IATF16949 external audit plan

[DariusPlumdon]

I work for a company in Europe

Some of our activity is Automotive based so we are a 'remote site' named on the certificate.

Other elements of European site are non automotive so we adopt ISO 9001.

We have an external audit once a year; as per the IATF requirements we change external auditors every three years.

Ultimately I really do not mind what our external auditor chooses to audit, we have nothing to hide.

Over the past 20 years in my experience usually the external auditors want to sample a wide range of the company to give good coverage; this is in line with how I was trained as an internal auditor

Now the new external auditor (she seems very good) wants to focus almost exclusively on the automotive elements of 16949 that are not in 9001 (e.g. she does not want to audit IT, HR, Legal).

I would be curious from any external auditor if there is any IATF guidance on how to set scope/choose what to be audited.

Is the external auditor following current IATF best practice in sampling this way, or is it just a personal choice?

 

[Hendor]

If your Quality system is ISO 9001 certified, the scope of the audit must be that.

I think your auditor should focus on the requirements applicable to your quality system.

I have seen multi-standard auditors, who sometimes get lost or confuse the requirements.

 

[Ashland78]

If your remote site only has certain parts applicable they won't have to audit all. If the remote site does Sales and Marketing only they will focus on that. All elements of IATF for entire organization shall be audited over a 3 year cycle. Some elements such as customer satisfaction, management review will be done annual as customary (important elements). I hope this helps.

 

[DariusPlumdon]

If your remote site only has certain parts applicable they won't have to audit all. If the remote site does Sales and Marketing only they will focus on that. All elements of IATF for entire organization shall be audited over a 3 year cycle. Some elements such as customer satisfaction, management review will be done annual as customary (important elements). I hope this helps.

Yes, you are right that in our case 'Sales & Marketing' is the named elements on the the certificate for us as a remote site, so I understand why every external auditor we have every had has focused around 80% on these areas. It was just that in the past the other 20% of the time sampled other areas of the remote site; there rationale was sampling (for example) HR covered the IATF16949 specific areas (e.g. 'empowerment') which related to the employees in 'Sales & Marketing'

As you wrote they always sample the QMS review each year.