Management of NC after internal system audit

[drhouse77]

Hello all,

after our internal system audit we have obviously detected some NC.
We have in 3 weeks time the official IATF audit and of course it's not possible at all to solve all of them.

The responsible of the system is forcing the organization to close all them before the audit because this is a IATF requirement but, as per my understanding this is not true.
The IATF (and ISO) gives rules on how to manage NC after their audit but they do not ask anything in term of NC found during internal audit. In this case they focus on the system to manage them, which means root cause analysis, corrective anction and a clear action plan with responsible and due date.

Am I correct ?

Thanks and best regards to all of you!

 

[John Predmore]

I don't know anything about the difficulty of the NCs you identified. Some problems simply take longer to correct. In 3 weeks time, it is reasonable you have person(s) assigned to address the NCs, the teams have completed all or most containment activity, some or all of root cause investigation, have solid plans for corrective action including target completion date, and a maybe a proposal of how and how soon after completion you will assess effectiveness of your corrective action.

 

[Jean_B]

You are correct that the system should be audited, and not be judged on an absence of open NC's (which to me is even more suspicious).
Things to be able to do when you have the external audit on such a recent internal audit non-conformity:

• Report(s) correctly administrated?
• For each non-conformity must have
  • Risk assessment
    • Containment enacted and active if needed, on a solid base for affected items
• For each non-conformity want to have
  • Cause analysis
  • Action plan
  • Evidence of implementation
  • Evidence of verification of effectiveness

The first two main points are crucial. For each of the sub-points of the third you're in a better position when you can show more final records, or at least drafts and why they're not yet final.

Ripe open non-conformities need a different approach; they are far more often used as an indicator for ineffective follow-up than newly opened non-conformities.

 

[qualprod]

Hello all,

after our internal system audit we have obviously detected some NC.
We have in 3 weeks time the official IATF audit and of course it's not possible at all to solve all of them.

The responsible of the system is forcing the organization to close all them before the audit because this is a IATF requirement but, as per my understanding this is not true.
The IATF (and ISO) gives rules on how to manage NC after their audit but they do not ask anything in term of NC found during internal audit. In this case they focus on the system to manage them, which means root cause analysis, corrective anction and a clear action plan with responsible and due date.

Am I correct ?

Thanks and best regards to all of you!

Could you mention the findings?
Sometimes, some just need a correction, not full analysis.
Also, sometimes several ncs are solved with just one corrective action,
and are solved in few days.
Once you explain the case, you may have a more precise response.
Be well

 

[Golfman25]

If memory serves me, IATF rules (or at least the CBs) may like to see NCs from internal audits closed out before third party audits. But as you are experiencing, that isn't realistic. I would say work or NC system and be prepared to show the progress of your corrective actions to the third party auditor. You should be fine. Good luck.

 

[qusys]

If the organization does not timely fix the elicited non-conformities concerning with new IATF requirements ( for instance, documented process for temporary process changes, product safety, TPM implementation, risk management, supplier development, control of reworked/repaired product, competence and on the job training, employee motivation, contingency plans etc.), this could carry a breakdown in the quality management system and translate in a potential failure of the processes.
In any case this potential issue should be matter of the organization management review as an input.

 

[Sebastian]

I do not see anything about requirement related to closure of all internal system nonconformities before 3rd party audit is carried out.
It is a little bit risky to plan internal audit just before 3rd party audit, but always is better to identify concerns internally than wait for external auditor.
There is some time for implementing corrections and root causes and corrective actions can follow later. If you implement good corrections, there is no chance for external auditor to detect it. Only auditing internal audits will tell, there is something going on.

 

[Mikey324]

Our IATF auditor seems to understand the intent of the standard. As long as you can show you are actively working to close the NC, you should be fine. Is the problem contained, 100% sorting or similar? Root cause has been determined, or you can show you are working on it? If so, it would seem to me that you are following the intent of the standard. Your auditor should see it that way too.
We have had open NC's at this time of a 3rd party audit. Its just part of life. I have never had questioned why it was open. Just what our progress toward closure was.