I'm still not grasping the idea of Process Based Internal Audits

N

noboost4you

#11
Re: I'm still not grasping the idea of Process Based Internal Audits ISO 9001:2000

WHAT we DID rather than WHAT we SAID!!!
Well what about the work instructions then? If employees don't follow what the work instructions say, isn't that a noncompliance? I was under the impression that the work instructions must be followed verbatim?
 
Elsmar Forum Sponsor

Peter Fraser

Trusted Information Resource
#12
Re: I'm still not grasping the idea of Process Based Internal Audits ISO 9001:2000

Hi Everyone :bigwave:
I'm still not grasping the idea of process based audits.

What about other departments? Such as Engineering, Accounting, Customer Service, IT, Quality Control?

:thanx:
I think that a lot of it comes down to knowing what a process is designed to do, and assessing how well it does it. We developed the attached to describe how to define a process in the first place, but an audit would typically be aimed at ensuring that a process is doing what it is designed to do.

How you choose which process(es) to audit would depend (as usual) on which have most effect on your product, been recently changed, have a history of problems etc.
 

Attachments

C

chaosweary

#13
Re: I'm still not grasping the idea of Process Based Internal Audits ISO 9001:2000

noboost4you, I think the covers are great and have a wealth of knowledge to impart to you. No disrespect intended to the way things should be done, however, there are times when one has the resources to do really good process audits investigate all the upstream inputs and downstream outputs but there are also times when one needs an immediate fix to save one’s bacon by satisfying the need of an external auditor or customer. The auditor probably wanted the process approach yesterday, but you don’t have the time nor do you have the knowledge.
The covers are trying to educate you first on the process approach and then have you come up with your own solution. I think that is great and the proper way to do things! However, I believe the world is a better place for having all kinds of points of view on how to approach issues. That being said I will give another approach that many will deem not proper, but will directly address your original post.
Quick Fix:
I bet your audit plan is made up of functional areas, put the word “process” in front of them. Take your audit plan that has a listing of all your processes and put them on the “Y” axis or vertical axis of yearly audit schedule and put the ISO clauses on the horizontal "X" axis as shown in the attachment. Like magic you have a process approach to an audit plan. It doesn’t mean a doggone thing but it will satisfy the auditor in the short term while you’re going through the cove trying to educate yourself on the process approach. For some reason the auditors I deal with really believe that changing the physical positions of the clauses and the audited areas (now called processes) on the yearly audit schedule makes that a process approach to auditing. Adding the acronyms COP, MOP and SOP really gets them hot (adds perceived credibility) too. This is only a short term solution until you have the knowledge, competency and resources to implement the process approach the appropriate way. Good Luck.
 

Attachments

B

Benjamin28

#14
Re: I'm still not grasping the idea of Process Based Internal Audits ISO 9001:2000

Good morning all.

I wanted to ask for some clarification and feedback from you all on process based auditing. We are a NADCAP (ISO/IEC 17025) accredited materials testing laboratory. Currently we comply with NADCAP requirements for monthly internal auditing:

18.5 Per NADCAP requirements, on the first Monday each month the Quality Manager shall select for audit not less than one job that was previously reported in the previous month from any client file to satisfy the acceptable codes listed in AS7101. The test codes must be audited on an annual basis.
18.5.1 The audit shall include verifying the following elements:
* Job Entry Process
* Test Procedures and Equipment
* Calibration and Certification of Equipment Used
* Recording of Test Results
* Audit of Test Results
* Clerical Transcription of Test Results


This audit process is performed post testing as a form of product audit, ensuring that all items were addressed appropriately for a specific test/analysis.

Over the next few weeks, however, I want to develop a process based periodic internal audit program for our facility which will include SOP, COP, and MOP processes. The idea is to have internal audits more involved with in process testing.

We have hundreds of different test procedures which fall under many various test types which we are accreditted for. For process based auditing, should these different testing types be generalized into a "testing" process. My thinking is that a lab section audit would occur, auditing the testing process in general.

This would take into account the inputs (specimens, data, personnel, etc), evaluate the process (what's done, how, where, when, etc), and the output (valid test results, test certificate etc).

I'm a bit confused however, as to how to approach this...since the function of a complete test passes through multiple departments and multiple processes...should the audit encompass the entire cycle, or should the processes be broken out and evaluated seperately? Some of the things that I need to consider:

1) Job Entry
2) Analysis Configuration Generation-(creating an electronic data set within our system that contains all applicable requirements-client/specification)
3) Instrument/Tool Calibration
4) Instrument/Tool Maintenance
5) Lab Test Supply Procurement & Control
6) Technical Support Review
7) Facilities Maintenance & Environmental Controls
8) Customer Services (client communication)
9) Shipping & Recieving
10) Materials & Documentation Retention
11) Document Control
12) Corrective & Preventive Actions
13) Final Inspection (Reports)
14) Training
15) Test Procedures (Validity vs Specifications/Client Reqs)
16) Management Review

There is a lot to consider, and to be quite frank I'm not entirely sure of how to approach it. My understanding is that each process is evaluated separately and in this way it is ensured that each process contributes appropriately to the testing function and interacts effectively with the other processes? Hoping for some advice/feedback from those of you more experienced with process based auditing.

:thanx:
 
Last edited by a moderator:

Helmut Jilling

Auditor / Consultant
#15
Re: I'm still not grasping the idea of Process Based Internal Audits ISO 9001:2000

...Like magic you have a process approach to an audit plan. It doesn’t mean a doggone thing but it will satisfy the auditor in the short term while you’re going through the cove trying to educate yourself on the process approach. For some reason the auditors I deal with really believe that changing the physical positions of the clauses and the audited areas (now called processes) on the yearly audit schedule makes that a process approach to auditing. Adding the acronyms COP, MOP and SOP really gets them hot (adds perceived credibility) too. This is only a short term solution until you have the knowledge, competency and resources to implement the process approach the appropriate way. Good Luck.
Huh? If your auditors get all "hot" over this crap, and consider this a "process approach" then maybe you ought to find some better auditors. Sprinkling the word "process" around the audit documents does not make it a process approach.

If his auditors buy that, then he has bigger problems than not passing an audit.

PS: I realize you are trying to help the fellow, and the rest of your comments suggest you actually do have a better understanding of the process approach.

However, teaching people how to hang window dressing, and auditors who accept window dressing, add no value to the ISO program, and both contribute to much of the negative cynicism expressed on this Cove. :cool:

If you're gonna do it, let's do it right!
 

Helmut Jilling

Auditor / Consultant
#16
Re: I'm still not grasping the idea of Process Based Internal Audits ISO 9001:2000

Well what about the work instructions then? If employees don't follow what the work instructions say, isn't that a noncompliance? I was under the impression that the work instructions must be followed verbatim?

The work instructions, and the activities performed must agree. They must agree or it misses the point. Either the work instructions would need to be revised, or the activities be modified.
 

Helmut Jilling

Auditor / Consultant
#17
Re: I'm still not grasping the idea of Process Based Internal Audits ISO 9001:2000

We are not certified yet, nor do we have a completed Quality Manual. I'm just trying to get everything situated prior to our audits in June/July.
If these things are not in place yet, perhaps it would be beneficial to postpone your audit. That is one of the earlier things that should occur when implementing a system.
 

Helmut Jilling

Auditor / Consultant
#18
Re: I'm still not grasping the idea of Process Based Internal Audits ISO 9001:2000

Hi Everyone :bigwave:

Prior to posting this thread I have searched high and low through various threads and all throughout the free files directory. I'm still not grasping the idea of process based audits.

According to my consultant, we need to provide any third party auditor with a Process-Based Audit Form. All the forms I have seen thus far look different and keep racking my brain.

I have gone through a few departments over the past few months and have come up with hundreds of work instructions. We don't do nearly 70% of those work instructions on a daily basis. We have them for reference for people who need to do something or to train new people. Here are a few things we do everyday: Create Orders, Print Orders, Pull Orders, Calibrate Order Items, QC Order Items, and Ship Items. Those tie in together with Order Processing/Production/Shipping Departments. Would those be areas in the Process Audit? We have work instructions covering all those areas.

What about other departments? Such as Engineering, Accounting, Customer Service, IT, Quality Control?

Sorry if these questions have been asked and answered several times, but I used and abused the search engine and I'm still very unclear.

:thanx:
Your post asks very good questions, but it suggests you have not been given a good understanding of what the intent of a process approach is to be. If your consultant is just helping you put the pieces in place to get an audit done, you will get little benefit from ISO.

I will attach a PowerPoint link that may help, but you need to get some good grounding in this and then resume your efforts. You sound like a smart fellow, but you are trying to teach yourself how to swim. I believe you will feel much more confident when you get a better foundation and guidance. (PS: Jane B - I took the animation out!)
 

Attachments

B

Benjamin28

#19
Re: I'm still not grasping the idea of Process Based Internal Audits ISO 9001:2000

To elaborate on my previous post in this thread; I've been looking at some of the processes, in the basic stage of identifying key processes and potential for internal audits, and I wondered what you all think of this list. It seems a bit long to me, considering ISO 9k outlines only 6 key processes...mind you we are not held to the 9k requirements, but rather view them as a value added "hey that looks like it may benefit us" set of standards. When performing process audits do you all look at similar processes, does this list seem reasonable?

1) Job Entry
2) Analysis Configuration Generation-(creating an electronic data set within our system software that contains all applicable requirements-client/specification)
3) Instrument/Tool Calibration & Operational Checks
4) Instrument/Tool Maintenance
5) Lab Test Supply Procurement & Control
6) Technical Support Review
7) Facilities Maintenance & Environmental Controls
8) Customer Services (client communication)
9) Shipping & Recieving
10) Materials Handling/Storage Control (test materials from clients)
11) Document Control
12) Corrective & Preventive Actions
13) Reporting (Final Inspection, Revisions, Corrections)
14) Training
15) Test Procedures (Validity vs Specifications/Client Reqs)
16) Management Review
17) Test Errors (control of nonconformances)
18) Statistical Process Control
19) Section Correlation
20) Interlab Correlation (IPT (round robin) testing)
21) Specimen Preparation (Validity vs Specifications/Client Reqs)
22) Records Control
23) Technical Data Control & Electronic Data Storage & Protection
24) Software Control
25) Supplier Evaluation & Approval
26) Internal & External Audits

I'm thinking these should be reduced to more generalized processes with some of the items listed as subset activities which fall under the higher level process...but wanted some feedback, would that be more appropriate?
 
Last edited by a moderator:

Helmut Jilling

Auditor / Consultant
#20
Re: I'm still not grasping the idea of Process Based Internal Audits ISO 9001:2000

Please note important correction:
ISO does not define only 6 processes. It does not outline any. Clause 4.1 requires each organization to define their own processes. My clients average between 15-24 processes.

Your list is not bad, but some may only be subprocesses (depends on how you want to slice them.)

For example, do #4 and #7 belong together?
#1, 2 and 8 may have some overlap.
9 and 10.
2, 6, 15, 17.

You get the idea. You may combine a few of these if they justify it, or you may leave them separated. That is your choice. Plus, you can adjust it later after you try it out.
 
Thread starter Similar threads Forum Replies Date
Tagin Hosting in the cloud still requires DR (OVH fire) Business Continuity & Resiliency Planning (BCRP) 1
S Are EC type examinations still being conducted under MDR? EU Medical Device Regulations 5
N What is our product classification? (Does Unclassified classification still exists) Other US Medical Device Regulations 14
C Document Control Stamps - Does anyone still stamp their documents? Document Control Systems, Procedures, Forms and Templates 24
E Can we still use MEDDEV 2.4/1 rev. 9 when classifying a medical device product under MDR? EU Medical Device Regulations 4
H Can a calibration lab still use ISO 6789:2003 as guide for torque calibrations Other ISO and International Standards and European Regulations 1
S IMDRF or still GHTF for STED and other guidance? Other Medical Device and Orthopedic Related Topics 5
Z Do we still have to put UDI if we have DI and lot number seperately on our product ? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
S Can we still manufacture whilst awaiting return of our CE Mark? Other Medical Device Related Standards 1
R FDA - How to discontinue/obsolete medical devices that share sub-components with others that will still be distributed Other US Medical Device Regulations 5
M CEP requirements in MEDDEV 2.7/1, rev 4 and MDR - Are all MEDDEV requirements still applicable? EU Medical Device Regulations 7
M We still have not received our certificate due to a 'backlog' with our auditing body Registrars and Notified Bodies 25
L 510k exemption process - Do you still need to submit technical dossier? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 5
Sidney Vianna IATF 16949:2016 still doesn't get 7.1.4 of ISO 9001:2015 IATF 16949 - Automotive Quality Systems Standard 15
A Can change control can be closed if the CAPA is still open? Nonconformance and Corrective Action 3
M Are ASTM F745 & ASTM F75 still valid? EU Medical Device Regulations 5
R Still confused on OPRP and CCP in an ISO 22000 Catering Business Food Safety - ISO 22000, HACCP (21 CFR 120) 3
J ISO 9001:2008 - Can I still conduct Internal Audits in my company? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
Wes Bucey Another year - still happy! Covegratulations 5
Marc The "Reading Room" forum is still here The Reading Room 5
T ISO13485 cert expired - Product still CE Marked CE Marking (Conformité Européene) / CB Scheme 1
J Can a Surge test fail to a test level and still considered as Compliant? IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
T Predicate device recalled - Still a valid predicate device? Other US Medical Device Regulations 7
M Is calibration from long ago still valid on never used pipettes? General Measurement Device and Calibration Topics 8
Q Can a fail still be a pass? (Criteria Level B for 61000-4-6 Conducted Immunity) IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
B Are the GHTF guidance documents still relevant? ASQ, ANAB, UKAS, IAF, IRCA, Exemplar Global and Related Organizations 5
Q Form IPC 1720A Assembly Qualification Profile still required? Various Other Specifications, Standards, and related Requirements 1
R Is EN/IEC 60417 still current? Other Medical Device Related Standards 4
M Is a Management Representative still needed for ISO 13485:2015? ISO 13485:2016 - Medical Device Quality Management Systems 7
Y Consultation: EN 980 still recognized by EU regulation? EU Medical Device Regulations 4
x-files Plans/Requests from Parent Company: Objectives or still plans? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
A CE Certificate is valid until 3.12.2013 - Can I still sell the products in Europe? EU Medical Device Regulations 10
Jen Kirley Can a company with pending air license and water permit still get certified to 14001? REACH and RoHS Conversations 2
N Is Air Burst test for oven treated condoms still required under ISO 4074? Other Medical Device Related Standards 1
AnaMariaVR2 Why Women Still Can?t Have It All Career and Occupation Discussions 1
H Transition of EN 60601-2-22 ed.2 - Still listed, not expired IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
A Essential Design Output - Still a problem 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 7
T If a company becomes TS 16949 certified does it still need ISO 9001 certification? IATF 16949 - Automotive Quality Systems Standard 12
I Are IEC 60601-1:2012 and BS EN 60601-1:2006+A11:2011 still identical? IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
Marc Are you STILL in the Stock Market? World News 1
N ISO 14971:2007 vs. 2009 - Which Risk Management Standard is still accepted in the EU Other ISO and International Standards and European Regulations 2
Marc How to Live Easy in China on $475 a Month and still be able to Save Money Immigration and Expatriate Topics 2
M K-Cup (Keurig) Recycling - This recycling program is still in development Sustainability, Green Initiatives and Ecology 2
Antonio Vieira Do you still keep old numbers of Quality Progress in paper format? ASQ, ANAB, UKAS, IAF, IRCA, Exemplar Global and Related Organizations 9
N ISO 9001 Implementation - I am still confused on where to start ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 19
B CNC Machining Shop still heavily relies on First Piece and Final QC Inspection Manufacturing and Related Processes 5
S Supplier Quality Survey - Why are those surveys still sent out? Supplier Quality Assurance and other Supplier Issues 13
Wes Bucey Job openings still scarce! Career and Occupation Discussions 0
Antonio Vieira Quality Councils - Do they still exist? Are they useful? Philosophy, Gurus, Innovation and Evolution 5
O Outsourcing part of Design & Dev Process- Still requiring D&D ver & val-7.3.5, 7.3.6? IATF 16949 - Automotive Quality Systems Standard 6

Similar threads

Top Bottom