to the audit was evident.
The second auditor was more traditional, if you will. Followed a check list and the main interest was whether they were meeting the requirements. Secondary focus was continuous improvement.
ISO 19011 - Quality and Environmental Management Systems Auditing Forum Discussions