What is a management process?

We recently got a corrective action from a registrar for not having management processess on the audit schedule.


I need to know what departments / processes to audit as well as what to look at in my audits.

Any help will be appreciated.

What is a management process?

We recently got a corrective action from a registrar for not having management processess on the audit schedule.


I need to know what departments / processes to audit as well as what to look at in my audits.

Any help will be appreciated.

I'd be confused too! Management Processes are anything your top management say is how the business processes are run and controlled. For example, how a product is designed, how it is manufactured, purchasing is done. None of us work in a democracy, we work (in effect) the way that (top) management would do things if they had their way (!)

Your auditor wrote a very vague finding. Before you do anything, take it up with their operations management for clarification of intent. There should be information regarding what (specifically) was missing from the audit schedule.

If you post your audit schedule, we could tell you more.

What is a management process?
SNIP
I need to know what departments / processes to audit as well as what to look at in my audits.

Any help will be appreciated.If you trust the information from N544 - Guidance on the Concept and Use of the Process Approach for management systems (http://isotc.iso.org/livelink/livelink/3554880/Process.doc?func=doc.Fetch&nodeid=3554880), page 4 states:
- Processes for management of an organization.
These include processes relating to strategic planning, establishing policies, setting objectives, providing communication, ensuring availability of resources needed and management reviews.

- Processes for managing resources.
These include all those processes for the provision of the resources that are needed for the processes for managing an organization, for realization, and for measurement.
Concerning auditing top management processes, the ISO TC 176 APG has a paper How to audit top management processes (http://isotc.iso.org/livelink/livelink/3553985/APG-AuditTopManagement.doc?func=doc.Fetch&nodeid=3553985)

I agree with both posts so far.

It sounds like you are the management rep/auditor for your organization. If so, you have to consider your own involvement in these activities (from Sidney Vianna's helpful post #3:
- Processes for management of an organization.
These include processes relating to strategic planning, establishing policies, setting objectives, providing communication, ensuring availability of resources needed and management reviews.

- Processes for managing resources.
These include all those processes for the provision of the resources that are needed for the processes for managing an organization, for realization, and for measurement.


For example, if you are the main channel for communication about the quality system, then you can't audit that activity yourself.

Also, this is mostly stuff from clause 5 of ISO 9001. How does your organization do the stuff in clause 5?

What is a management process?

We recently got a corrective action from a registrar for not having management processess on the audit schedule.


I need to know what departments / processes to audit as well as what to look at in my audits.

Any help will be appreciated.


There are a lot of requirements in Cl 5 and Cl 8, plus some in Cl 6 that are generally performed by management. They are conceptual, planning type requirements. They must be addressed somewhere in your system by your processes, you cannot leave them out. Consequently, many people put a management process into their quality systems to address those kinds of requirements.

My thanks go to all of those who have responded to my question.:thanks:

A little clairification - I am the main auditor ( Just got some temps in to do Recvieving audits) in a distribution center.

We have 6 main processes in our process flow; Purchasing, Recieving, Packaging, Stocking, Picking, and Shipping. These are what is on the audit schedule plus a few support departments / processes thrown in.

Afraid I can't post the audit schedule, no permission from QC mgr.

Just learned that registrar wrote finding because we had not audited ourselves (internal audit & corrective action processes). I can't do the audit and neither can Quality Mgr.

Had someone trained to do internalaudits & they quit right after training. :frust: :biglaugh: :frust:

Have to drop back and punt.Train another. :biglaugh: :biglaugh:

But I now have a better handle on what a management process is. Need to digest this info.

Thanks again:):):thanks:

I like to think of management processes as also those processes and things directly related to the QMS administration, internal audit, quality policy, management review, etc.

I like to think of management processes as also those processes and things directly related to the QMS administration, internal audit, quality policy, management review, etc.

I'd love to agree, but when did you see Management (really) involved in Corrective Action or Audits?

but when did you see Management (really) involved in Corrective Action or Audits?What is management review?

Significant aspects for 200.:tg:

What is management review?

Significant aspects for 200.:tg:

..........is (often) a meeting that they're 'forced' to turn up to, that drones about things they don't understand (clause this, paragraph that, procedure whatever.....), presented by someone they only chose 'to get us registered'........

I agree they are management processes, Sidney. I guess I'm just saying that the whole system is a management system, of management processes. Plus the audit finding was less than helpful. Low hanging fruit!

...We have 6 main processes in our process flow; Purchasing, Recieving, Packaging, Stocking, Picking, and Shipping. These are what is on the audit schedule plus a few support departments / processes thrown in.

Just learned that registrar wrote finding because we had not audited ourselves (internal audit & corrective action processes). I can't do the audit and neither can Quality Mgr.

But I now have a better handle on what a management process is. Need to digest this info.




Please remember, your defined processes must cover all the activities in your company, and all requirements in the standard. You cannot leave anything out. And, all these processes must be measured, audited and reviewed. You can't just do your primary or core processes. You must address all of them.

What is a management process?

We recently got a corrective action from a registrar for not having management processess on the audit schedule.


I need to know what departments / processes to audit as well as what to look at in my audits.

Any help will be appreciated.

When your auditor comes in I suggest you give him / her an NC. :lol:

Their job is to ensure you understand the problem before they leave. Whenever I raise anything like this I will give examples e.g. business planning, budgetting.

Please remember, your defined processes must cover all the activities in your company, and all requirements in the standard. You cannot leave anything out. And, all these processes must be measured, audited and reviewed. You can't just do your primary or core processes. You must address all of them.

I agree. All our processes are either sub -processes of a main process ie: loading a truck in shipping or unloading in Recieving -also thrown in are a few support departments (thats how I get AP and processes like that. In planning an audit I tipically pick a few processes within that department. The audit schedule is by department so I enjoy a lot of discretion as to what I audit within that department. :cool:

I guess I was not too cler in that respect, but thanks for the reminder. :thanx:I need to figure out a way to make sure that it all does get audited at some point in time.

In my organization, MOPs (management oriented processes) are Management Review, Human Resourses, Internal Audit, Continual Improvement and Corrective/Preventive Action processes.

They can be audited as individual process annually or audited as linkages to COP processes.

It is more effective to audit these areas as links.
Have I helped or confused you?

I'd love to agree, but when did you see Management (really) involved in Corrective Action or Audits?

I hear you......

But when i work with companies, i try to make sure management does really get involved. i stress the most important parts of the QMS are audits, management reveiw and analysis of data. i try to have management (at all levels) get involved in all areas.....

sometimes it actually works!

Their job is to ensure you understand the problem before they leave. Playing's devil's advocate: If the oddity auditee does not let the auditor know they did not understand the finding, it is not the auditor's fault.

Auditing places responsibilities in both parties. If the receiving party of a unclear corrective action request does not let the auditor know clarification is required, it is their problem, not the auditor.

When your auditor comes in I suggest you give him / her an NC. :lol:

Their job is to ensure you understand the problem before they leave.

As my first entry for the December "Pedant of the Month" competition can I ask where this requirement on an auditor is defined. A good auditor working with a good auditee will ensure mutual understanding but in my days as a superb auditor I came across some people who could not, or would not understand and, eventually, the only sane course would be to write the report and get out. There are some dreadful auditees out there (as my current third party auditor would, no doubt, agree).:rolleyes:

The Plant Manager at my facility is the process owner of corrective actions.
The Plant Quality Manager (my boss) is the process owner on internal audits.

There are some dreadful auditees out there (as my current third party auditor would, no doubt, agree).
:topic: You know we have bashed auditors on occasion here, but we also have to consider your point that there are a lot of "dreadful auditees" out there as well.

And, all these processes must be measured...

This is my second entry for "Pedant of the Month".

The requirement is for processes to be monitored, they only need to be measured "where applicable" (clause 8.2.3).

I had this argument with a third party auditor recently when he wanted me to include a totally irrelevant, to me, measure in my calibration system. The system is effective and actively monitored but not measured and I considered a measure to be not applicable. He didn't agree but after some vigorous negotiation he dropped the subject. :cool:

My understanding is that Product Attributes must be monitored/measured. An auditor should not be telling you what other pieces of your process you should monitor. That should be your up to you.

:mad:

In my organization, MOPs (management oriented processes) are Management Review, Human Resourses, Internal Audit, Continual Improvement and Corrective/Preventive Action processes.

They can be audited as individual process annually or audited as linkages to COP processes.

It is more effective to audit these areas as links.
Have I helped or confused you?

Your post will be most helpful, I did not incorporate those specific processes.

You are correct, these should work better as links. :thanks::confused:

One question, being an internal auditor (only active one in building at this piont) how can I check internal audits - even as a part of an audit of say the shipping dept.? :confused:

Playing's devil's advocate: If the oddity auditee does not let the auditor know they did not understand the finding, it is not the auditor's fault.The principal duty is on the individual dishing out the NC. It is a simple matter of who has the power in the audit - generally the auditor! I personally would feel comfortable in challenging an auditor if they tried to leave me with an NC I didn't understand :) but, believe it or not, there are some out there who might not want to challenge an authority figure like an auditor.

Auditing places responsibilities in both parties. If the receiving party of a unclear corrective action request does not let the auditor know clarification is required, it is their problem, not the auditor.I can't accept this position. Again, if as an auditor, I am identifying a problem then I have to identify it! When I am doing lead auditor training I tell people an NC has three parameters:
A clear statement of the audit criteria (such as the ISO 9001 element) - including full clause reference and precis of the requirement that has to be fulfilled
A clear statement of what is in place at the organization being audited
Evidence seen with reference to examples

Without these elements the auditor is only doing half a job.

Some might find it pedantic ;) but without proper communications an audit is ineffective.

there are some out there who might not want to challenge an authority figure like an auditor.
SNIP SNIP
but without proper communications an audit is ineffective.If someone feels intimidated to a point they don't tell the auditor they did not understand the finding, they are unfit to be audited.

Communication is a two way process. Just because an auditor stated or wrote something (they believe it is clear), it does not mean that the message will be received and understood. Communication requires some type of acknowledgment. People play games with auditors all the time. If your position is that you should not leave the premises until the auditee "understands" the issue at hand, you should be prepared for some stupid mind games during your debriefing/exit meetings.

Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Mr. Auditor, I did not understand the finding. Could you clarify it?
Ad nauseum

I think you got my point

...I personally would feel comfortable in challenging an auditor if they tried to leave me with an NC I didn't understand :) but, believe it or not, there are some out there who might not want to challenge an authority figure like an auditor.

I can't accept this position. Again, if as an auditor, I am identifying a problem then I have to identify it! ...without proper communications an audit is ineffective.

Actually, I think both your position and Sidney's comments are correct. I am confident that Sidney expects their auditors to make the nonconformities clear. We are all trained this way. However, stuff happens during and after an audit:

1. A Mgt. Rep clearly understands the NC, but after the audit his bos gives him grief. All of a sudden, the NC is "not as clear as it was before." I have had this happen.

2. I have also had situations where we clearly explained the finding, wrote it clearly, and the client simply does not believe it. Thus, they don't buy it. After the audit, the clear finding melts into confusion.

Both parties have responsibilities in this, I think.

My understanding is that Product Attributes must be monitored/measured. An auditor should not be telling you what other pieces of your process you should monitor. That should be your up to you.

:mad:

OK...but if you're not monitoring a process, may I point out that is noncompliant?

Your post will be most helpful, I did not incorporate those specific processes.

You are correct, these should work better as links. :thanks::confused:

One question, being an internal auditor (only active one in building at this piont) how can I check internal audits - even as a part of an audit of say the shipping dept.? :confused:


You really should have more than one auditor, especially if you are responsible for the quality system, as well.

:topic:
Perhaps this could be split into another thread if the powers that be feel there is mileage in it - so as not to swamp the "Processes" thread.

If someone feels intimidated to a point they don't tell the auditor they did not understand the finding, they are unfit to be audited.:confused: Did you mean this Sidney?

Communication is a two way process. Just because an auditor stated or wrote something (they believe it is clear), it does not mean that the message will be received and understood. I think we are agreeing about the fact that communication is 2 way but my emphasis is on the auditor's responsibility to manage the communication process to make sure it is effective (as with all other aspects of the audit) whereas you seem to be saying it is up to the auditee to make sure they understand. I am happy with my position - unless you have anything to add we will agree to disagree.
Communication requires some type of acknowledgment. People play games with auditors all the time. If your position is that you should not leave the premises until the auditee "understands" the issue at hand, you should be prepared for some stupid mind games during your debriefing/exit meetings. I am aware of the games people play (on both sides of the fence!) and can only say that I rarely come across them. My experience is more that people are more often afraid to show their "ignorance" and accept NCs that are not valid or factual rather than challenge at the time. Not, of course, from me. :notme:

Mr. Auditor, I did not understand the finding. Could you clarify it? ....

Ad nauseum

I think you got my pointMessage received loud and clear! As mentioned I have only been in this situation on a couple of occasions.

I would much rather walk away having not raised a "valid" NC (knowing that I or another auditor will be back in 6 / 12 months with further facts to explain the NC). This happened to me fairly recently - a minor NC on an OHSAS audit. I went back in 6 months and the auditee agreed they had been wrong and had already corrected the problem.

If, however, the NC is a Major then it would get raised (despite protestations) with the offer of further clarification after the audit and a reference to the appeals process. (This has never happened to me)

Prior to the Shipping audit, you can review any prior audit reports and findings that may still be relavent. If you wish to audit the Internal Audit Process (effectiveness and efficiency) you should ask someone from outside your immediate group to audit.

:confused: Did you mean this Sidney?I certainly did. If the auditee/auditor relationship is so asymmetrical and dysfunctional that an honest dialogue can not take place, a fundamentally flawed association exists and neither party will benefit from it.

Being certified is not an undeniable entitlement. Auditees must fulfill their responsibilities; one of them being knowledgeable about their system and the standard they pursue certification to.

I am dumbfounded that you seem to place all the burden on the auditor.

If the auditor discloses a finding during a debriefing meeting and no one from the organization states they did not understand the issue at hand, how is that the auditor's fault?

This is my second entry for "Pedant of the Month".

The requirement is for processes to be monitored, they only need to be measured "where applicable" (clause 8.2.3).

I had this argument with a third party auditor recently when he wanted me to include a totally irrelevant, to me, measure in my calibration system. The system is effective and actively monitored but not measured and I considered a measure to be not applicable. He didn't agree but after some vigorous negotiation he dropped the subject. :cool:


I will choose to ignore your offensive choice of words -

ped·ant –noun 1.a person who makes an excessive or inappropriate display of learning. 2.a person who overemphasizes rules or minor details. 3.a person who adheres rigidly to book knowledge without regard to common sense.

Those who know me, understand those definitions are not in my DNA...

I was merely trying to help the poster understand just auditing links is not enough. I am always trying to help my clients how to understand and utilized the standard to further their business improvements.

The STANDARD, (not my arogant, shortsighted, dimwitted, and inexperienced brain), says:

cl 4.1.:
The organization shall
a) identify the processes needed for the quality management system and their application throughout the organization (see 1.2),
e) monitor, measure and analyse these processes, and

All processes must be monitored, measured and analysed. This is the fundamental core of the ISO 9001 process approach. If you don't understand this core, you don't get ISO 9001.

Now, I do refer my clients to 8.2.3 as well, because some processes do not seem to lend themselves to formally measuring empirical data. Usually, in those cases where they are doing a poor job of trying to measure something in an inappropriate manner, I point out that measuring is not alwasy required. Sometimes, a more generic monitoring would suffice very nicely.

However, all defined processes must be "monitored, measured and analysed" because that is the basis for aligning and improving how the processes interact.

I'm really not a bad guy, guv'na...

What is a management process?

We recently got a corrective action from a registrar for not having management processess on the audit schedule.


I need to know what departments / processes to audit as well as what to look at in my audits.

Any help will be appreciated.
I can see how people can get confused on this topic. Being from Senior Management in a previous life, it may help to look at this from a different angle. What are the processes that management performs to support the QMS? If some of these areas were not audited by your team, you may not have verified the effectiveness of managements involvement in the QMS.
I teach the MOPs, COPs, and SOPs approach to understanding what are the companies core processes. I posted this example of a process map in a different tread http://elsmar.com/Forums/attachment.php?attachmentid=7860&d=1196480352 which shows how this can be depicted in a diagram.
MOPs: Management Orientated Process, functions that management performs to supports the QMS. Good examples include management reviews and quality objectives.
COPs: Customer Orientated Process, (where you make your money) beginning with customer needs progressing thru product realization and finishing with customer satisfaction. Good examples are manufacturing processes and shipping.
SOPs: Support Orientated Process, essential functions that support the customer orientated process. Good examples are calibration and maintenance.
Sorry, I hope I wasn't too wordy and reference the other post right.

Now as the 1st recipient of a "pedant of the month" nomination I shouldn't be jumping to tyker's defence but as I know him and his warped sense of humour I will.
I will choose to ignore your offensive choice of words -

ped·ant –noun 1.a person who makes an excessive or inappropriate display of learning. 2.a person who overemphasizes rules or minor details. 3.a person who adheres rigidly to book knowledge without regard to common sense. Now to define the word pedant in your defence might be deemed ironic. :lol:

Those who know me, understand those definitions are not in my DNA...

I was merely trying to help the poster understand just auditing links is not enough. I am always trying to help my clients how to understand and utilized the standard to further their business improvements.Helmut, we don't agree on everything but I do believe your heart is in the right place. Just in this case I think you are going over the top ....

The STANDARD, (not my arogant, shortsighted, dimwitted, and inexperienced brain), says:

cl 4.1.:
The organization shall
a) identify the processes needed for the quality management system and their application throughout the organization (see 1.2),
e) monitor, measure and analyse these processes, and
A couple of bits you left out of your ISO 9001 quote:
4.1 General requirements
These processes shall be managed by the organization in accordance with the requirements of this International

Now IMHO point 1 states that this element (4.1) outlines general principles while point 2 directs you to 8.2.3. for the detail of how your element "e" is to be applied (or at least the monitoring and measuring bit).
All processes must be monitored, measured and analysed. This is the fundamental core of the ISO 9001 process approach. If you don't understand this core, you don't get ISO 9001.
People scatter the term "process approach" throughout the cove without really understanding it. Here (http://isotc.iso.org/livelink/livelink/3554880/Process.doc?func=doc.Fetch&nodeid=3554880)is a link to the Document: ISO/TC 176/SC 2/N 544R2(r) on understanding the process approach (Linked to many times already). This approach is more about getting away from the silo approach to systems - where documents describe procedures operating in departments - to a cross functional approach to work. Edited highlights below:
The performance of an organization can be improved through the use of the process approach. The processes are managed as a system, by creating and understanding a network of the processes and their interactions.

Note: The consistent operation of this network is often referred to as the "system approach" to management.
The outputs from one process may be inputs to other processes and interlinked into the overall network or system.

Now, I do refer my clients to 8.2.3 as well, because some processes do not seem to lend themselves to formally measuring empirical data. Usually, in those cases where they are doing a poor job of trying to measure something in an inappropriate manner, I point out that measuring is not alwasy required. Sometimes, a more generic monitoring would suffice very nicely.
Again I read 8.2.3 differently. It says you should monitor processes and where applicable measure them. Now I think the where applicable bit is satisfied in clause 5.4.1 where the organization decides where it wants to go and how it is going to get there.

I will choose to ignore your offensive choice of words -

ped·ant –noun 1.a person who makes an excessive or inappropriate display of learning. 2.a person who overemphasizes rules or minor details. 3.a person who adheres rigidly to book knowledge without regard to common sense.

Those who know me, understand those definitions are not in my DNA...

I'm really not a bad guy, guv'na...
[/SIZE][/FONT]

Sorry about the ambiguity, but it was me being pedantic and I was actually seeking the award for myself.:bonk:

And despite Paul's claim for a previous nomination - he's wrong too.

The STANDARD, (not my arogant, shortsighted, dimwitted, and inexperienced brain), says:


Now, I do refer my clients to 8.2.3 as well, because some processes do not seem to lend themselves to formally measuring empirical data. Usually, in those cases where they are doing a poor job of trying to measure something in an inappropriate manner, I point out that measuring is not alwasy required. Sometimes, a more generic monitoring would suffice very nicely.

However, all defined processes must be "monitored, measured and analysed" because that is the basis for aligning and improving how the processes interact.

I'm really not a bad guy, guv'na...
[/SIZE][/FONT]

I realize I've heavily edited your post and put an emphasis on one point.

It's a point I agree with strongly and one of my previous posts gave an example of where an external auditor at one of our associated plants was trying to enforce an inappropriate measure. The importance for me was that the process he was auditing (calibration) was effective and easily proven to be so just by opening a spread sheet and monitoring the colours of the entries. (Overdue gauges appear in red, the others in black. There are never any red entries.) He wanted a measure of how far ahead of the due date we were calibrating our equipment - none of his business and a waste of my time.

I don't have any problem with auditors suggesting improvements or discussing topics outside the strict scope of the standard, it's something I enjoy and find useful. When they threaten me with a non-conformity report though, I get pedantic.

Sorry about the ambiguity, but it was me being pedantic and I was actually seeking the award for myself.:bonk:

And despite Paul's claim for a previous nomination - he's wrong too.

Now I don't mind being called pedantic .... but wrong! :mad:

I certainly did. Well the use of "unfit" is, IMHO, inappropriate.

If the auditee/auditor relationship is so asymmetrical and dysfunctional that an honest dialogue can not take place, a fundamentally flawed association exists and neither party will benefit from it. Unfortunately not everyone goes into an assessment with the same level of knowledge as those who participate on the cove (and even here we can see there is a significantly different level of understanding on "core" elements - even those principles underpinning the standard). :notme:

Being certified is not an undeniable entitlement. Auditees must fulfill their responsibilities; one of them being knowledgeable about their system and the standard they pursue certification to. Agreed.

I am dumbfounded that you seem to place all the burden on the auditor.Dumbfounded, Sidney? :confused: As the Lead Auditor they have prime responsibility for the assessment process including communication of the results of the audit. If they meet my criteria posted below then they meet that obligation wrt non conformities.

It may be that all your auditors do a good job of communicating - in my experience there is a normal distribution with some good and some downright awful.

If the auditor discloses a finding during a debriefing meeting and no one from the organization states they did not understand the issue at hand, how is that the auditor's fault?
Let me put it the other way - if after the final meeting they go back to an individual non conformity report and cannot understand it - then that is the auditor's fault.

Any reasonable person should be able to pick up an NC and from that single document find:
The clause of the standard / organizational procedure stating the requirement
The requirement from the standard / internal procedure
Reference to the evidence seen in the course of the audit that demonstrates a non compliance exists

.... to enable them to go back to the evidence and investigate to enable them to take effective corrective action.


Just as an example (and a gratuitous plug for my "Agony Uncle" column.
here (http://newsweaver.co.uk/cqi/e_article000954218.cfm?x=bbDcsk8,b80h29HK) is an example of a CB auditor being witnessed by an accreditation body. There were a whole host of IARs raised by the AB auditor around the audit. Almost all the NCs were challenged and the AB auditor said that if he made his case within a few days that they "wouldn't appear in the final report." This he did but the NCs appeared in the report anyway!

[QUOTE=egarry;226767]I can see how people can get confused on this topic. Being from Senior Management in a previous life, it may help to look at this from a different angle. What are the processes that management performs to support the QMS? If some of these areas were not audited by your team, you may not have verified the effectiveness of managements involvement in the QMS. :mg:

A different perspective - one from Senior Management- is always helpful.

I checked the process map that you posted, it will prove helpful. :thanx:

Again, thanks much.

Confused1

At our organization, management processes are those the the company has identified as key to the success of the present (and potentially future) business model. One example would be sales/quotations.
So, that's the process, the next step is defining what inputs are associated with sales, the outputs, the measurement techniques (in many cases, the KPI's), and so on. Pretty soon after this, you've developed a turtle diagram. Digging in a bit further, you'll want to develop your own process-based audits that will essentially mimic those of the TS process in order to demonstrate that you are adhering to the process-based methodology. Our biggest hurdle continues to be avoiding the element-based audit trap whereby we go to the level 2 instruction and say, "do we do this or not?". The more appropriate question becomes, "Do we support this business process by doing xxx? If not, how do we do this, and what is the corrective action?".

Hope that helps,
CBH