Audit based on guideline



Is it OK for an auditor to issue any observation for improvement when he/ she found anything that is stated in the guideline was not carried out and it was not stated anywhere in the standard (used for auditing) itself?

i.e., in IATF guidance to ISO/ TS 16949 talk something about employee motivation and emplowerment whereby common measurement of employee satisfaction was surveys, awards, improvement suggestions, poster campaigns and etc...

If any of the above was not carried out per the guidance, was it a non-compliance or what? (take into consideration internal procedure never mentioned anything about the suggested scheme to measure the employee satisfaction, instead they choose to be different from what guidance was given)

Any input will be greatly appreaciated.

thanks in advance
Elsmar Forum Sponsor

M Greenaway

You should only raise a non-compliance where a requirement (a SHALL statement) is not being carried out. This SHALL statement should appear somewhere in the audit criteria (what you are auditing against). So if the audit is undertaken against TS16949 you could not cite suggestions in guidance documents as an NC.

However I would think it fair to point to 'best practice' in the audit report as a suggestion, perhaps highlighted as an observation.
Agreed Martin,

It would certainly not be a non-compliance, but the aim of any audit should be to gather data for potential improvement. Mentioning it in the report is the way to go here imo.



Quite Involved in Discussions
If the customer calls out the use of the IATF guidance in their system, then the IATF guidance becomes auditable and a N/C can be issued. If not, then the answer is No. You may however issue an Opportunity for Improvement based on the guidance (IATF, ISO 9004-2000, etc.).
Last edited:

M Greenaway


Perhaps generate a document called an 'Opportunity for Improvement', as used by BSi.

Then you can ensure that the opportunity is properly reviewed, and decisions and actions (or decisions and rationale for no action) documented.

Added -- great minds think alike gp ! I was writing my post as you posted your answer.
Refer to TS2 para. 0.3.1,The guidance document is not auditable nor is it to be for contractural purposes.
Back to the original question concerning issue of an observation for imporovement; should only be issued when the auditior suspects or envisions that a future ncocompliance could possibly occur.


Super Moderator
Super Moderator
I have always asked auditors to note any opporturnities for improvement they may come across and then when we write up our report for closing meeting (yes we do a closing meeting, and report the nonconformances verbally prior to issuing a written report/audit corrective action requests) we start with a listing of all the items we saw that we thought were working very well, or innovative ideas that have been put into use, etc. After we list the nonconformances found we describe areas that could use improvement. We explain that they are not nonconformances for this audit, but bear looking at to ensure that in another audit they won't become nonconformances.

Remember, audits are a "snapshot", you don't have time to put everything under a microscope. If auditors have bad feelings about something, you can rest assured that it will become a self fulfilling prophecy in the future, if for no other reason than someone in a later audit will decide to dig a little deeper, or the scope will such that an area that was previously only looked at lightly will be focused upon the next time.

Observed opportunities for improvement do not require a "corrective action" at our facility, but I do expect the management team to look into it and provide me with results of their investigation along. i.e. it is an internal issue that may become a corrective action.

Have a good one!


Quite Involved in Discussions
Sam, agree with you to some extent. The paragraph does say that, meaning that an internal/external auditor can not pull out the guidance and audit to it, unless you say your system is compliant to it.
Most internal auditors use the OFIs to suggest ways to improve the QMS based on their observations and comments from the organization. External auditors are taught to write OFIs in the instances that you say but usually use this as an avenue for free consulting MO.
Last edited:


Thanks a lot for all the constructive input given.

May I know how do one verify a "best practice" in an audit?

What kind of evidence should we used against? Reference book, journal, scientific research, newspaper or how?

Any idea?

Thread starter Similar threads Forum Replies Date
Sidney Vianna IATF 16949 News Risked Based Audit Day Calculation IATF 16949 - Automotive Quality Systems Standard 2
D Requirement of Pharmacovigilance (Drug Safety) Risk Based Strategic and Tactical Audit Plan General Auditing Discussions 0
Ed Panek Are audit non conformances also risk based? ISO 13485:2016 - Medical Device Quality Management Systems 1
G Web based tool for benchmarking audit findings Benchmarking 6
P Secretly Auditing - Writing an audit report with observations based on my experiences Internal Auditing 12
N Audit Checklist based on ISO14001:2015 ISO 14001:2015 Specific Discussions 17
P Searching for a complete audit check list based on ISO14001:2004 ISO 14001:2015 Specific Discussions 1
C Performing an ISO 9001 based Supplier Audit - Multiple Supplier Facilities Supplier Quality Assurance and other Supplier Issues 4
V Could the Microbiology Laboratory Audit be done based on Documentation? ISO 13485:2016 - Medical Device Quality Management Systems 7
J Audit days calculator based on Rules 4th IATF 16949 - Automotive Quality Systems Standard 2
S Spreadsheet that will Calculate Audit Duration times based on IAF MD5 and MD11 Excel .xls Spreadsheet Templates and Tools 7
T AS9104/3 is bringing in a requirement for an AA to qualify as AEA based on Audit Days AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
S Help me with preparing Internal Audit Schedule based on Risk analysis 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
L How to conduct a Quality Audit based on ASME BPVC VIII-1 requirements Various Other Specifications, Standards, and related Requirements 4
A Risk Based Internal Quality Audit Scheduling and Planning Internal Auditing 2
I Types of Internal Audit findings based on ISO 9001 Clause 8.2.2 Quality Manager and Management Related Issues 10
J Web based Database to Collect and Evaluate 5S Audit Results, Trends, Charts Lean in Manufacturing and Service Industries 3
RoxaneB Risk-Based Audit Results - Audit Program for Multiple Locations General Auditing Discussions 8
P How to perform an Internal Audit on Safety based on OHSAS 18001:2007? Internal Auditing 2
M QSIT-Based ISO 13485 Internal Audit Schedule Internal Auditing 8
P Measurement of Performance based on Internal Audit Reports Quality Tools, Improvement and Analysis 12
N ISO 9001 based Audit Schedules: Creating and Maintaining - Template wanted General Auditing Discussions 5
M Radiation (Gamma or E-beam) Dose Audit SOP - Quarterly dose audits based on ISO 11137 Other Medical Device Related Standards 8
L It is fair and legal to let a customer to make an assessment audit based on other cus IATF 16949 - Automotive Quality Systems Standard 2
V Internal Audit - Process based vs. Procedure based AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 11
U Process based Audit Approach vs. Clause based Audit Approach Process Audits and Layered Process Audits 49
RoxaneB Process-based auditing in 14001 - Seeking Reviews: Audit Schedule Content Feedback General Auditing Discussions 9
T Audit Days Based Upon Number of Employees IATF 16949 - Automotive Quality Systems Standard 8
I ISO 13485 Practical Internal Audit Checklist - Standard vs. Process Based Internal Auditing 26
Claes Gefvenberg 8.2.2 - Opinions please... Audit schedule based on importance and 'status' General Auditing Discussions 17
M ISO 9001:2000 Process Based Internal Quality Audit Plan General Auditing Discussions 11
Q ISO 9001-2015 Internal audit finding Internal Auditing 12
lanley liao How to understand this words that the planning of internal audit shall take into consideration the results of previous audits? Oil and Gas Industry Standards and Regulations 10
P Audit check for IT company (ISO 9001) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
D Supplier audit Medical Device and FDA Regulations and Standards News 2
M Go Live With New ERP System before Recertification Audit General Auditing Discussions 6
A Add MDSAP to Internal Audit Schedule Medical Device Related Regulations 0
A Define timeline for Major and Miner Audit finding General Auditing Discussions 4
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
A API Monogram audit review process Oil and Gas Industry Standards and Regulations 4
S IATF 16949 Internal Audit Example IATF 16949 - Automotive Quality Systems Standard 7
B Remote IATF 16949 audit preparation General Auditing Discussions 10
M AS9100D Registrar pre-audit requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 15
I Do I need to sign off my annual audit calendar? Internal Auditing 2
R AS9100D internal audit checklist or ISO 9001 2015 to AS9100 D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
M Nice and simple invitation email to an audit kickoff meeting Internal Auditing 1
M IATF 16949 - Audit of Remote Location/Support Site and IT IATF 16949 - Automotive Quality Systems Standard 4
Q IATF audit - Root Cause Analysis results IATF 16949 - Automotive Quality Systems Standard 5
Q Self-assessment audit information Quality Management System (QMS) Manuals 6
Le Chiffre Online training available for ISO/IEC 17021-1: Requirements for bodies providing audit and certification of management systems Training - Internal, External, Online and Distance Learning 3

Similar threads

Top Bottom