OK, I skimmed through several posts regarding the definition of major vs minor findings. I understand the definitions. The one area of my concern is where a number of minor nonconformances can rack up to one major. Who makes the decision on how many minors equal one major? Does each registrar define this, or is this an auditor preference/judgement?

My previous ISO auditor used his own judgement. My current ISO auditor insists that 3 minors in the same area automatically equals one major. I recently had a substitute auditor (from the same registrar) that said a major finding should result from multiple minors where the system breakdown can effect our performance with our customer.

I've heard of companies getting 99 minor findings but no majors. I get 3 minor findings and get slapped with a major. To me a major should indicate a system breakdown or the probable shipment of noncompliant product. I've taken major findings where there has been no breakdown but rather working with a system still young on the maturity cycle.

Does each registrar define this, or is this an auditor preference/judgement?Some registrars might have established policies on this subject, but at the end of the day, it should be a judgement call by the audit team leader. Only s/he can make a sound decision if a non-conformity is severe enough that should be categorized as a major.
To have a pre-established threshold would be stupid. For example, if I find 6 obsolete documents being used during an audit, my conclusions would be different if I were auditing a small mom & pop shop with a few procedures, compared to a scenario if I were auditing a major manufacturing plant with thousands of command media documents.

I agree that these numbers must be discretionary. If the three minors were related, or all in one area, they might point to a major system failure, (or not). It all should depend upon the risk involved. It is hard to measure common sense, but that is really what needs to be relied upon. If anybody told me they would issue a major nonconformance upon finding three minors no matter what, I'd probably run.

The only registrar I have dealt with that imposed the 'three minors in a single element equal a major' rule was the registrar we had at both of my auto industry jobs. (Am I allowed to name names?) The others I have dealt with relied on the auditor's judgement to determine if the combined effect of a number of minors, even as few as two, would have the same severity of consequences as a major non-conformance whether the minors were within the same element or not.

I can't remember if the 3 minors = 1 major rule was actually a QS-9000 thing or not. I do my best every day to acquire selective amnesia about that period of my life. If it was, I hope in behalf of all you poor, benighted souls still trapped in automotive that this rule did not migrate to TS16949.

Regards -John

The number must be flexible. If, for example, 3 gages out of 20 are out of calibration, I might think of that as a major. If it's 3 out of 400, it's less likely so. Of course it might also depend on what the gages are used for (critical dimensions, frequency of use, ...), how long they've been past due, etc.

The detmination of severity has to be risk based to be its most effective. Regardless of number the basic question "What could happen if....?" needs to be asked.

If there is a small number of "minor" NC's in doc control and there is an indication of an increased probability of loss of total control, not meeting requirements, failure achieve customer expectations and an so on then a higher level of severity may be appropriate (Major).

On the other hand even if there are quite a few NC's in doc control found but there is little potential for a 'critical event' then maybe the "minor's" would be appropriate.

Ultimately if there is no specific guidance the decision rests with the Lead Auditor most of the time.

Think "risk"

OK, I skimmed through several posts regarding the definition of major vs minor findings. I understand the definitions. The one area of my concern is where a number of minor nonconformances can rack up to one major. Who makes the decision on how many minors equal one major? Does each registrar define this, or is this an auditor preference/judgement? None of the registrars I have worked for have defined this. All the lead auditor training is about exercising judgement.

From the "back office" point of view we spend a lot of time dealing with instances where the Lead has made a judgement the customer doesn't agree to (Major when they think it should be Minor).

We also sometimes have to go back to an auditor and test their judgement when they have raised a Minor and it looks suspiciously like a system breakdown. We just ask them to go through their reasoning.

It is not a black / white process.

My previous ISO auditor used his own judgement. My current ISO auditor insists that 3 minors in the same area automatically equals one major. I recently had a substitute auditor (from the same registrar) that said a major finding should result from multiple minors where the system breakdown can effect our performance with our customer.
The 3 minors = 1 major is complete rubbish. :mad:

Your substitute auditor may be bringing in another automotive requirement about the potential for shipping N / C product - an automatic major in QS days! Also starting to be taken into consideration in ISO 9001 now. Still a judgement call, though.

I've heard of companies getting 99 minor findings but no majors. I get 3 minor findings and get slapped with a major. To me a major should indicate a system breakdown or the probable shipment of noncompliant product. I've taken major findings where there has been no breakdown but rather working with a system still young on the maturity cycle.
I have actually lead an audit where we found 99 minors (coincidence surely?) and recommended certification. The key decision was whether there was evidence of system breakdown - and there wasn't. The NCs were spread through the system and were being dealt with in a systematic way (they had found similar problems on their own internal audits).

My first lead. Baptism of fire! :mg:

None of the registrars I have worked for have defined this. All the lead auditor training is about exercising judgement...

I have actually lead an audit where we found 99 minors (coincidence surely?) and recommended certification. The key decision was whether there was evidence of system breakdown - and there wasn't. The NCs were spread through the system and were being dealt with in a systematic way (they had found similar problems on their own internal audits).

My first lead. Baptism of fire! :mg:

Only 99???:mg: That tops my previous known high of 23 minors :notme: and still a recommendation for 9002...but that registrar never came back to verify the C/A onsite :confused: ...with 99 minors did your organization sign-off the C/A in person?

I believe a certain QS 9000 registrar (now no longer in operation under their original name) had it in the contract that 4 minors in one element of QS was equivalent to a major. (This is old news I'm sure)

As a result, the Management Rep of a client of mine, nearly got fired for 'allowing' 4 document control minors to be found!:mg: - since the major resulted in the certificate suspension process being started.

How bizarre that anyone would put that in a contract, but who, as a customer would know to reject the requirement?:(

From my days in ISO registration is was simply the judgement of the team lead, as has been described before. Larger, multiple day audits could reveal large quantities of nonconformities without indicating a risk of systemmic breakdown or shipping defects..........

Andy

As a result, the Management Rep of a client of mine, nearly got fired for 'allowing' 4 document control minors to be found!:mg: - since the major resulted in the certificate suspension process being started.
Andy

It is kind of strange the way some people think, isn't it. I believe it was our 1st or 2nd surveillance, we had 0 nonconformances. Everyone (Managers) are all puffed up and proud of themselves that we've done so well. The next surveillance, there was one minor. One of the managers kinda reared back and started to question how I could have let that happen, go from "perfect" to getting a nonconformance, that meant the measurements were getting worse. The auditor stopped the closing meeting, reamed out the entire management team for thinking like that, and "reinforcing" the fact that whether or not something minor is found is not guaranteed, sometimes just luck being in the right place at the wrong time.

We have not had a repeat of that little scenario since. A nonconformance, if deserved, is accepted with a smile and a promise to improve. No more blame the MR. (the funny thing is the manager that started this all was the manager of the area where the nonconformance was found, go figure)

Only 99???:mg: That tops my previous known high of 23 minors :notme: and still a recommendation for 9002...but that registrar never came back to verify the C/A onsite :confused: ...with 99 minors did your organization sign-off the C/A in person?

It was a 5 day audit for 3 auditors. The company had around 2000 employees at 2 sites and were designing and making a whole host of products for the auto industry - as I said - one heck of a first lead audit!

In answer to your question: This was in the late 80s and the practice was to review evidence back at the CB's office so I didn't get involved in the sign off process. I know they had the recommendation confirmed but I didn't get invited back for the first routine visit - I wonder why? :confused:

Serious again. The way the company was structured there was a lot of delegated authority and some people hadn't got the letter of the law right but the spirit of what they were trying to do was spot on!

I believe a certain QS 9000 registrar (now no longer in operation under their original name) had it in the contract that 4 minors in one element of QS was equivalent to a major. (This is old news I'm sure)

As a result, the Management Rep of a client of mine, nearly got fired for 'allowing' 4 document control minors to be found!:mg: - since the major resulted in the certificate suspension process being started.

How bizarre that anyone would put that in a contract, but who, as a customer would know to reject the requirement?:(

From my days in ISO registration is was simply the judgement of the team lead, as has been described before. Larger, multiple day audits could reveal large quantities of nonconformities without indicating a risk of systemmic breakdown or shipping defects..........

Andy

The registrar that we used in a QS-9000 registration in the late 90's had the rule that three minors in the same area (i.e., the same "shall") were equal to a major. The whole minor-major thing never made any sense to me. Something is either a violation or it isn't. If it is, then it should be written up, and if it's not, it shouldn't. It has to be up to the auditor(s) to determine when a "major" problem has been uncovered (i.e., when there is evidence that quality system has failed and must be fixed) and when an issue is a random occurrence without an assignable cause that needs to be fixed.

One of the managers kinda reared back and started to question how I could have let that happen

The whole issue of lack of consistent application of requirements/expectations from different auditors/registrars is quite frustrating. I realize this is real world, but still frustrating.

I have had the opportunity to lead the ISO certification in 4 different plants prior to my current job without any majors and passed surveillance audits with flying colors. I get a new job with the opportunity again to get a company certified, and I can't get passed an audit without taking a major. When I look at the 3 minors that add up to the major, 2 are legit findings but at least one finding in an ambiguous requirement not clearly defined as a mandatory requirement in the standard but required either by the registrar or the individual auditor.

Nonetheless my credibility, performance review and merit reviews have been effected because of the majors. :nopity:

The next surveillance, there was one minor. One of the managers kinda reared back and started to question how I could have let that happen, go from "perfect" to getting a nonconformance, that meant the measurements were getting worse.

I've never been asked myself but heard (early days) about a conversation between an MD and the lead auditor about how many NCs the quality manager should be allowed before they got the sack for doing a bad job! :mg:

Re the Major / Minor debate there are IMHO three types of NC (leaving out Observations / OFIs for now), classified in accordance to the corrective actions needed:

Correction - just sign it dummy and don't let it happen again (Minor)
Take corrective action - find out why they didn't sign it and make sure they either sign it or have some other way of showing they agree (ditto)
What do you mean nobody has signed anything ... they don't even know they have to! We're talking Major here!

Nonetheless my credibility, performance review and merit reviews have been effected because of the majors. :nopity:

As Deming said: get a new job. too bad. if your Company actually feels that way. I've been there done that - and promptly moved on.

oh yeah - WHERE does ISO define majors and minors?

The whole issue of lack of consistent application of requirements/expectations from different auditors/registrars is quite frustrating. I realize this is real world, but still frustrating. As I mentioned before, it is extremely frustrating the fact that the end result of a quality system assessment depends MORE on the assessor(s) than the system being assessed itself. Ironically, this had been one of the driving forces behind third-party audits versus customer (second-party) audits, which tended to be very inconsistent and micro-managerial exercises.

When I look at the 3 minors that add up to the major, 2 are legit findings but at least one finding in an ambiguous requirement not clearly defined as a mandatory requirement in the standard but required either by the registrar or the individual auditor.

Nonetheless my credibility, performance review and merit reviews have been effected because of the majors. Did you challenge the CATEGORIZATION of the NC? Did you escalate an appeal to the CB? Or did you take it at face value?

WHERE does ISO define majors and minors?Exhaustively discussed subject. (http://elsmar.com/Forums/showthread.php?t=18685)

As Deming said: get a new job. too bad.
I'm easy (at least that is what my wife says) but I'm not easy to run off. I take perseverance to a fault. I've racked it up to a learning experience.

One thing I've learned from this for those out there new(er) at systems implementation is that what is OK with one registrar may not be OK with another. Also, registrar's expectations can change over time so stay in touch with their advisories. Pre-assessment audits are crucial to learn specific nuances with your registrar and auditor. My new company burned their one allowed pre-assessment audit before I started there, therefore I walked into the certification audit blindly relying on what worked for me in the past. Pre-assessment audits are time and money well spent that can save a bunch of heartache. I've learned that ISO auditors are like professors in college, sometimes it takes a couple of tests (audits) to figure out how they are going to grade you. Always take detailed notes on each audit. You will learn their line of questioning that will help you get through the next audit. Also as it's been said on other posts, screening/interviewing potential registrars/auditors helps find the best fit to your organization.

Did you challenge the CATEGORIZATION of the NC? Did you escalate an appeal to the CB? Or did you take it at face value?
I challenged the auditor (in a professional manner, no yelling, screaming or insulting) but was asked by my management to back down. Taking the finding was better than risking not getting the certification. There were failed attempts to get certified in the past so heads were going to roll if the audit didn't get the recommendation.

If only we could "Name and Shame these rogue Registrars," didn't someone come up with that idea once? ;)

If only we could "Name and Shame these rogue Registrars," didn't someone come up with that idea once? Yes, you did. But moronic registrars only exist because dysfunctional organizations hire (AND KEEP) their services. There is a lot of blame to spread around. If accountability truly existed, the market would filter the IQ-challenged, ethic-challenged, professionally-challenged, etc. players....:tg:

Trying not to sound too sappy, but to the ISO auditors and consultants that contribute here on the Cove I would like to say thank you. I've experienced some recent frustrations with the audit process, but with your contributions I have either gotten re-affirmed with what I thought was right and in some cases I got schooled.

Yes, you did. :notme:

But moronic registrars only exist because dysfunctional organizations hire (AND KEEP) their services. Sidney, I can see those anger management classes are working!

There is a lot of blame to spread around. If accountability truly existed, the market would filter the IQ-challenged, ethic-challenged, professionally-challenged, etc. players....:tg: Agreed. Unfortunately it appears we are unwilling or unable to spread the blame around and see who is left standing.

I know we have to make compromises in life but as far as certification is concerned it appears we will put up with anything so long as we keep the certificate on the wall.

Having been through three systems (four if you count 14001) here are some thoughts on why we put up with some of the inconsistencies we do:

Some organizations select a registrar based on their customers. This may or may not work out. Sometimes there may be a better industry match for you but your customer may be pushing you toward someone else. I've discovered that this may be a warning to you.:notme: It may also work the other way. My first implementation - there was a recommendation made by someone (who shall remain nameless and unidentified) and was really pushed on us. We chose not to go that way because this person was not well liked by those of us in the selecting committee. I have since used this registrar and they are a great match for us and our industry.

Some managers are afraid that if you dare to disagree with a registrar, they will "get even" with you down the road. I myself have not found that to happen. But, I have on occaision accepted something as a nonconformance that I really felt was not. Kind of a pick your battles kind of thing. I have done a corrective action on something that made some sense as an improvement process, but not necessarily as correcting a failure to meet the standard. BUT - I always include that disclaimer into my investigation that is sent to the registrar.

Some managers are not willing to place their faith in an internal employee over the say so of a supposed expert. I've never allowed this to happen to me, I'm much too outspoken. My favorite come back is "isn't this the reason you hired me?"

I have no problem with registrars' auditors for the most part. I've had one that I banned from returning, a couple that I've cringed about but worked with it. The rest I've gotten along with just fine. My big gripe is "so called" lead auditors from customers that come to audit us and become prescriptive, power abusers. There are a few of those around.

moronic registrars

Sidney! Shame. You were entirely politically incorrect saying that there are "moronic registrars" out there. Ohhhhhhhhhhhh, I would not want to be in your shoes. Shame, shame!:lol: :nono:

Sidney! Shame. You were entirely politically incorrect saying that there are "moronic registrars" out there. Ohhhhhhhhhhhh, I would not want to be in your shoes. Shame, shame!:lol: :nono:You are right, Randy. Besides Dr. Phil, I have an afinity for Bill Maher's political incorrectness. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent. I shall repent.
http://artfiles.art.com/images/-/The-Shining---Jack-Nicholson-Poster-C11790189.jpeg

One constant I have determined.....

When I was in manufacturing world and handled the 9K Registrar, and now for the organization I currently am part of where I do assessments globally.....

Any corrective action must be solid and supportable, and never based solely on the auditor's judgment.....any corrective action based solely on the auditor's interpretation without evidence to support it, should ALWAYS be challenged.....and if the auditor won't budge, make sure that the Registrar or Accrediting Body complaint procedure is provided to you.....

Now if the corrective action is supported by evidence, just get it fixed and provide the appropriate response.

Hershal