Effective Auditing advice needed

qualprod

Trusted Information Resource
#1
Hi everybody

I tried to find a topic related to my doubt and didn't find anything, and that is the reason of my question.
When auditing internally, and the scope is to verify compliance against 9001 2015.

What do you do?, do you question each clause and subclause of the standard even if the is repeated?
An example: (only are shown e and g)

9.1.3 Analysis and evaluation
The organization shall analyse and evaluate appropriate data and information arising from monitoring
and measurement.
The results of analysis shall be used to evaluate:
e) the effectiveness of actions taken to address risks and opportunities;
g) the need for improvements to the quality management system.


If you audit e) and g) and the auditee showed you evidences that really took into consideration effectiveness
and also showed continual improvements, so both subclauses are in compliance.

But you walk thru the standard and arrive at 9.3.2 and 10.3

9.3.2 Management review inputs (only shown e))
The management review shall be planned and carried out taking into consideration:
e) the effectiveness of actions taken to address risks and opportunities (see 6.1);

10.3 Continual improvement
The organization shall continually improve the suitability, adequacy and effectiveness of the quality
management system.

The organization shall consider the results of analysis and evaluation, and the outputs from
management review, to determine if there are needs or opportunities that shall be addressed as part of
continual improvement.

So, 9.1.3 e) and g) were already audited and ok, why to audit 9.3.2 and 10.3, don´t you think is wasted time?
or the criteria is not to audit 9.3.2 and 10.3, and do a cross-check in both sub clauses without mentioning them to the auditee?
What is the practice which is approved by ISO? are there some rules in this regard?

Thanks
 
Elsmar Forum Sponsor
#4
Depending on the provider, my experience is that UKAS accreditation is pretty good... As long as a) the instructor doesn't see everything through the eyes of a CB auditor and b) the materials also make a differentiation between external and internal audits, you should be good. Sadly, in 20+ years of this stuff, too many, far too many, instructors believe in a "one size fits all" way of auditing.
 

mattador78

Involved In Discussions
#5
Depending on the provider, my experience is that UKAS accreditation is pretty good... As long as a) the instructor doesn't see everything through the eyes of a CB auditor and b) the materials also make a differentiation between external and internal audits, you should be good. Sadly, in 20+ years of this stuff, too many, far too many, instructors believe in a "one size fits all" way of auditing.
I'm going for an internal one for iso 9001. Where I work I have moved in to quality and we are moving towards as9100d in the next Cpl of years so I as the H/S manager got nominated due to the fact every course I go on I pass, seems to be an ever growing list at the moment. Problem where I work has been the fact that we expanded really quickly about 5 years ago (ive worked here for 20) and to speed up the growth we have been using outside consultancy for ISO auditing and nobody has really got to grips with it here. My knowledge and use of PDCA in health and safety through my NEBOSH training meant im ahead of the curve on most of the management here so ive been moved across and up a Cpl of levels to lead the AS9100D project here. Thankfully my longstanding here means I have a good rapport with the directors and they agree understanding ISO is the key to understanding AS and I have a bit of a carte blanche when it comes to what, I need I am enjoying the challenge and the learning experiences coming on here each day helps as well and being allowed do it in work hours to top up knowledge is a joy perhaps some others don't get as easy
 

mattador78

Involved In Discussions
#6
Depending on the provider, my experience is that UKAS accreditation is pretty good... As long as a) the instructor doesn't see everything through the eyes of a CB auditor and b) the materials also make a differentiation between external and internal audits, you should be good. Sadly, in 20+ years of this stuff, too many, far too many, instructors believe in a "one size fits all" way of auditing.
Not sure why but you response earlier isn't showing so replying to this one again. I have no formal training in auditing hence attending this course, I completely agree the AS standard isn't really much more than a Cpl of paragraphs more than the ISO standard hence doing an internal ISO audit course to formalise my training and confirm my "competency" to run the QMS. A change of ownership 2 years ago has really highlighted how weak we have been in the future proofing the business as a whole, our production side exceeds the market standard for AS and for NADCAP, we know we have all the tests performed. However our control and transaction side are weaker than they need and should be, a BSI auditor has been helping us make these changes over the past few months a great guy we know from him working at Rolls Royce his description of us at work was a ballet of organised chaos! My job now is to remove the chaos lol
 
#7
I had gone off topic, thinking that you'd had some auditor training as an HSE person, then realized this was your first time.
 

mattador78

Involved In Discussions
#8
I had gone off topic, thinking that you'd had some auditor training as an HSE person, then realized this was your first time.
I have a small amount of auditing experience however no formal training usually its been me walking through with auditors here due too my knowledge of all the processes and what not to tell them :notangel:
 

qualprod

Trusted Information Resource
#9
Have you attended an auditor training course?
Hi everybody

I tried to find a topic related to my doubt and didn't find anything, and that is the reason of my question.
When auditing internally, and the scope is to verify compliance against 9001 2015.

What do you do?, do you question each clause and subclause of the standard even if the is repeated?
An example: (only are shown e and g)

9.1.3 Analysis and evaluation
The organization shall analyse and evaluate appropriate data and information arising from monitoring
and measurement.
The results of analysis shall be used to evaluate:
e) the effectiveness of actions taken to address risks and opportunities;
g) the need for improvements to the quality management system.


If you audit e) and g) and the auditee showed you evidences that really took into consideration effectiveness
and also showed continual improvements, so both subclauses are in compliance.

But you walk thru the standard and arrive at 9.3.2 and 10.3

9.3.2 Management review inputs (only shown e))
The management review shall be planned and carried out taking into consideration:
e) the effectiveness of actions taken to address risks and opportunities (see 6.1);

10.3 Continual improvement
The organization shall continually improve the suitability, adequacy and effectiveness of the quality
management system.

The organization shall consider the results of analysis and evaluation, and the outputs from
management review, to determine if there are needs or opportunities that shall be addressed as part of
continual improvement.

So, 9.1.3 e) and g) were already audited and ok, why to audit 9.3.2 and 10.3, don´t you think is wasted time?
or the criteria is not to audit 9.3.2 and 10.3, and do a cross-check in both sub clauses without mentioning them to the auditee?
What is the practice which is approved by ISO? are there some rules in this regard?

Thanks
Yes, but the issue was in debate here sometime and was not so clear for me.
I remember Randy followed the criteria I said.
Thanks
 
#10
QualProd - from your post, it seems you are auditing from the "element" of the standard, which isn't the "Preferred" approach. Internal audits shouldn't really be being done on the requirements, unless we're talking about very early in the implementation - is that your situation?

Because you have taken this approach to audit elements, you have put yourself into this conundrum. BTW there is no "ISO approved practice". You should take a look at what and why you are auditing. Unless you have a clear understanding of these things - in other words your audit program as a whole - you will keep encountering such riddles and you won't ever actually audit your QMS, all you'll be able to tell management is that you do/don't comply with ISO 9001 which doesn't tell them anything useful.

I'd strongly suggest you go back to basics and ask yourself the question what is it you're auditing, why, how it should be audited and what benefit does it bring to management as an independent view of the business.
 
Thread starter Similar threads Forum Replies Date
P What is Effective Maintenance? Auditing a Maintenance Department Manufacturing and Related Processes 5
B Systems Auditing (TS 16949) - Example of an effective systems audit IATF 16949 - Automotive Quality Systems Standard 2
S Effective nonconforming process for AS9100 8.7 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
M Informational TGA presentation: How to submit an effective good manufacturing practice clearance application Medical Device and FDA Regulations and Standards News 0
N Validation procedure, Major NC CAP - Equipment Validation process is not effective ISO 13485:2016 - Medical Device Quality Management Systems 5
A Cost effective thread gaging with ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
S Root cause analysis - The system of developing a work instruction is not effective Problem Solving, Root Cause Fault and Failure Analysis 1
T Effective Date on Documents 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 12
Q Simple and effective way to maintain Training Matrix ISO 13485:2016 - Medical Device Quality Management Systems 16
J If Corrective and Preventive Action were truly Effective IATF 16949 - Automotive Quality Systems Standard 3
qualprod Risk closeout , mitigation was not effective, next? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
J Specific Actions where Timely and/or Effective Actions are not Achieved Nonconformance and Corrective Action 6
Q Predating Document Effective Date Other Medical Device and Orthopedic Related Topics 18
P Thai FDA postpone AMDD to be effective in 2020 Other Medical Device Regulations World-Wide 1
S Sell a Non-RoHS device, manufactured before RoHs regulations became effective? EU Medical Device Regulations 2
J What does "effective implementation of quality management system" mean? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
N What does an effective design process look like? (shoots flare in the air) Design and Development of Products and Processes 2
M Corrective Action - For a corrective action to be effective, a change is required? Nonconformance and Corrective Action 5
R 5.4.1 Quality Objectives - Nonconformity: The process was not fully effective ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 36
R Training to Effective Documents - Transitioning to Agile Document Control Systems, Procedures, Forms and Templates 5
R Good Supply Practices that will be effective on March 1 2015 in China China Medical Device Regulations 2
Keith Childers IATF has posted new GM Customer Specifics, effective January 2015 Customer and Company Specific Requirements 5
B Medical Device Labeling - Order No. 6 Effective Oct 01, 2014 China Medical Device Regulations 7
R CFDA updated five regulations to be effective from October 1, 2014 China Medical Device Regulations 16
T Qualification System of Internal Auditors is not Effective General Auditing Discussions 5
A A Guide to Effective Internal Management System Audits Book, Video, Blog and Web Site Reviews and Recommendations 2
D Effective Date of updated SOP Document Control Systems, Procedures, Forms and Templates 3
A Effective Date (of Documents) issue outlined in 21 CFR Part 820.4 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 11
P Effective way for DC/DC conversion for 2 MOPP @ 250VAC IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
J Want best and effective solution for mouth infection Coffee Break and Water Cooler Discussions 11
S New FAA Form 8130-3 Effective 2/1/14 - Unlocked version attached Federal Aviation Administration (FAA) Standards and Requirements 3
P Effective Road Usage Coffee Break and Water Cooler Discussions 9
H How to make the Design Review Process Effective Design and Development of Products and Processes 1
Q Effective 1st Piece Inspection Sign Off Procedure Quality Manager and Management Related Issues 8
QMMike What is the most cost effective SPC software Statistical Analysis Tools, Techniques and SPC 5
Y Delivering an effective and all inclusive EHS program in a Food company Food Safety - ISO 22000, HACCP (21 CFR 120) 2
F Suggestions for quick & effective solution for Continuous Improvement Requirements ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 14
T Very effective movie about clean-up - Tool for 5S Training Lean in Manufacturing and Service Industries 4
M AS 9100 4.2.4 Process for making changes to records is not fully effective Quality Manager and Management Related Issues 4
Q Process Approach & Continual Improvement Clauses and Evidence of its Effective Use ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
M 8.2.2 Internal Audit - Determination of Effective Implementation IATF 16949 - Automotive Quality Systems Standard 4
L Audit NC - Lack of Effective Corrective Action Process ISO 13485:2016 - Medical Device Quality Management Systems 4
P Which Root Cause Analysis Method is the most Effective? Quality Tools, Improvement and Analysis 16
J Cost Effective Solution for Isolating USB 5V 500mA Power IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
Q Are ECO's closed after they are shown to be Effective? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
V What are the Steps in Ensuring a Definition/Implementation of an Effective Procedure Document Control Systems, Procedures, Forms and Templates 3
K Minimum Requirements for Effective Document Control Document Control Systems, Procedures, Forms and Templates 2
V Biggest bottleneck/hurdle in Implementation of Effective Design FMEA FMEA and Control Plans 4
ScottK When do you make your new or changed documents effective? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
V 10 Characteristics of Effective Quality Management Systems Misc. Quality Assurance and Business Systems Related Topics 2

Similar threads

Top Bottom