Auditing strategy

[N.galt]

Hello All,

This question I'm looking for feedback on.

For context, I'm in a senior position at my company that is ISO:9001 accredited, I've previously been audited to NADCAP and ISO: 9100.

It's my opinion that our Quality system as it stands is weak at best, we're talking hundred's of NCR's a year, loads of repeaters- it's extremely bad. I guess the main positive would be that we've got a good reporting culture... we're leaking profits due to Quality issues.

We're going to be audited on the 5th & 6th of July to ISO:9001 this year and I have every intention of pushing the auditors buttons and leading them in the direction towards Quality holes and toward potential Non-conformances. I want to shine a very bright light on the Quality problems that we face as a company.

It baffles me that we pass audits every year, I'm not even certain we're getting value for money. I think that the previous QM always had an answer but that's really not my style. I understand the purpose of audits and it would benefit me massively to find NC's and Opportunities for improvement.

My question- previous QM's and Audit leaders, what has your approach been?

 

[Steve Prevette]

I'd be very careful at this point (having been there, done that). If you do actively point the auditors towards issues with the hope of "shining the light" on quality problems, - assuming you want to have senior management be aware/acknowledge those quality problems, you could be seen as "not a team player". Senior management could end up blaming you for the issues, rather than providing the help you believe you need. And may be able to say - but you never told us.

Practically - at this point, what have you done to shine a light on these issues and mitigate or (better yet) correct them? Also, is there a way to supply a list of known issues to the management, and to the auditors. Normally there is a way to document "known issues" and what you are doing about them.

I'll just say been there, done that. Such a path is not easy to negotiate.

LATE EDIT - question - are these internal auditors or external auditors? I was assuming external auditors in my response.

 

[qusys]

Hello All,

This question I'm looking for feedback on.

For context, I'm in a senior position at my company that is ISO:9001 accredited, I've previously been audited to NADCAP and ISO: 9100.

It's my opinion that our Quality system as it stands is weak at best, we're talking hundred's of NCR's a year, loads of repeaters- it's extremely bad. I guess the main positive would be that we've got a good reporting culture... we're leaking profits due to Quality issues.

We're going to be audited on the 5th & 6th of July to ISO:9001 this year and I have every intention of pushing the auditors buttons and leading them in the direction towards Quality holes and toward potential Non-conformances. I want to shine a very bright light on the Quality problems that we face as a company.

It baffles me that we pass audits every year, I'm not even certain we're getting value for money. I think that the previous QM always had an answer but that's really not my style. I understand the purpose of audits and it would benefit me massively to find NC's and Opportunities for improvement.

My question- previous QM's and Audit leaders, what has your approach been?

Could you please clarify better the context? I t seems to be that the results of the internal audit are not an input to your management review. Is there commitment of the leadership team here?

 

[N.galt]

Could you please clarify better the context? I t seems to be that the results of the internal audit are not an input to your management review. Is there commitment of the leadership team here?

The internal audit results are an input to the management review but are very rarely corrected.

Since I joined the organisation, we have an audit schedule and the org is more frequently audited. I'd say no, leadership commitment- the C-suite have only just recently started attending the management review or being interested in Quality.

For additional context I'm a QE moving into management, this will be my first lead audit.

 

[N.galt]

I'd be very careful at this point (having been there, done that). If you do actively point the auditors towards issues with the hope of "shining the light" on quality problems, - assuming you want to have senior management be aware/acknowledge those quality problems, you could be seen as "not a team player". Senior management could end up blaming you for the issues, rather than providing the help you believe you need. And may be able to say - but you never told us.

Practically - at this point, what have you done to shine a light on these issues and mitigate or (better yet) correct them? Also, is there a way to supply a list of known issues to the management, and to the auditors. Normally there is a way to document "known issues" and what you are doing about them.

I'll just say been there, done that. Such a path is not easy to negotiate.

LATE EDIT - question - are these internal auditors or external auditors? I was assuming external auditors in my response.

External auditing body- correct.

The C-suite is aware of the problems but not the extent, I've just taken over the Quality management system. I've started to re-design and mitigate a lot of risks, so in a way I'm not expecting a huge number of NC's. They are "on-side" so to speak but I do not think they realise how bad things are. My direct manager would defend my methods so I don't feel too exposed in that regard, however I will heed your advice.

I've been raising NC's through internal audits and begun to mitigate them with middle managers. For my taste there's not enough urgency to fix problems and I still have some difficult people to negotiate with.

A list is a good idea, I usually do an NCR register- so I'll do that

 

[qusys]

It seems to me very ineffective QMS. Besides, it is very difficult to understand how your organization passed the previous external audit by Registrar. Was the same for customers audit too if any? Do you have high rate of customer returns or are your products ok for the customers?

 

[N.galt]

It seems to me very ineffective QMS. Besides, it is very difficult to understand how your organization passed the previous external audit by Registrar. Was the same for customers audit too if any? Do you have high rate of customer returns or are your products ok for the customers?

@qusys that's an accurate assessment and my thoughts exactly and my manager (board member) would agree too- doesn't understand how we've passed.

No, we have a high Warranty returns and some of the same warranty problems.

 

[N.galt]

It seems to me very ineffective QMS. Besides, it is very difficult to understand how your organization passed the previous external audit by Registrar. Was the same for customers audit too if any? Do you have high rate of customer returns or are your products ok for the customers?

So, my question still stands. Understanding my position now- a bad ineffective QMS but somehow passing audit every year?

What would be your strategy during external audit? How do I play it?

 

[qusys]

@qusys that's an accurate assessment and my thoughts exactly and my manager (board member) would agree too- doesn't understand how we've passed.

No, we have a high Warranty returns and some of the same warranty problems.

No continuous improvement in place based upon you are saying. Question: is your QMS profitable or not? Business planning seems to be not effective.

 

[qusys]

So, my question still stands. Understanding my position now- a bad ineffective QMS but somehow passing audit every year?

What would be your strategy during external audit? How do I play it?

In my opnion, you should address the risks to your Top management, explaining that quality system audit is process by sampling, depending on what the auditors check and if it is a surveillance audit or certification audit. Try to make a risk analysis with management deciding the best shared strategy according the organization priorities.