Good afternoon all you quality folks out there. Wondering if anyone has revised their audit checklist to the new 2008 version. If so please post it would come in handy.

Good afternoon all you quality folks out there. Wondering if anyone has revised their audit checklist to the new 2008 version. If so please post it would come in handy.

Since the changes to the 2008 Version were only clarifications, you don't need a checklist to the 2008 version. Since, the audits are based upon processes why use a specific checklist? In my opinion.

Good afternoon all you quality folks out there. Wondering if anyone has revised their audit checklist to the new 2008 version. If so please post it would come in handy.

For implementation/compliance purposes, such a list can come in handy. But I agree with Coury, once the system is implemented, you should audit how well the processes are working. So then the focus should be on processes, not the clauses in ISO 9001:2008 anymore.

Making a checklist is real easy. Look at each (applicable) shall and see how you addressed it. In other words, turn each shall statement into a question.

Hope this helps.

Stijloor.

Thank you

Enclosed you can find one.
I hope it can helps.

Regards,

João Vitório - Portugal

Hi Guys/Gals

As said previously I am a mere fledgling in the world of ISO 9001. I have been tasked with my employer (a SME Construction company) to implement and audit the whole QMS from scratch.
The timeframe I have been allocated is unachievable i.e. 3 months of allocating 2 days per week:frust:.
I have developed a few policies however, is there a benchmark of documentation that I need to have.


Thanks

Donny

If management is serious, then advise them to hire a team of consultants.

Even with a small organization, 3 months to put a system in place (and you may not have conforming records going back far enough) is very tough, unless you already have an ISO 9001-compliant culture.

They can't have it all, if you are the only resource for this project. See the Project triangle (http://en.wikipedia.org/wiki/Project_triangle) (which I have read in a text as the "Iron Triangle") about having it one of following ways:

* Quickly and to a high standard, but then it will not be cheap.
* Quickly and cheaply, but it will not be of high quality.
* High quality and cheaply, but it will take a long time.

If you think training is expensive, try ignorance

>>this phrase is cool :cool:

Like everything else in the world today- cost cutting is paramount therefore there would be no opportunity to hire in any consultants- pity!!

So I will give it my best shot.

Thanks for the input though.

Enclosed you can find one.
I hope it can helps.

Regards,

João Vitório - Portugal


This checklist does a detailed gap analysis, but does not support the process approach that ISO 9001 mentions. Your internal audits really should be performed in a process approach, not just to a checklist.

If management is serious, then advise them to hire a team of consultants.

Even with a small organization, 3 months to put a system in place (and you may not have conforming records going back far enough) is very tough, unless you already have an ISO 9001-compliant culture.

They can't have it all, if you are the only resource for this project. See the Project triangle (which I have read in a text as the "Iron Triangle") about having it one of following ways:

* Quickly and to a high standard, but then it will not be cheap.
* Quickly and cheaply, but it will not be of high quality.
* High quality and cheaply, but it will take a long time.

"Project Triangle" I agreeeeeee.

Thanks for sharing this one.
:thanx:

Since the changes to the 2008 Version were only clarifications, you don't need a checklist to the 2008 version. Since, the audits are based upon processes why use a specific checklist? In my opinion.

Agreed with the thread. We don't issue any "new" checklist either for our organization.:rolleyes:

For implementation/compliance purposes, such a list can come in handy. But I agree with Coury, once the system is implemented, you should audit how well the processes are working. So then the focus should be on processes, not the clauses in ISO 9001:2008 anymore.

Making a checklist is real easy. Look at each (applicable) shall and see how you addressed it. In other words, turn each shall statement into a question.

Hope this helps.

Stijloor.

Hie Covers,

Well I am getting ready for an ISO9001:2008 Audit next week so my boss asked me to plan for an Internal Audit sometime this week to check where we stand. I just gave the auditors the new ISO 9001:2008 standard, a blank audit checklist and asked them to audit departments against anything they felt was relevant to that department in the standard. Unfortunately my boss didnt like the idea and so i had to give people audit clauses like previously done. What approach to other covers use?

Did you also give them access to past findings?

thats a valid point. i did not give them previous audit findings (sure these would have been most helpful). just wanted the whole excercise to be blind. Initially i wanted to audit specific departments and specific clauses of the standard based on previous audit results....but i still could not sell the idea to my boss. You do it the way they have always done or you do nothing.....

More than helpful - it a requirement for planning audits (ISO 9001:2008 clause 8.2.2.):

An audit programme shall be planned, taking into consideration ... the results of previous audits.

Unless the audit you were doing didn't have to comply with the standard, but was just a 'check-up'.

Hie Covers,

Well I am getting ready for an ISO9001:2008 Audit next week so my boss asked me to plan for an Internal Audit sometime this week to check where we stand. I just gave the auditors the new ISO 9001:2008 standard, a blank audit checklist and asked them to audit departments against anything they felt was relevant to that department in the standard. Unfortunately my boss didnt like the idea and so i had to give people audit clauses like previously done. What approach to other covers use?

Frankly, you shouldn't be giving internal auditors a copy of the standard and 'turning them loose'........especially to determine what parts of the standard applies where! Your boss is right, but what he proposed isn't correct either!

Forget previous audit findings for now - since we're talking about a 'previous version of ISO', there won't be any, since these revised requirements (even if they are only clarifications) didn't exist, there won't be any previous findings!

As audit process owner, it is your responsibility to define 'scope' and 'criteria' for the audit. Preferably selecting processes (or parts of) to apply the 'scope and 'criteria' to.

Back to the drawing board! You need to look at where the revisions apply and then direct your auditors to those aspects of the system..

More than helpful - it a requirement for planning audits (ISO 9001:2008 clause 8.2.2.):



Unless the audit you were doing didn't have to comply with the standard, but was just a 'check-up'.

I feel, as per the said clause, results of earlier audits must be considered for preparing Audit Program and not an audit.

However, if required, effectiveness of corrective actions taken due to last audit may be verified during this audit.

This verification should have done earlier during follow-up audit.

Although there are only some clarifications, the best advise is to at least review the changes (see Annex B of ISO9001:2008), and ensure the wording in your quality system documents are correct. There were several word changes made specifically to enable easier translation from English to other languages. There are some clarifications made to Outsourcing methods, which is required to be defined now. There is also a new clarification to ensure the authority for release of the product "going to the customer" is identified. Plus others!

As far as a checklist is concerned, the most effective way is to create your checklist for each of your processes, and make sure that you sample as many of the "shall's" as possible as you perform your process audit. Make sure that your audit trail documentation provides sufficient details to support each of the shall's that you claim you review. The outside auditor's will require this as objective evidence of your audit trail/audit report documentation.

Hope this helps!

Although there are only some clarifications, the best advise is to at least review the changes (see Annex B of ISO9001:2008), and ensure the wording in your quality system documents are correct.

The best advise is to not get all wrapped around the axle worrying over nits...An organization can have a fully effective QMS meeting the requirements of 9001:2008 without ever once referencing the document or even using it

Randy,

I am not sure of the intent of your response? If they do not use the documents, they do not have a very effective quality system in place; and certainly can not demonstrate that they are doing what they say they do, the way they say they do it. A company may have an excellent quality system without being registered; but to validate a registered system, the documentation must be used as written.

Jack

Randy,

I am not sure of the intent of your response? If they do not use the documents, they do not have a very effective quality system in place; and certainly can not demonstrate that they are doing what they say they do, the way they say they do it. A company may have an excellent quality system without being registered; but to validate a registered system, the documentation must be used as written.

Jack

The processes must be operated according to "the organization's" documentation, but the document Randy was referring to is the standard itself, and he's correct. If changes to a company's documentation are needed because of the 2008 update, there's something wrong with the documentation.

Pretty much right on Jim....I should have been more specific and stated that an organization doesn't need to reference or even use the ISO 9001:2008 standard to meet its requirements and have an effective QMS.....This'll trigger a response I bet ;)

I agree. ISO 9001:2008 was a 'clarification' document. There were no significant changes.

Pretty much right on Jim....I should have been more specific and stated that an organization doesn't need to reference or even use the ISO 9001:2008 standard to meet its requirements and have an effective QMS.....This'll trigger a response I bet ;)

It's something I've been saying for years, and a lot of people are so bound to ISO legalism that they can't get their arms around the idea.

Yeah, I know.......You should see the looks of doubt on faces when I tell folks I earned my RABQSA certification as an EMS-LA without ever having performed an audit to ISO 14001 (back in 1999)...I had performed numerous management systems audits that met the requirements of 14001 but did not use it or reference it.

Enclosed you can find one.
I hope it can helps.

Regards,

João Vitório - Portugal
Thanks Joaomsv for the checklist, I look forward to studying it in detail.
Regards,
Noahman