Auditing to ISO 9001:2000 - What is the Process Model in PRACTICAL terms

J

JLMorris

#1
I am on the home straight with conversion to the new standard, but during a recent visit from our assessor, I was told that we have to be conducting our audits to a process model and the new standard. Can someone help to explain what this means in PRACTICAL terms, and the sort of questions I should be looking at.

Should I be concentrating on the interfaces between processes, the inputs and outputs to agreed objectives/specs etc? Should I forget about the conformance to work instructions & methods? However if we have written a work instruction or procedure (eg any one of the 6 required procedures) we would still want people to be doing things according to that (which will involve auditing to the old methods).
Maybe I am too stuck in the old mode of auditing.

I would appreciate any advice that can be offered by those who already audit to a process model. (If this has already been discussed can someone point me in the right direction)
Thanks

John
 
Elsmar Forum Sponsor
T

tschones

#2
John-

I am in a similar situation as you and we are still auditing by ISO element. However, I have read material from several sources that states that one "should" audit using a process model, but the standard hasn't change to say you must. However, because the standard is now more focused on process and the effectiveness of what you do, I believe that external auditors will look at linkages between processes more closely, and auditing by element will likely not catch any disconnects you have between processes.

Having said that and sensing the potential benefits of conducting process audits, some of the same material that I have read has me worried about the ramifications of moving from audit by element to process audits. I work in a relatively small company where the auditors are volunteers ranging from production operators, engineers, purchasers, technical specialists, financial specialists, etc., and we rotate them on a yearly basis, so I constantly have a new group to work with. Given this situation here are the potential hurdles as I see them:
1) Auditor training time will likely significantly increase and the quality of the auditors needed for the program will increase as well. Auditors are going to be expected to have better auditing skills, better understanding of the aspects of our business, it's processes and how processes relate to each other.

2) Auditors are going to have to be responsible for knowing all aspects of planning and preparing for an audit, in addition to conducting and reporting an audit. (Currently I'm doing all of the preparing and planning.) One source quoted "….auditor competence can be achieved with less than 40 hours of classroom training followed by one or two audits …as an auditor" (I'm currently delivering several hours of classroom training, followed by a quiz, and 3 OJT audits).

I'd like to hear from someone who has made this transition to see if these hurdles are as significant as they appear to be, and how they overcame them.
 
M

M Greenaway

#3
I think the main change of emphasis is that the process itself leads the audit, not the requirements of the standard.

As such you should schedule your audits to audit actual processes that occur in your business, not schedule to cover a certain clause in an audit.

Also you should not approach the audit from a list of requirements from the standard, you shoul daudit the process itself, then check back to the requirements as necessary.

Its just putting the horse in front of the cart again, however this is no change from 'best practice' that has been taught for many years.
 
J

JLMorris

#4
Thanks for the replies to my original questions, but I still have a certain amount of confusion
I guess that we have always looked at the processes, in that we have always a checked a department (manufacturing, sales, design or whatever) but we have always looked at the conformance to departmental procedures (to a small extent we have looked at documents and information that flows between departments). When we go into a department should I be looking at the areas in that Jim listed in ISO9004/8.2.1.3 - ie how effective and efficient are the processes? Where is there room for improvement? Are resources adequate? etc etc.

How should we look at continual improvement. Are we as auditors likely to be spotting the weaknesses, and ways of improvement. (I'm in a business where the high equipment costs mean that we are always looking at getting the most out of resources, so we are constantly looking at ways of improving the manufacturing process.) I know occasionally a fresh face can see something that has been tried before, but often it would be easy to go over old ground. Therefore it is very unlikely that auditors will spot further improvements that have not been seen by process operators before. Or should we be acting as a communication channel between those who may have the ideas to those who approve the resources etc to make the improvements? (We do not want to be seen as just coming up with ideas that have been suggested/tried before).
The same thing can happen with resources - when a process operator tells me that he needs X, Y or Z, I don't want to just be a mouthpiece back to management for something that he has been wanting for the last year!
I'm sure that there are going to be advantages to the process audits compared to procedural audits, but I'm struggling to come up with the right line of questionning to ask.

:confused:
 
T

TPM Slave

#5
I work for a manufacturing plant which produces fabric for Cars, this involves dying yarn, warping, weaving, finishing and lamination.
I get round the process audit clause by focusing on each process, starting with a schedule, are they working to a schedule, are they using the correct forms, procedures, are the masters being used, is production being logged, do the operators know what thwy are doing (Training), is the equipment maintained, is it calibrated, is stock being stored correctly, how is it moved to the next process.
This is my process audit. The system audits are carried out seperatly using the ts and quality manual.

I hope this helps.
;)
 
A

Aaron Lupo

#6
While I agree that audits should be done as a process and I have always performed my audits that why, can anyone tell me where inthe standard it states that you shall do process audits?
 
N

NYHawkeye - 2005

#8
JLMorris said:

The same thing can happen with resources - when a process operator tells me that he needs X, Y or Z, I don't want to just be a mouthpiece back to management for something that he has been wanting for the last year!
I agree that an auditor should not just be a mouthpiece back to management.

If I were doing the audit, however, and someone commented to me that they needed something to do their job I would assume from a process perspective that one of three problems (nonconformances) existed:

1. There is no process for determining and providing the resources needed as required by paragraph 6.1 of ISO 9001.

or

2. There is a process for determining and providing the resources needed but it is not working effectively.

or

3. There is a process for determining and providing the resources needed, it is working effectively, but no one has communicated to and/or convinced this person that they don't need the particular item in question.

I would probe this further to see what the problem is and then document it in the audit results. My guess is that in most organizations the problem will be either #1 or #2. Problem #3 usually goes away if there is a good process in place.
 
A

Aaron Lupo

#9
Jim Wade said:

Er .. I think it's in 8.2.2, Isoguy.

"An audit programme shall be planned, taking into consideration the status and importance of the processes ... to be audited"

And the "planned arrangements" we need to check are product realization (i.e core process) plans.

rgds Jim
Very good Jim, but now where does it say you have to do you audits as a process.
 
#10
Refer to para 0.2, 4.1, 7.1 for for the need to identify processes.
IMO it stands to reason that when you establish a process based approach to the quality management system you would in turn audit the process.
 
Thread starter Similar threads Forum Replies Date
M Canada - Registrars that allow e-auditing for ISO 9001? Registrars and Notified Bodies 4
S ISO 9001 Audit Observations - Transitioning my career into auditing Career and Occupation Discussions 16
S ISO 9001:2015 - Internal Auditing - Audit to the Standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
A How to approach ISO 9001:2015 Clause 7.1.6 when 3rd Party Auditing ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
M Principles of Auditing ISO 9001:2015 Internal Auditing 8
C Internal Auditing Requirements (ISO 9001:2008) Internal Auditing 3
L Auditing Design and Development in ISO 9001 (Internal Audit) Internal Auditing 1
T Where in the ISO 9001 standard it asks for process based auditing? Process Audits and Layered Process Audits 6
Gman2 Internal Auditing Requirements before ISO 9001 Registration ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
T ISO 9001 Internal Auditing Auditor Training in Amsterdam Training - Internal, External, Online and Distance Learning 1
Colin Interesting Discussion Potential Issues for Auditing ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 84
Stijloor ISO 9001 Auditing Practices Group ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
R Auditors Auditing Against ISO 9001:2015 Draft ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 33
D Auditing Human Resources (ISO 9001) Internal Auditing 11
D Auditing Management Support - ISO 9001:2008 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
K Auditing OHSAS 18001, ISO 9001 & ISO 14001 for 4 Business Units General Auditing Discussions 2
J Auditing the Budgeting Process (ISO 9001) General Auditing Discussions 13
J ISO 9001 Auditing Question General Auditing Discussions 18
E Auditing to ISO 9001:2008 Elements Internal Auditing 3
L Auditing Information Technology (IT) in the ISO 9001 workplace Internal Auditing 15
L Auditing Schedule to ISO 9001, ISO 13485, IVD, MDD and 21 CFR Part 820 General Auditing Discussions 8
D Training for ISO 9001:2008 Internal Auditing Training - Internal, External, Online and Distance Learning 10
S ISO 9001 prohibits auditors auditing their 'own work' while other standards don't? Internal Auditing 54
C The Holistic Approach to Internal Auditing (ISO 9001) Internal Auditing 14
A Process approach to auditing ISO 9001:1994 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
V Auditing of D&D (Design and Development) - ISO 9001 General Auditing Discussions 12
N Auditing to ISO 9001:2008 - How do we qualify ourselves? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 97
A A macro-process structure approach to auditing for ISO 9001:2000(8) General Auditing Discussions 19
W Internal Auditing - Processs Audit vs. Element Audit - ISO 9001 Process Audits and Layered Process Audits 6
J Checksheet for ISO 9001 Internal Auditing Internal Auditing 6
D External Auditing of Critical Suppliers - ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
L ISO 9001 Internal Auditing for Construction Company General Auditing Discussions 13
J ISO 9001 Auditing Issues - Even overtime sheets are auditable ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
D ISO 9001:2000 Checklist for Auditing Personnel/HR section Internal Auditing 12
J Auditor training - Is there a big difference between auditing ISO 13485 & ISO 9001? ISO 13485:2016 - Medical Device Quality Management Systems 8
A Auditing ISO 9001 without ISO 9001 knowledge or training ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
T Internal Auditing - ISO 9001 auditing vs. FDA CFR auditing - Which to choose? ISO 13485:2016 - Medical Device Quality Management Systems 5
L Auditing ISO 9001:2000 for Attitude? Internal Auditing 25
D Auditing 2 standards with 1 audit? TS 16949 and ISO 9001 Registrars and Notified Bodies 5
sathis Is auditing ISO 14001 and OHSAS similar to ISO 9001? General Auditing Discussions 1
Crusader Internal Auditing to ISO 9001 - How to schedule/plan and perform an ISO audit Internal Auditing 31
Crusader Auditing to ISO 9001: 6.2.2(d) General Auditing Discussions 6
M Seeking ISO 9001:2000 Auditing Tools - Check List, etc. General Auditing Discussions 6
Sidney Vianna ISO 9001 Auditing Practices Group - Guidance on Auditing Includes 9001:2015 Material General Auditing Discussions 62
V Auditing Hotels and Restaurants to ISO 9001:2000 - Service Industry Service Industry Specific Topics 3
M Does anyone have a checklist for auditing to the ISO 9001:1994 standards? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Marc Lead Auditor Course - Auditing to the ISO 9001:2000 Standard General Auditing Discussions 24
Marc Auditing ISO9001:2000 and Differences between ISO 9001:1994 and ISO 9001:2000 General Auditing Discussions 4
D ISO 13485, FDA 21 CFR 820 and Auditing the Accounting Department ISO 13485:2016 - Medical Device Quality Management Systems 5
C CE marking for general IVD (self-certified) & ISO 13485 QMS requirements - auditing EU Medical Device Regulations 6

Similar threads

Top Bottom