Hello,
i was recently going through the new standard (ISO 9001:2015) and was wondering what certification bodies will be looking for with this clause
"The organization shall: define the audit criteria and scope for each audit"
We do not have a "scope" per say, but we do have a matrix of each process along with each ISO/IATF/AS9100D clauses that will be audited to for each audit. Will this satisfy that requirement?
Here are the definitions of the terms audit criteria and audit scope in ISO 9000:2015:
ISO 9000:2015 said:
audit criteria
set of policies, procedures or requirements used as a reference against which objective evidence is compared
ISO 9000:2015 said:
audit scope
extent and boundaries of an audit
Note 1 to entry: The audit scope generally includes a description of the physical locations, organizational units, activities and processes
The standard doesn't mention when the scope needs to be defined. It sounds like your matrix may be used as an overall long-term plan or schedule. You may decide what physical locations will be included in an audit at the time the auditor prepares to conduct an audit. For example, when auditing the manufacturing process in a large facility the auditor may decide what production lines will be included in the current audit while planning the specific audit.
Keep in mind that the note is not a requirement, but I would suggest that you consider adding locations audited (if appropriate) in the records of audits conducted. Although not mentioned above, I would also consider including what shifts are audited in the records. Ideally all shifts should be covered over time.
The records should also include the documents (policies, procedures, requirements) that were audited against to cover the "criteria" requirement.