Is corrective action mandatory for each internal audit NCR

Randy

Super Moderator
"Justify" in who's eyes? The auditor who want to write a non-conformance?
Justify as to why no formal CA, that's where "appropriate" comes in (“Appropriate” means suitable (for, to) and implies some degree of freedom)
 

Bev D

Heretical Statistician
Leader
Super Moderator
In the 40_+ years that I have dealt with various QMS’s with both good and bad auditors and a wide variety of CBs I have never had one that successfully stated that we should have done a root cause corrective action on an internal audit (or any other discovery method) finding for which we only took action to correct (correction). A few started to bluster but they backed down once we demonstrated (1) why the standard actually said and (2) how we analyzed findings for severity and occurrence before issuing directions.

@Golfman25: Your experience is clearly different - which makes your advice to meekly bow down and be subservient to the possibility of an ignorant bully of an auditor so confusing. Unless you were being simply sarcastic?

I personally believe in fighting to do what is right and to not become subservient to the ignorant bullies.

In point of fact from my experience, being able to assign NCs and corresponding actions based on risk to product quality has created a stronger more effective QMS that results in better quality products.

@Jim Wynne: perhaps. I do believe in picking your battles, bu we must win the war; the path of least resistance invariably leads to hell.
 

Golfman25

Trusted Information Resource
In the 40_+ years that I have dealt with various QMS’s with both good and bad auditors and a wide variety of CBs I have never had one that successfully stated that we should have done a root cause corrective action on an internal audit (or any other discovery method) finding for which we only took action to correct (correction). A few started to bluster but they backed down once we demonstrated (1) why the standard actually said and (2) how we analyzed findings for severity and occurrence before issuing directions.

@Golfman25: Your experience is clearly different - which makes your advice to meekly bow down and be subservient to the possibility of an ignorant bully of an auditor so confusing. Unless you were being simply sarcastic?

I personally believe in fighting to do what is right and to not become subservient to the ignorant bullies.

In point of fact from my experience, being able to assign NCs and corresponding actions based on risk to product quality has created a stronger more effective QMS that results in better quality products.

@Jim Wynne: perhaps. I do believe in picking your battles, bu we must win the war; the path of least resistance invariably leads to hell.
My experience comes from 20+ years of fighting the battle. I have seen the good, the bad and the ugly. And I am telling you, what I am telling you. Many of us don't have the power, nor the time, to "fight" this crap. As a small company, my few thousand $$ a year for audits means absolutely nothing to the auditors and CBs. I can, and have, argued until I am blue in the face. Sometimes successful, but many times not.

As I asked Randy, in whose eyes do you "justify" appropriateness? He gave me the how, but not the who. In reality I have to "justify" it to the auditor and/or CB. And if they are coming at it from the "shall" requires both correction and CA, then the die has been cast and my arguments will be futile -- how am I going to change their position.

What I have found over those years on this site, is many people here have different views on the standards that many CBs/Auditors have. That's neither good, nor bad, it just is. My advice to the OP is meant to be practical, based on the reality we face every day trying to comply without being day to day "experts." He/she can go one way and try to fight if it ever comes up (or maybe it has which is the reason for the post), or throw the requirement in to cover themselves. At a minimum, I think knowing what you could be in for is beneficial, so you're prepared.
 

Big Jim

Admin
YOU, the organization, NOT THE AUDITOR get to determine things in the standard that say "as appropriate" or "as applicable". When you get an auditor that wants to make up his own rules because he thinks he know what's best for you, you need to kick him out.

Have a closer look at 10.2.1 e. ". . . the ORGANIZATION shall . . . evaluate the need to eliminate the cause(s) of a nonconformity . . . "
 

Randy

Super Moderator
As an auditor I'm fighting this battle right now with a couple NC's/CAR's, they we very simple document issues and have been blown out of proportion by "reviewers". Partly my fault for accepting the original CAR's, but rules are....We have to be shown "Cause", "Initial Containment" and "Correction" as 3 separate things....Not our rule but the AB rule governing the certificate........And "appropriate" quick fixes aren't allowed.

What needs to be understood is that many times it's not the auditor or the CB, it's the industry rules, like AB, that decisions are based on.
 

Golfman25

Trusted Information Resource
YOU, the organization, NOT THE AUDITOR get to determine things in the standard that say "as appropriate" or "as applicable". When you get an auditor that wants to make up his own rules because he thinks he know what's best for you, you need to kick him out.

Have a closer look at 10.2.1 e. ". . . the ORGANIZATION shall . . . evaluate the need to eliminate the cause(s) of a nonconformity . . . "
I wish that was true. My current CB disagrees, as they told me during my appeal what I "should have" done.
 

Golfman25

Trusted Information Resource
As an auditor I'm fighting this battle right now with a couple NC's/CAR's, they we very simple document issues and have been blown out of proportion by "reviewers". Partly my fault for accepting the original CAR's, but rules are....We have to be shown "Cause", "Initial Containment" and "Correction" as 3 separate things....Not our rule but the AB rule governing the certificate........And "appropriate" quick fixes aren't allowed.

What needs to be understood is that many times it's not the auditor or the CB, it's the industry rules, like AB, that decisions are based on.
More evidence of the stupidity of these "management systems." Documents should be able to be "fixed" and move on.
 

Sidney Vianna

Post Responsibly
Leader
Admin
YOU, the organization, NOT THE AUDITOR get to determine things in the standard that say "as appropriate" or "as applicable". When you get an auditor that wants to make up his own rules because he thinks he know what's best for you, you need to kick him out.

Have a closer look at 10.2.1 e. ". . . the ORGANIZATION shall . . . evaluate the need to eliminate the cause(s) of a nonconformity . . . "
The (ISO) standard referring to the organization is obvious. Nowhere in the standard there are mentions to (external) auditors. Of course, during the process of an audit, auditors must determine if the "as applicable", "as appropriate" etc... have been properly addressed. Otherwise, any audit would turn into a silly rubber stamping exercise. That's exactly why there are requirements to ensure the audit team is competent for the scope of certification involved.

Nevertheless, if a moronic external auditor makes a stupid call, the recourse is to appeal. If the appeal is rejected, one could involve the accreditation body should they have the intestinal fortitude to do so. ANAB's Client Bill of Rights mentions that.

The client has a Right to expect:

To be made aware that disagreements with an auditor’s “interpretation” in documented findings related to the applicable standard(s) may be disputed and/or appealed to the CB through a formal process. If this process is not resolved to the satisfaction of the client, the appeal may be elevated to ANAB as a complaint for further consideration.

If ALL the auditors one engages with are incompetent and their respective CB's are too obtuse to correct the bad calls made by the auditors, maybe the answer is your inability to properly screen and hire CB's.
 

AMIT BALLAL

Super Moderator
@sunrizenew , we categorize the audit results into 4 types i.e. Conformances, OFIs, Observations and non-conformances.
For OFIs, actions are optional, it's up to the process owners to determine whether it is feasible for implementation, and accordingly, it will be implemented.
For observations, only correction will be required.
And for gaps raised as Non-conformances, root cause analysis and corrective action will be required. This is how we have addressed the requirement to determine the need for root cause elimination.
For minor gaps, we have given the auditor and/or MR (System coordinator) the authority to determine whether a formal NC is to be raised or an observation, based on their experience and applicability to QMS. MR's (system coordinator's) decision will be final so as to raise NC / observation.
All this is reflected in the procedure.
 
Top Bottom