Cari,
Depends a lot on the type of business you're in, but generally I look at contract review as the process that happens when the work actually comes in the door. Contract review is not much more than answering the question "Do I have the capability to meet the customer requirements?" I tend to suggest that the review be limited to select people who have training and/or experience in what the company does.
As for auditing, my approach is to verify that the personnel authorized to perform contract review understand what the job entails (making sure the company has the ability to meet the customer requirements, both product and delivery), verifying that current orders that have been released internally match the requirements of the customer PO, and verifying that there is some indication that the review has been performed (often this is nothing more than a signoff on the PO).
Personally, I consider contract review a critical component of the quality system. The best audit, in my estimation, is that the customer requirements have been properly translated to internal paperwork.
Examples of a contract review failure that I've found include such things as customer requirement/company promise dates that don't match, customer spec callouts that aren't reflected on internal documentation in some way, customer revision levels that don't match, etc.
As for the systems that I've designed, the procedures define who can do the review, the customer document(s) that are reviewed, what items are critical in the review, the document that is created if the review is accepted, and the method used to indicate the review was accepted. The audits tend to compare the internal document to the customer document to make sure they match and that the person accepting responsibility for the review is authorized. Haven't had a problem yet.
If you send me an e-mail, I might be able to find a contract review internal audit checklist that I typically recommend for my clients.
Dan
[email protected]
