Auditing a Contractor in EMS and Non Conformity Report

#1
Mabuhay! I am Ian and have been reading different posts in this site for several months now.

Please help me clarify some issues:

1. When I am auditing our contractor against a Contractor Agreement (requirement) that we have provided them related to our EMS, am I right in saying that I could have my own classification of whether the findings are OFI, minor NC or major NC? Especially since they don't have a certified EMS and even if they have, the audit scope would be based on the Contractor Agreement, right?

We have internal auditors who raised NCs with applicable ISO14001 clauses but not citing the requirements under the Contractor Agreement.

2. When I am auditing the Process owner that employs the contractor mentioned above, then I could raise the nonconformities to that particular Process owner especially if the contractor have contributed to the Department's failure to meet the EMS requirements. Right?

We have been tabulating the number of findings, especially NCs, per process owner and the process owner always says that ANY NC raised because of the contractor's actions should not credited to them.
 
Elsmar Forum Sponsor

Sidney Vianna

Post Responsibly
Staff member
Admin
#2
Welcome to The Cove.
1. When I am auditing our contractor against a Contractor Agreement (requirement) that we have provided them related to our EMS, am I right in saying that I could have my own classification of whether the findings are OFI, minor NC or major NC?
As you are auditing your external source (contractor) against your own requirements, you use your process and criteria to report the findings (NC's, comments, observations, noteworthy efforts, etc...

2. When I am auditing the Process owner that employs the contractor mentioned above, then I could raise the nonconformities to that particular Process owner especially if the contractor have contributed to the Department's failure to meet the EMS requirements. Right?

We have been tabulating the number of findings, especially NCs, per process owner and the process owner always says that ANY NC raised because of the contractor's actions should not credited to them.
Any finding should be flagged to the process owner, in a way that, if correction and corrective actions are necessary, such process owner will be made accountable. As for "crediting" the nonconformity, it seems that the culture is of blame. The internal process owner does not want to be made responsible for the external supplier's problem. But was this process owner involved with the screening and selection of the supplier? Does this process owner have authority over the supplier? Sometimes, a process owner has the responsibility but very little authority over issues, including external parties.

But, first and foremost, for the system to be embraced and be an agent of change, blame should be eradicated from the culture. Otherwise, people will resist any ownership of processes.
 
Thread starter Similar threads Forum Replies Date
B Supplier and Contractor Auditing - Report Template Needed Supplier Quality Assurance and other Supplier Issues 1
P Is it OK if Registrar and Internal Auditing "Contractor" are the same company? Registrars and Notified Bodies 30
C List of MDSAP Auditing Organizations Medical Device and FDA Regulations and Standards News 1
A What are the pros and cons of using an audit software for internal auditing? General Auditing Discussions 4
cscalise Suggestions for MDR Auditing tools EU Medical Device Regulations 1
J Auditing of Support Function IATF 16949 - Automotive Quality Systems Standard 9
D ISO 13485, FDA 21 CFR 820 and Auditing the Accounting Department ISO 13485:2016 - Medical Device Quality Management Systems 5
S Risk based internal auditing Internal Auditing 6
Randy Remote auditing (for disaster, disease, disturbance etc...) during the Neo Coronavirus Pandemic and Social Distancing Registrars and Notified Bodies 7
K ANVISA B-GMP Auditing requirements for Contract Manufacturers Other Medical Device Regulations World-Wide 0
F AS9100D Internal auditing requirements Internal Auditing 3
R Does any here use an internal auditing tool that works on different platforms? Internal Auditing 3
W Does anyone have an API Q2 checklist for internal auditing? Oil and Gas Industry Standards and Regulations 1
G Best Practices for IT auditing - Is a session-id necessary for a complete audit trail? IEC 27001 - Information Security Management Systems (ISMS) 0
I Questions to ask when auditing for Organizational Leadership and Planning for the QMS? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
C CE marking for general IVD (self-certified) & ISO 13485 QMS requirements - auditing EU Medical Device Regulations 6
blackholequasar Internal Auditing Inspiration - Getting volunteers to perform internal audits. Internal Auditing 22
W Internal Auditing carried out by a 3rd party - Review of previous audits AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
tony s What is the automotive process approach for auditing? IATF 16949 - Automotive Quality Systems Standard 2
S Internal Auditing for API Spec Q1 - auditor qualification requirements Oil and Gas Industry Standards and Regulations 6
R I've been auditing for a CB for 18 years General Auditing Discussions 10
P Consultant Auditing Qualifications Requirements ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 23
E Informational Internal Audits - Wear multiple hats what can and can't I audit (so I'm not auditing my own work) Internal Auditing 144
M We still have not received our certificate due to a 'backlog' with our auditing body Registrars and Notified Bodies 25
N Online Internal Auditing Course for ISO 13485 - Suggestions ISO 13485:2016 - Medical Device Quality Management Systems 8
A Agenda for 8D audit on Supplier's side - Auditing Corrective Actions General Auditing Discussions 5
U Internal auditing - Company employees or contract second party Internal Auditing 10
J Recomended Values - Auditing process in a supplier IATF 16949 - Automotive Quality Systems Standard 18
M Canada - Registrars that allow e-auditing for ISO 9001? Registrars and Notified Bodies 4
K Internal Auditing - Umbrella QMS and Multiple Standards Oil and Gas Industry Standards and Regulations 4
D Auditing Our Outsourced 2nd-3rd Party Internal Audit Company ISO 13485:2016 - Medical Device Quality Management Systems 6
supadrai Auditing Organization dragging their heels on issuing our MDSAP Surveillance Audit Confirmation Letter - everyone is nervous ... are we the only ones? Canada Medical Device Regulations 7
Ed Panek Supplier Auditing - No purchases from our key suppliers in the last 24 months ISO 13485:2016 - Medical Device Quality Management Systems 5
P Auditing "process validation" process 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
qualprod Effective Auditing advice needed ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 16
M Acceptance of remote auditing techniques - Can you help me with my research? General Auditing Discussions 0
GStough Auditing Against Criteria Unfamiliar to Auditee - Yea or Nay? General Auditing Discussions 11
qualprod Auditing Product and Services doubts ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
R Auditing support and management processes General Auditing Discussions 7
F It is acceptable moving remote locations staff to manufacturing plant for auditing? IATF 16949 - Automotive Quality Systems Standard 3
D MSDS / GHS Walk-through / Auditing Occupational Health & Safety Management Standards 6
Pmarszal Supplier Auditing Services (Audit Needed?) General Auditing Discussions 4
S ISO 9001 Audit Observations - Transitioning my career into auditing Career and Occupation Discussions 16
G AS9101 Rev F - Worksheets for internal auditing AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 11
N API Q2 clause 6.2.2.1 Auditing Outsourced Suppliers Oil and Gas Industry Standards and Regulations 5
M Auditing processes followed by employees placed on client's site Internal Auditing 4
S ISO 13485:2016 and MDSAP internal auditing ISO 13485:2016 - Medical Device Quality Management Systems 6
Richard Regalado ISMS Auditing Guideline V2 (based from ISO/IEC 27001:2013) IEC 27001 - Information Security Management Systems (ISMS) 7
S ISO 9001:2015 - Internal Auditing - Audit to the Standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
B Auditing Senior Management to determine the Effectiveness of Management Processes IATF 16949 - Automotive Quality Systems Standard 6

Similar threads

Top Bottom