Craig H. said:
We have some very experienced auditors here at the Cove. May we have some other opinions (even to tell me I am way off base, if that is so)?
Craig, since you’ve asked, I offer my opinion. Let me preface this by reminding you that it is always dangerous to make broad, generalized statements, but if we limit our assessment to a typical audit to verify compliance of a QMS to ISO 9001:2000 in a typical manufacturing organization, I would say that certain processes, functions, departments, etc. are definitely off limits.
Payroll, Accounting, Legal, E&S are a few examples of functions that, normally, are NOT part of the processes comprising the QMS, along the lines of ISO 9001 (For ISO 9004, the assessment would be different). Sure, in some cases, these departments/functions can be part of processes that are included in an ISO 9001 audit, but that would be the exception rather than the rule.
Internally, each organization may expand the controls over the processes/people as they wish. So, if you want to perform an internal audit your payroll department and you expect them to have well documented processes, procedures, indicators, there is nothing wrong with that, but for an external auditor to be involved with such areas, I believe, they are out of bounds.
I contend that there are “common sense” limits to the QMS scope. If you use your payroll example on how it can affect employee morale, and thus affect product quality, you could argue the same for your cafeteria. Next thing you see is an auditor going to the cafeteria, asking if the cook’s recipe is controlled, if they keep records of their food tasting, if the thermometer in the oven is calibrated, etc.. In case of an outsourced cafeteria, one might start wondering if the catering company, responsible for managing your cafeteria is in your approved supplier list. You see, it starts to get silly, in my opinion. Lines have to be drawn somewhere.
This is my opinion.