ISO 9001:2000 Audit Nonconformance - "Failure to have the document ISO 19011"

[Sidney Vianna]

They don't have it documented how they outsource the internal audit process. ... So, do you feel that they are "covered"? Can't say for sure if their Purchasing Documents describe the requirements, as they only utilize services from "Certified" registrar / consultants etc.

Without being there and looking at the evidence, it is very difficult to say if they are "covered", but we could have a long (heated?) debate if internal audits affect "product quality". I am sure we would find people on both sides of the aisle about that.

ISO 9001 4.1
Where an organization chooses to outsource any process that affects product conformity with requirements, the organization shall ensure control over such processes. Control of such outsourced processes shall be identified within the quality management system.

 

[michelle8075]

Without being there and looking at the evidence, it is very difficult to say if they are "covered", but we could have a long (heated?) debate if internal audits affect "product quality". I am sure we would find people on both sides of the aisle about that.

Yes, I am sure that we can see both sides of the issue. But, I happen to feel that at minimum they should have their requirements listed on their purchase orders.

 

[Cari Spears]

They do state that they will utilize only certified RAB Lead Auditors / or Registrars to conduct third party audits (wording is not exact to procedure).

That's not control enough? Unless something in their QMS documentation states "in accordance with ISO19011" - like mine does - I would not accept this nonconformance.

 

[John E Hopkinson - 2010]

I audit for a Registrar, and everyone is right unless they state that 19011 is used or referenced then no. If the auditors they use have been selected and evaluated in accordance with procedures then you are OK. You know you can always change your registrar, just call another and they will pick up the registration at the next surveillance audit

 

[felixcarrera]

Hi Michelle, there is no such requirement in ISO 9001; from the prespective of a third party auditor I can tell you that WE are obligued to follow the principles outlined in ISO 19011 since we are working for a registrar. But, for registered companies it is merely a recommendation, as you pointed out: it is only a guideline. If your friend was given a nonconformity, I would recommend that she files an appeal with her certification body.