Audit based on guideline



Is it OK for an auditor to issue any observation for improvement when he/ she found anything that is stated in the guideline was not carried out and it was not stated anywhere in the standard (used for auditing) itself?

i.e., in IATF guidance to ISO/ TS 16949 talk something about employee motivation and emplowerment whereby common measurement of employee satisfaction was surveys, awards, improvement suggestions, poster campaigns and etc...

If any of the above was not carried out per the guidance, was it a non-compliance or what? (take into consideration internal procedure never mentioned anything about the suggested scheme to measure the employee satisfaction, instead they choose to be different from what guidance was given)

Any input will be greatly appreaciated.

thanks in advance
Elsmar Forum Sponsor

M Greenaway

You should only raise a non-compliance where a requirement (a SHALL statement) is not being carried out. This SHALL statement should appear somewhere in the audit criteria (what you are auditing against). So if the audit is undertaken against TS16949 you could not cite suggestions in guidance documents as an NC.

However I would think it fair to point to 'best practice' in the audit report as a suggestion, perhaps highlighted as an observation.
Agreed Martin,

It would certainly not be a non-compliance, but the aim of any audit should be to gather data for potential improvement. Mentioning it in the report is the way to go here imo.



Quite Involved in Discussions
If the customer calls out the use of the IATF guidance in their system, then the IATF guidance becomes auditable and a N/C can be issued. If not, then the answer is No. You may however issue an Opportunity for Improvement based on the guidance (IATF, ISO 9004-2000, etc.).
Last edited:

M Greenaway


Perhaps generate a document called an 'Opportunity for Improvement', as used by BSi.

Then you can ensure that the opportunity is properly reviewed, and decisions and actions (or decisions and rationale for no action) documented.

Added -- great minds think alike gp ! I was writing my post as you posted your answer.
Refer to TS2 para. 0.3.1,The guidance document is not auditable nor is it to be for contractural purposes.
Back to the original question concerning issue of an observation for imporovement; should only be issued when the auditior suspects or envisions that a future ncocompliance could possibly occur.


Super Moderator
Trusted Information Resource
I have always asked auditors to note any opporturnities for improvement they may come across and then when we write up our report for closing meeting (yes we do a closing meeting, and report the nonconformances verbally prior to issuing a written report/audit corrective action requests) we start with a listing of all the items we saw that we thought were working very well, or innovative ideas that have been put into use, etc. After we list the nonconformances found we describe areas that could use improvement. We explain that they are not nonconformances for this audit, but bear looking at to ensure that in another audit they won't become nonconformances.

Remember, audits are a "snapshot", you don't have time to put everything under a microscope. If auditors have bad feelings about something, you can rest assured that it will become a self fulfilling prophecy in the future, if for no other reason than someone in a later audit will decide to dig a little deeper, or the scope will such that an area that was previously only looked at lightly will be focused upon the next time.

Observed opportunities for improvement do not require a "corrective action" at our facility, but I do expect the management team to look into it and provide me with results of their investigation along. i.e. it is an internal issue that may become a corrective action.

Have a good one!


Quite Involved in Discussions
Sam, agree with you to some extent. The paragraph does say that, meaning that an internal/external auditor can not pull out the guidance and audit to it, unless you say your system is compliant to it.
Most internal auditors use the OFIs to suggest ways to improve the QMS based on their observations and comments from the organization. External auditors are taught to write OFIs in the instances that you say but usually use this as an avenue for free consulting MO.
Last edited:


Thanks a lot for all the constructive input given.

May I know how do one verify a "best practice" in an audit?

What kind of evidence should we used against? Reference book, journal, scientific research, newspaper or how?

Any idea?

Thread starter Similar threads Forum Replies Date
Sidney Vianna IATF 16949 News Risked Based Audit Day Calculation IATF 16949 - Automotive Quality Systems Standard 2
D Requirement of Pharmacovigilance (Drug Safety) Risk Based Strategic and Tactical Audit Plan General Auditing Discussions 0
Ed Panek Are audit non conformances also risk based? ISO 13485:2016 - Medical Device Quality Management Systems 1
G Web based tool for benchmarking audit findings Benchmarking 6
P Secretly Auditing - Writing an audit report with observations based on my experiences Internal Auditing 12
N Audit Checklist based on ISO14001:2015 ISO 14001:2015 Specific Discussions 17
P Searching for a complete audit check list based on ISO14001:2004 ISO 14001:2015 Specific Discussions 1
C Performing an ISO 9001 based Supplier Audit - Multiple Supplier Facilities Supplier Quality Assurance and other Supplier Issues 4
V Could the Microbiology Laboratory Audit be done based on Documentation? ISO 13485:2016 - Medical Device Quality Management Systems 7
J Audit days calculator based on Rules 4th IATF 16949 - Automotive Quality Systems Standard 2
S Spreadsheet that will Calculate Audit Duration times based on IAF MD5 and MD11 Excel .xls Spreadsheet Templates and Tools 8
T AS9104/3 is bringing in a requirement for an AA to qualify as AEA based on Audit Days AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
S Help me with preparing Internal Audit Schedule based on Risk analysis 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
L How to conduct a Quality Audit based on ASME BPVC VIII-1 requirements Various Other Specifications, Standards, and related Requirements 4
A Risk Based Internal Quality Audit Scheduling and Planning Internal Auditing 2
I Types of Internal Audit findings based on ISO 9001 Clause 8.2.2 Quality Manager and Management Related Issues 10
J Web based Database to Collect and Evaluate 5S Audit Results, Trends, Charts Lean in Manufacturing and Service Industries 3
RoxaneB Risk-Based Audit Results - Audit Program for Multiple Locations General Auditing Discussions 8
P How to perform an Internal Audit on Safety based on OHSAS 18001:2007? Internal Auditing 2
M QSIT-Based ISO 13485 Internal Audit Schedule Internal Auditing 8
P Measurement of Performance based on Internal Audit Reports Quality Tools, Improvement and Analysis 12
N ISO 9001 based Audit Schedules: Creating and Maintaining - Template wanted General Auditing Discussions 5
M Radiation (Gamma or E-beam) Dose Audit SOP - Quarterly dose audits based on ISO 11137 Other Medical Device Related Standards 8
L It is fair and legal to let a customer to make an assessment audit based on other cus IATF 16949 - Automotive Quality Systems Standard 2
V Internal Audit - Process based vs. Procedure based AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 11
U Process based Audit Approach vs. Clause based Audit Approach Process Audits and Layered Process Audits 49
RoxaneB Process-based auditing in 14001 - Seeking Reviews: Audit Schedule Content Feedback General Auditing Discussions 9
T Audit Days Based Upon Number of Employees IATF 16949 - Automotive Quality Systems Standard 8
I ISO 13485 Practical Internal Audit Checklist - Standard vs. Process Based Internal Auditing 26
Claes Gefvenberg 8.2.2 - Opinions please... Audit schedule based on importance and 'status' General Auditing Discussions 17
M ISO 9001:2000 Process Based Internal Quality Audit Plan General Auditing Discussions 11
J 9001 Internal Audit of Client Onboarding process ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
H Streamlining audit response and corrective action processes ISO 13485:2016 - Medical Device Quality Management Systems 7
Q Corrective Action Notification - Registration Audit ISO 13485:2016 - Medical Device Quality Management Systems 12
chris1price Irradiation site for dose audit Other Medical Device Related Standards 2
PQ Systems 5 Ways to Reduce Stress on Your Next Audit Using GAGEpack Software 0
PQ Systems Audit Prep – Time for a System Health Check Using GAGEpack Software 0
N API Q1 Audit Surveillance - Questions Oil and Gas Industry Standards and Regulations 2
A Alternative to on site audit in China EU Medical Device Regulations 2
J Help to understand and response to API AAR during the re-certification audit Oil and Gas Industry Standards and Regulations 17
B Internal audit checklist Internal Auditing 5
V Internal Audit Software IATF 16949 - Automotive Quality Systems Standard 5
J Internal Audit Schedule IATF Internal Auditing 3
Mikey324 External calibration - Finding in our 3rd party audit General Measurement Device and Calibration Topics 58
C ISO 14001 Internal Audit - Opportunity for Improvement ISO 14001:2015 Specific Discussions 2
P Does FDA require certification for quality system internal audit for auditor? Qualification and Validation (including 21 CFR Part 11) 1
J Stage 2 audit initial cert, few data points ISO 13485:2016 - Medical Device Quality Management Systems 4
S Corrections not allowed during audit ISO 13485:2016 - Medical Device Quality Management Systems 7
P Looking to outsource Internal Audit - MDSAP competent auditor needed Other Medical Device Regulations World-Wide 9
R GFE Audit - Violation? GFE Location Controls AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 0

Similar threads

Top Bottom