Document Review

B

Bumpebe1

#1
I'm looking for comments once again.

Prior to my company's upgrade certification to ISO 9001:2000 audit, our auditor will conduct an off-site review of our documents.

I received notification from the auditor requesting a copy of the company's Quality Manual, Quality Objectives, Quality Policy, Scope of registration, and the 6 mandatory procedures as required by ISO: (Doc Control, Record Control, Internal Audits, NC Product, Corrective Action and Preventive Action.

In addition to the above documents, I was asked to provide objective evidence of:

A. INTERNAL AUDIT RESULTS OF THE NEW REQUIREMENTS OF ISO 9001:2000

B. MANAGEMENT REVIEW MINUTES SHOWING A REVIEW OF THE INTERNAL AUDIT RESULTS.

:bonk: I'm confused. I think this is going beyond the scope of the document review accessment. I believe I have the right to withhold this information until the actual audit.

Comments please. I would appreciate your insight on this.
 
Elsmar Forum Sponsor
#2
Why withhold the information?

Well…. Our registrar asked me for similar details, and I didn’t mind. It helped them to prepare their audit well. It also saved time during the actual audit, making it more efficient, and they would have gone through that material anyway.

After all, we have to audit acc. to the standard and we have to go through the audit results in the MR.

It makes sense to me to give them that information. Why withhold it?:confused:

/Claes
 

Randy

Super Moderator
#3
Read your contract!! I'll bet this is specified. Most registrars will not initiate an audit until the organization has completed an audit cycle & management review. Why do you say? Because the Internal Audit and Management Review have to be audited like everything else, if they haven't taken place and you have no records, they don't exist. Also if you haven't done your audit how can corrective and preventive actions be assessed.

Why would you want to with hold information about your audits and review anyway? If you go into this arrangement with the "I don't have to tell them anything" attitude like you seem to have displayed in your post you'll be destroying or at the minimum diminishing the positive potential of the process when, and I say when not if, your auditors detect it.
 

RoxaneB

Super Moderator
Super Moderator
#4
I agree with Claes and Randy. I don't see a problem in providing this information ahead of time...in fact, I wish my own Auditor had asked for it so I could have had more "bang for my buck" during the actual Audit.

Is it going beyond the scope of a document review? Probably...but, like Claes and Randy, I see no benefit to withholding the information at this time.....unless you haven't done the Audit and reviewed the results? Just asking. :truce:
 
#5
My only issue is with the "MANAGEMENT REVIEW MINUTES ". I would be satisfyed with "MANAGEMENT REVIEW RECORDS", however. It just bugs me when everyone assumes the standard requires management review meetings. But aside from that, one reason for the doc review is to see if you're ready for the on-site. It is rather expensive for them to go to your site only to find you haven't met the management review requirements. This way they save both organizations both time and money.

Randy said:
...until the organization has completed an audit cycle
Quick question Randy...In your opinion what constitutes an audit cycle? Auditing the entire QMS (EMS) or performing an audit, performing corrective action and verifying the corrective action? Does the word cycle refer to the schedule, or the PDCA of an audit?
 
B

Bumpebe1

#6
Thanks for everyone's comment. The information is available. I didn't mean to sound like I'm hiding or not willing to share information. I have had some tough experiences with auditors and didn't want to be jerked about and that is why I ask for your comments. The first experience I had with document review for my company was on-site and the auditors only looked at our procedures. I am hesitant on the management review information being sent outside the company. But I guess the confidentaility clause will take care of my concerns there. The management review requirements are met through several different meetings at our site. During surveillance audits, we present the minutes from the different meetings to show conformance to the requirement. I'll have to talk to the auditor to determine the best way to present this.
 

RoxaneB

Super Moderator
Super Moderator
#7
Bumpebe1 said:
Thanks for everyone's comment. The information is available. I didn't mean to sound like I'm hiding or not willing to share information. I have had some tough experiences with auditors and didn't want to be jerked about and that is why I ask for your comments. The first experience I had with document review for my company was on-site and the auditors only looked at our procedures. I am hesitant on the management review information being sent outside the company. But I guess the confidentaility clause will take care of my concerns there. The management review requirements are met through several different meetings at our site. During surveillance audits, we present the minutes from the different meetings to show conformance to the requirement. I'll have to talk to the auditor to determine the best way to present this.
The confidentiality aspect to an Audit is there to keep us from worrying about "dem varmits" telling rival companies about our processes. They may say things like "I have a client who does xyz" but they won't provide a name or specific details/results.

I think we all have war stories from External Audits...and I'm certain that somewhere there exists a therapy group for External Auditors and their horrible experiences auditing us! :vfunny: But, hey, at the end of the Audit, you can make up some shirts for everyone that say "I Survived BSI 2003!" ;)

Good idea to talk to your Auditor. Find out the specifics of what they want so that (a) you don't overwhelm him/her and (b) you don't provide more than is necessary. ;)

Good luck and let us know how it goes!
 

Randy

Super Moderator
#8
Bumpebe1 said:
The management review requirements are met through several different meetings at our site. During surveillance audits, we present the minutes from the different meetings to show conformance to the requirement. I'll have to talk to the auditor to determine the best way to present this.
What you're doing is exactly what I look for. MR is identified as a process, not an event. Conducting reviews on a continual basis instead of once a year keeps the flow going and contributes to everyone staying aware and system improvement. Your last statement shows a level of wisdom that some fail to disply. TALK to the auditor, or better yet talk with the auditor. There are some things this person cannot or should not do, but any auditor worth his/her salt will be willing to share what they have seen in other places.

db....the way that I view a cycle is through the standard and across the organization, with the relevent C&P actions. I tell people to not wait until they think their system is in place before doing this. The audit cycle should start during implementation (write it into the audit program/schedule), not after. The audit should also be handled as a continual process and not an event.
 
#9
Randy said:
What you're doing is exactly what I look for. MR is identified as a process, not an event. Conducting reviews on a continual basis instead of once a year keeps the flow going and contributes to everyone staying aware and system improvement. Your last statement shows a level of wisdom that some fail to disply. TALK to the auditor, or better yet talk with the auditor. There are some things this person cannot or should not do, but any auditor worth his/her salt will be willing to share what they have seen in other places.

db....the way that I view a cycle is through the standard and across the organization, with the relevent C&P actions. I tell people to not wait until they think their system is in place before doing this. The audit cycle should start during implementation (write it into the audit program/schedule), not after. The audit should also be handled as a continual process and not an event.
First, I agree that yearly MR is not the way to go. I do have a QMS client that has a yearly meeting but has several bullets that would automatically trigger a MR within 30 days. Examples of the bullets are such things as adding or subtracting a customer, receiving a major nonconformance, customer complaints (imagine...one customer complaint triggers a MR), etc.

Secondly, I also agree that you need to talk with the auditor. Sometimes I wonder if half the problem is what we tend to enter into the audit with an attitude.

Thirdly, if I read you correctly, your answer on my audit cycle is not an either or, but a both and. (which also I agree with)
 

Randy

Super Moderator
#10
Now I'm flabbergasted :eek:

I don't think this has happened before when so many points I've made were agreeded to at the same time.

Cool!!
 
Thread starter Similar threads Forum Replies Date
M Setting deadlines (ex. 45 days) for Document Registration & Review Cycle Document Control Systems, Procedures, Forms and Templates 3
D Document review on already approved registrations requested by China's NMPA? China Medical Device Regulations 3
A A purpose of a Stage 1 audit - Off site document review Registrars and Notified Bodies 3
L Document review is a kind of verification? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 5
S Document Review Problems ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
T Document Review And Sign Off Second Person Review - FDA Requirements ISO 13485:2016 - Medical Device Quality Management Systems 5
M I Attached My first Document Control Procedure for your Review ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
Gman2 My Attached Document Control Procedure for your Review ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
M Seven Document Review Nonconformances General Measurement Device and Calibration Topics 9
S How to document revisions after Periodic Review of documents ? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
I Does ISO 13485 have a Periodic Document Review Requirement? ISO 13485:2016 - Medical Device Quality Management Systems 7
Casana 7.6 How to document review of out-of-calibration equipment ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
V Document Review Requirements for SQF 2000 (Safe Quality Food Standard) Various Other Specifications, Standards, and related Requirements 3
Q Method of Document Management (Control) in Engineering - Please Review ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
P Company Conducted Internal Audit Offsite using a Document Review Process Internal Auditing 65
V How do you manage the Review Comments post to Approval of a Document Document Control Systems, Procedures, Forms and Templates 3
W Please review and critique our new Document Control Procedure ISO 13485:2016 - Medical Device Quality Management Systems 4
L ISO 9001 Document Review and Approval Form Requirements Document Control Systems, Procedures, Forms and Templates 6
T Fulfilling ISO 9001 Document Review Requirements Document Control Systems, Procedures, Forms and Templates 21
J Document Control Procedure - Review and Feedback Needed Document Control Systems, Procedures, Forms and Templates 9
T Participation in the Document Review Process from Multiple Sites ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
R Who should document the Design Review Meeting and Design History File? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 8
S Process Map of Document Control - Review wanted (Visio) Document Control Systems, Procedures, Forms and Templates 7
A Management Review Process Document Management Review Meetings and related Processes 5
S Document Control Procedure Please Review Document Control Systems, Procedures, Forms and Templates 37
L Regular/Annual Document Review in a Company with Thousands of Work Instructions Document Control Systems, Procedures, Forms and Templates 18
T Changes to document control procedure - need review Document Control Systems, Procedures, Forms and Templates 4
M Where to get a PDF document with wages from ASQ salary review issue Career and Occupation Discussions 5
S Defining Document Review and Approval responsibilities - ISO 13485 - Medical Device Document Control Systems, Procedures, Forms and Templates 3
R Medical Device Product Requirements Document (PRD) a "Design Review"? Design and Development of Products and Processes 4
M Registrar Nightmare... Document Review and Other Auditor Issues ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 76
M Edit rights in document control / document review Document Control Systems, Procedures, Forms and Templates 15
C TS 16949 Document Review By Registar - What will the registrar look for? IATF 16949 - Automotive Quality Systems Standard 9
CalRich How to Document Review of Electronic Documents? Document Control Systems, Procedures, Forms and Templates 2
P Difference between Document Review and Document Verification ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
M Document Review Audit Findings - Design and Process Approach Design and Development of Products and Processes 2
L Stage One Audit vs. Document Review - TS16949 - Need clarification IATF 16949 - Automotive Quality Systems Standard 5
M Internal Document Numbering System - Please review and advise Document Control Systems, Procedures, Forms and Templates 7
L Document Review Frequency Document Control Systems, Procedures, Forms and Templates 24
R ISO 9001:2000 Document Review Tomorrow ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 32
H Potential Field Failure - Document in management review? Management Review Meetings and related Processes 2
J Is there a need to create a "Contract Review" checklist or document? Contract Review Process 19
S What is a Desk Audit? What should I expect? A Document Review? IATF 16949 - Automotive Quality Systems Standard 4
T Document Review and Approval Form - Examples Attached Document Control Systems, Procedures, Forms and Templates 11
B Document Approval Matrix Benchmarking Document Control Systems, Procedures, Forms and Templates 3
J Document Approval Signature Order Document Control Systems, Procedures, Forms and Templates 10
L How to add exemption or statement to control of document procedure? ISO 13485:2016 - Medical Device Quality Management Systems 5
M What is the proper way to document measurements Measurement Uncertainty (MU) 1
P Equipment 21 CFR 820.70(g) - User Requirements Document for Off the shelf equipment 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 7
B Do IFU designs have to be document controlled under ISO 13485? Document Control Systems, Procedures, Forms and Templates 2

Similar threads

Top Bottom