Can YOU help? --> Unanswered questions <-- (Other than Marcelo's Informational posts)

API Spec Q1 9th Edition Surveillance Audit - Questions about internal audits.

FMS

quality manager
#1
dears Mates,

looking for complete covered answer for that recently founded by Auditor. for that corrective action
Internal Audit Plan for 2018 doesn’t contain nonconformity nor criticality from the last Internal Audit.
 

FMS

quality manager
#4
Nonconformance/Concern Description Internal Audit Plan for 2018 doesn’t contain nonconformities nor criticality from the last Internal Audit.
 

Jean_B

Involved In Discussions
#5
In short: It doesn't have to show that explicitly. It simply needs to "take into consideration the importance of processes concerned, ..., results of previous audits". (The only records required are: implementation of the audit programme (not establishing or determining, the standard even says implement is only Do from PDCA) & audit results.)
There is no requirement to have explicit records of this specific fact (incompetent/lazy auditors expect all needed evidence or compliance to be written down to make it easy for them) as a competent auditor should be able to determine this from context: e.g. when the last three years a process has had NC's it should not be skipped next year, yet if it has always performed well they should not fault you for spending audit resources wisely (unless there is a particular safety risk you should always keep tabs which doesn't go away with it running well for an extended time, e.g. medical devices sterilization process).

If your audit programming/planning process states it takes "importance of processes concerned, ..., results of previous audits" into consideration, selects the risky processes (e.g. pareto always risky or bad performance, a bit lower frequency for the middle risk, for-cause on the negligible risk ones) and subsequently focuses on those nothing is a-miss (if you do execute this). This is the parsimonious solution.
The rationale is you'd be looking for higher quality information on risky items from the audits versus a lot of lower quality information on all items, even the ones you've got a handle on through regular process monitoring.

Technically (nearly) nobody audits all processes (even work instructions cover processes, just in more detail, and how often have you seen auditors expect audits on all of those?), and if they do a portion of these will be of a superfluous nature. Note that based on normative requirements it is only the automotive QMS that requires you to audit all processes of your QMS within a certain period, thus there it is interpreted to mean prioritization of which to do first/often. If you have an additional regulatory oversight organization checking you might be in for double trouble as regulations can get iffy on wording and switching away from them is more difficult than switching away from an incompetent certification provider with no other sticks to hit you with.
 
#8
Nonconformance/Concern Description Internal Audit Plan for 2018 doesn’t contain nonconformities nor criticality from the last Internal Audit.
What is an internal audit plan? Is this part of your own procedure for internal audits? Can you confirm which auditor wrote this?
 

Top Bottom