SBS - The Best Value in QMS software

CB/Auditor Requiring a change in scope

Ralba

Involved In Discussions
#1
Last year, we finished a AS9100 audit and a ISO13485 Audit, and a maintenance audit on our ISO9001. We just were notified that the auditor for the ISO13485 audit put in a change for our scope without telling us to add "of medical devices" to the end of the scope, thus limiting our entire scope of ISO9001 to ONLY medical devices.

We wholeheartedly believe that compliance can be applied from the perspective of best business practices, so we apply each of our compliances across our entire QMS, and do not have any separation aside from Medical Device Files, which we currently have none of (we mostly do prototypes in medical devices). During the audit, the auditor did mention the scope change as an Opportunity for Improvement, but we just ignored it as we did not want to limit our scope. The audit was not solely over the medical projects, so it did not make sense to us to do from the start.

I asked the CB what prompted the change, and found out that he had put it in his audit report that our scope needed to change. I wanted to ask if anyone here has experience with this issue before I respond further to our CB.
 
Elsmar Forum Sponsor

somashekar

Staff member
Super Moderator
#2
Last year, we finished a AS9100 audit and a ISO13485 Audit, and a maintenance audit on our ISO9001. We just were notified that the auditor for the ISO13485 audit put in a change for our scope without telling us to add "of medical devices" to the end of the scope, thus limiting our entire scope of ISO9001 to ONLY medical devices.

We wholeheartedly believe that compliance can be applied from the perspective of best business practices, so we apply each of our compliances across our entire QMS, and do not have any separation aside from Medical Device Files, which we currently have none of (we mostly do prototypes in medical devices). During the audit, the auditor did mention the scope change as an Opportunity for Improvement, but we just ignored it as we did not want to limit our scope. The audit was not solely over the medical projects, so it did not make sense to us to do from the start.

I asked the CB what prompted the change, and found out that he had put it in his audit report that our scope needed to change. I wanted to ask if anyone here has experience with this issue before I respond further to our CB.
Seems like your CB missed out on the basic scope clarification in line with the standard ISO 13485 with you at the outset....
This cannot be done to the ISO 9001 certificate. You will have to get a new ISO 13485 certificate and the scope in this has to be clear in respect to medical devices.
Scope change as an opportunity for improvement ... ?? Sorry, your CB is confused.
 
Last edited:

yodon

Staff member
Super Moderator
#3
We're registered to both 9001 and 13485 and we are issued 2 certifications. The scope in each is slightly different. Are they saying they'll issue 1 cert to you against all 3 standards? That doesn't seem right.

I have seen an increase in "pickiness" about the scope. Don't know if it's a battle you can win outright.
 

Tagin

Trusted Information Resource
#4
It is outrageous for an auditor to submit a change to your scope without your knowledge or approval. The scope is something your company defines - it speaks to what your company is and does. If the auditor had a problem with the wording, he should have created an audit NC.

The CB should undo that unauthorized change at their expense. If they still feel the scope language is a problem they can issue you an NC. You can then choose to reword the scope, or to fight the NC.
 

mpfizer

Involved In Discussions
#5
We're registered to both 9001 and 13485 and we are issued 2 certifications. The scope in each is slightly different. Are they saying they'll issue 1 cert to you against all 3 standards? That doesn't seem right.

I have seen an increase in "pickiness" about the scope. Don't know if it's a battle you can win outright.
We're registered to both 9001 and 13485 and we are issued 2 certifications. The scope in each is slightly different. Are they saying they'll issue 1 cert to you against all 3 standards? That doesn't seem right.

I have seen an increase in "pickiness" about the scope. Don't know if it's a battle you can win outright.
Just a question
Do the scopes of ISO 9001 and 13485 be exactly similar ?
michelle
 

Ralba

Involved In Discussions
#7
It is outrageous for an auditor to submit a change to your scope without your knowledge or approval. The scope is something your company defines - it speaks to what your company is and does. If the auditor had a problem with the wording, he should have created an audit NC.

The CB should undo that unauthorized change at their expense. If they still feel the scope language is a problem they can issue you an NC. You can then choose to reword the scope, or to fight the NC.
The auditor they used was also the auditor who did our initial cert, but he did not do the first surveillance audit. From my conversations on here and with him, I am thinking he made a mistake when he first issued the 13485 certification and was supposed to ask for the medical designation then. This is NOT the kind of auditor to admit he made a mistake, or even hint at it. I believe he wanted us to say we made a mistake and request the change when he gave it as an OFI during the audit. When we didn't, he just tried to sneak it into the audit report. I have to say the 7:00PM email I received on Friday about this had me saying worse things than "outrageous" :vfunny:.

Changing the ISO13485 to medical is not a big deal for us, but trying to change our ISO9001 is a huge deal for us, especially with our AS9100 needing the same scope unless we want two separate audit schedules.
 

Ralba

Involved In Discussions
#8
We're registered to both 9001 and 13485 and we are issued 2 certifications. The scope in each is slightly different. Are they saying they'll issue 1 cert to you against all 3 standards? That doesn't seem right.

I have seen an increase in "pickiness" about the scope. Don't know if it's a battle you can win outright.
We have three certifications, one that is ISO13485, one that is ISO9001, and one that is AS9100. They had all the same scope (everything that we do) until this issue. They sent me a revised ISO9001 certificate, so I am beginning to think they just got their wires crossed and meant to revise the ISO13485 certification only.

Still not okay to do without our approval or a formal explanation on how we fail to meet our stated scope, but much more understandable.
 

Ralba

Involved In Discussions
#9
UPDATE-in case anyone was following this and would benefit from knowing how this went down:

I emailed the CB and informed them that changing the ISO13485 would make sense, but changing the ISO9001 would be problematic. I asked if maybe there was some miscommunication on their end and asked them to check. The auditor was CC'd into the email chain.
The administrator that sent me the revised ISO9001 certification then sent me two more certifications, a medically only ISO13485 and a reverted ISO9001. They apologized for the mixup.

Alls well that ends well.
 
Thread starter Similar threads Forum Replies Date
Ed Panek Auditor MDR (Presub audit) finding EU Medical Device Regulations 2
I Freelance VDA6.3 Auditor at TURKEY VDA Standards - Germany's Automotive Standards 0
M VDA 6.3 – Workshop for Certified Process Auditor VDA Standards - Germany's Automotive Standards 1
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
W Redacting Info Before Giving to Auditor ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
T Quality auditor legal right to see Board meeting minutes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 15
V Certified Auditor - Need of additional certification specific to industry ( GMPs) ASQ vs ECA vs others Professional Certifications and Degrees 1
V Internal Auditor Competency KPI IATF 16949 - Automotive Quality Systems Standard 15
R American Petroleum Institute - Becoming an API Auditor Professional Certifications and Degrees 2
B Lowest cost way to pass Lead Auditor exam ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
B Internal Auditor Competency - Product Auditors Internal Auditing 9
U Internal Auditor not trained but done Audit for some process Nonconformance and Corrective Action 5
Z Auditor Findings ISO 14001:2015 vs. 45001:2015 ISO 14001:2015 Specific Discussions 6
B IATF16949 audit requirement - Auditor request UCL and LCL must be show Xbar-R, IATF 16949 - Automotive Quality Systems Standard 7
A Becoming an ISO27001 3rd Party Auditor Career and Occupation Discussions 4
L ASQ's Biomedical Auditor Course Test ASQ - American Society for Quality 1
M Tips on preparing for IATF 16949 Internal Lead Auditor exam Manufacturing and Related Processes 1
G Same parts but new customer - What will the auditor ask me? IATF 16949 - Automotive Quality Systems Standard 2
Gun46 ISO 9001 : 2015 Lead Auditor Exam General Auditing Discussions 16
K %GRR was between 10-30% so we have to have a "backup plan" per auditor IATF 16949 - Automotive Quality Systems Standard 15
S ISO 13485 Lead Auditor - Debate between our Quality Team and Regulatory Auditor - Internal Auditor Training ISO 13485:2016 - Medical Device Quality Management Systems 42
R ISO 45001 Lead Auditor Exam paper Training - Internal, External, Online and Distance Learning 1
B Internal and external auditor competency to CSR's IATF 16949 - Automotive Quality Systems Standard 20
A Our auditor told if we didn't have a patent we would have to do a validation or verification ISO 13485:2016 - Medical Device Quality Management Systems 6
W Certification for IATF Lead Auditor will expire in 2020 IATF 16949 - Automotive Quality Systems Standard 2
D Impartiality of Internal Auditor ISO 9001/13485 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
Ed Panek Auditor driving us nuts - ESD requirements ISO 13485:2016 - Medical Device Quality Management Systems 23
A OHSAS 18001 external auditor finding personal interpretation? Occupational Health & Safety Management Standards 5
S IRCA Lead Auditor training and Exam tips Training - Internal, External, Online and Distance Learning 5
L ASQ CBA biomedical auditor - CBA primer material is enough to study? ISO 13485:2016 - Medical Device Quality Management Systems 6
B VDA 6.3 Qualification as Process Auditor training course and exam VDA Standards - Germany's Automotive Standards 0
F ISO 21001 Educational Organizations Management - How to become an auditor Other ISO and International Standards and European Regulations 1
J Getting training either from ASQ or from SAI Global - ISO 9001 Lead Auditor training Training - Internal, External, Online and Distance Learning 1
P ASQ Certified Biomedical Auditor (CBA) Certification Preparation 2019 ASQ - American Society for Quality 3
M Medical Device Design Control Auditor Recommentations General Auditing Discussions 19
G Third party auditor mentions no grace period for calibration Calibration Frequency (Interval) 22
D Where (in US) can I get the VDA Auditor Edition book? VDA Standards - Germany's Automotive Standards 3
S AIAG CQI Auditor Qualification and 3rd Party Certification Requirements General Auditing Discussions 2
M IATF 16949 7.2.3 Internal Auditor Competency - Trainer's competency Internal Auditing 7
C Recommendations for UK-based ISO 13485 internal auditor training ISO 13485:2016 - Medical Device Quality Management Systems 1
Sidney Vianna AS9100 News July 2019 AAQG/RMC CB Auditor Workshop - Presentation Materials AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 0
D Scope of Facility - Our auditor asked us last week for our "Scope of the Facility" AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 12
A ISO 9001 lead auditor as Full time career India Career and Occupation Discussions 2
J Manufacturing Process Auditor Requirements - IATF 16949 IATF 16949 - Automotive Quality Systems Standard 11
GreatNate ISO 9001:2015 Lead Auditor Course? (who to take with) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 15
A External Auditor issue with Internal Audits Internal Auditing 7
Q Internal Auditor competence for ISO 14001 ISO 14001:2015 Specific Discussions 11
S IATF 16949: Is "Certified" Internal Auditor mandatory? IATF 16949 - Automotive Quality Systems Standard 9
S Internal Auditing for API Spec Q1 - auditor qualification requirements Oil and Gas Industry Standards and Regulations 6
J Your opinion on the better training org for IATF16949 Internal auditor and Lead Auditor IATF 16949 - Automotive Quality Systems Standard 3

Similar threads

Top Bottom