External Audit Observation Clause 6.1.1 and 6.1.2

oonagh

Starting to get Involved
Hi Can someone help me please.

I work in a small BMS Controls Company with 4 Engineers and 11 staff in total.

Our usual external auditor has passed us 4 years in a row with no observations, I have done everything like I normally do, We had a new external auditor this year and we have been given an observation as follows:

Risks & Opportunities - Whilst risk and opportunities have been documented, not all issues identified following the organisation's context, SWOT and interested parties needs and expectations analysis have been formally assessed. (ISO90012015, Clause: 6.1.1 & 6.1.2).
 

Randy

Super Moderator
Observation? Forget it and move on, the issues are those important to you not the "$%?*&" auditor!
 

Kronos147

Trusted Information Resource
Risks & Opportunities - Whilst risk and opportunities have been documented, not all issues identified following the organisation's context, SWOT and interested parties needs and expectations analysis have been formally assessed. (ISO90012015, Clause: 6.1.1 & 6.1.2).

Observation? Forget it and move on, the issues are those important to you not the "$%?*&" auditor!

"Whilst" I agree in spirit with Randy, the way I see it observations are often the bread crumbs which subsequent auditors follow.

Did the observation include any specificity?

Perhaps it may be prudent to document a brief discussion of each of these issues and what, if anything, was assessed. Notes such as 'risk accepted' or 'contingency x put in place'. Add these notes to the objective evidence of your management quality review meeting minutes, and you will have something to show an aggressive auditor.

I call that 'risk mitigation.' :cool:
 

oonagh

Starting to get Involved
"Whilst" I agree in spirit with Randy, the way I see it observations are often the bread crumbs which subsequent auditors follow.

Did the observation include any specificity?

Perhaps it may be prudent to document a brief discussion of each of these issues and what, if anything, was assessed. Notes such as 'risk accepted' or 'contingency x put in place'. Add these notes to the objective evidence of your management quality review meeting minutes, and you will have something to show an aggressive auditor.

I call that 'risk mitigation.' :cool:
 

oonagh

Starting to get Involved
Thank you so much for your replies.

I have asked her to clarify what is meant by the observation as I am not sure and she is still to get back with a reply. She did however mention that if the observation is not corrected by the next external audit it will be classed as non conformance.
 

oonagh

Starting to get Involved
Thank you so much for your replies.

I have asked her to clarify what is meant by the observation as I am not sure and she is still to get back with a reply. She did however mention that if the observation is not corrected by the next external audit it will be classed as non conformance.
Apologies, I mean to add in reference to your question Kronos147. no, there were no other specificity to the observation.
 

qusys

Trusted Information Resource
Hi Can someone help me please.

I work in a small BMS Controls Company with 4 Engineers and 11 staff in total.

Our usual external auditor has passed us 4 years in a row with no observations, I have done everything like I normally do, We had a new external auditor this year and we have been given an observation as follows:

Risks & Opportunities - Whilst risk and opportunities have been documented, not all issues identified following the organisation's context, SWOT and interested parties needs and expectations analysis have been formally assessed. (ISO90012015, Clause: 6.1.1 & 6.1.2).
A documented brief analysis related the internal and external issue could be summarized in management review including the outcomes from stakeholders and internal parties if any
 

oonagh

Starting to get Involved
A documented brief analysis related the internal and external issue could be summarized in management review including the outcomes from stakeholders and internal parties if any
I think this may be the the best thing to do as well as what has been advised by Kronos147, many thanks qusys. Thank you everyone.
 
Top Bottom