Auditing to ISO 9001:2000 - What is the Process Model in PRACTICAL terms

[JLMorris]

I am on the home straight with conversion to the new standard, but during a recent visit from our assessor, I was told that we have to be conducting our audits to a process model and the new standard. Can someone help to explain what this means in PRACTICAL terms, and the sort of questions I should be looking at.

Should I be concentrating on the interfaces between processes, the inputs and outputs to agreed objectives/specs etc? Should I forget about the conformance to work instructions & methods? However if we have written a work instruction or procedure (eg any one of the 6 required procedures) we would still want people to be doing things according to that (which will involve auditing to the old methods).
Maybe I am too stuck in the old mode of auditing.

I would appreciate any advice that can be offered by those who already audit to a process model. (If this has already been discussed can someone point me in the right direction)
Thanks

John

 

[tschones]

John-

I am in a similar situation as you and we are still auditing by ISO element. However, I have read material from several sources that states that one "should" audit using a process model, but the standard hasn't change to say you must. However, because the standard is now more focused on process and the effectiveness of what you do, I believe that external auditors will look at linkages between processes more closely, and auditing by element will likely not catch any disconnects you have between processes.

Having said that and sensing the potential benefits of conducting process audits, some of the same material that I have read has me worried about the ramifications of moving from audit by element to process audits. I work in a relatively small company where the auditors are volunteers ranging from production operators, engineers, purchasers, technical specialists, financial specialists, etc., and we rotate them on a yearly basis, so I constantly have a new group to work with. Given this situation here are the potential hurdles as I see them:
1) Auditor training time will likely significantly increase and the quality of the auditors needed for the program will increase as well. Auditors are going to be expected to have better auditing skills, better understanding of the aspects of our business, it's processes and how processes relate to each other.

2) Auditors are going to have to be responsible for knowing all aspects of planning and preparing for an audit, in addition to conducting and reporting an audit. (Currently I'm doing all of the preparing and planning.) One source quoted "….auditor competence can be achieved with less than 40 hours of classroom training followed by one or two audits …as an auditor" (I'm currently delivering several hours of classroom training, followed by a quiz, and 3 OJT audits).

I'd like to hear from someone who has made this transition to see if these hurdles are as significant as they appear to be, and how they overcame them.

 

[M Greenaway]

I think the main change of emphasis is that the process itself leads the audit, not the requirements of the standard.

As such you should schedule your audits to audit actual processes that occur in your business, not schedule to cover a certain clause in an audit.

Also you should not approach the audit from a list of requirements from the standard, you shoul daudit the process itself, then check back to the requirements as necessary.

Its just putting the horse in front of the cart again, however this is no change from 'best practice' that has been taught for many years.

 

[JLMorris]

Thanks for the replies to my original questions, but I still have a certain amount of confusion
I guess that we have always looked at the processes, in that we have always a checked a department (manufacturing, sales, design or whatever) but we have always looked at the conformance to departmental procedures (to a small extent we have looked at documents and information that flows between departments). When we go into a department should I be looking at the areas in that Jim listed in ISO9004/8.2.1.3 - ie how effective and efficient are the processes? Where is there room for improvement? Are resources adequate? etc etc.

How should we look at continual improvement. Are we as auditors likely to be spotting the weaknesses, and ways of improvement. (I'm in a business where the high equipment costs mean that we are always looking at getting the most out of resources, so we are constantly looking at ways of improving the manufacturing process.) I know occasionally a fresh face can see something that has been tried before, but often it would be easy to go over old ground. Therefore it is very unlikely that auditors will spot further improvements that have not been seen by process operators before. Or should we be acting as a communication channel between those who may have the ideas to those who approve the resources etc to make the improvements? (We do not want to be seen as just coming up with ideas that have been suggested/tried before).
The same thing can happen with resources - when a process operator tells me that he needs X, Y or Z, I don't want to just be a mouthpiece back to management for something that he has been wanting for the last year!
I'm sure that there are going to be advantages to the process audits compared to procedural audits, but I'm struggling to come up with the right line of questionning to ask.

 

[TPM Slave]

I work for a manufacturing plant which produces fabric for Cars, this involves dying yarn, warping, weaving, finishing and lamination.
I get round the process audit clause by focusing on each process, starting with a schedule, are they working to a schedule, are they using the correct forms, procedures, are the masters being used, is production being logged, do the operators know what thwy are doing (Training), is the equipment maintained, is it calibrated, is stock being stored correctly, how is it moved to the next process.
This is my process audit. The system audits are carried out seperatly using the ts and quality manual.

I hope this helps.

 

[Aaron Lupo]

While I agree that audits should be done as a process and I have always performed my audits that why, can anyone tell me where inthe standard it states that you shall do process audits?

 

[Sam]

Typical guidelines I use for a process audit.

 

[NYHawkeye - 2005]

JLMorris said:

The same thing can happen with resources - when a process operator tells me that he needs X, Y or Z, I don't want to just be a mouthpiece back to management for something that he has been wanting for the last year!

I agree that an auditor should not just be a mouthpiece back to management.

If I were doing the audit, however, and someone commented to me that they needed something to do their job I would assume from a process perspective that one of three problems (nonconformances) existed:

1. There is no process for determining and providing the resources needed as required by paragraph 6.1 of ISO 9001.

or

2. There is a process for determining and providing the resources needed but it is not working effectively.

or

3. There is a process for determining and providing the resources needed, it is working effectively, but no one has communicated to and/or convinced this person that they don't need the particular item in question.

I would probe this further to see what the problem is and then document it in the audit results. My guess is that in most organizations the problem will be either #1 or #2. Problem #3 usually goes away if there is a good process in place.

 

[Aaron Lupo]

Jim Wade said:

Er .. I think it's in 8.2.2, Isoguy.

"An audit programme shall be planned, taking into consideration the status and importance of the processes ... to be audited"

And the "planned arrangements" we need to check are product realization (i.e core process) plans.

rgds Jim

Very good Jim, but now where does it say you have to do you audits as a process.

 

[Sam]

Refer to para 0.2, 4.1, 7.1 for for the need to identify processes.
IMO it stands to reason that when you establish a process based approach to the quality management system you would in turn audit the process.