ISO 9001:2015 - 8.5.1 - Routers not being signed

[Hybrid]

the validation, and periodic revalidation, of the ability to achieve planned results of the processes
for production and service provision, where the resulting output cannot be verified by subsequent
monitoring or measurement;

Have an audit coming up and noticed most of our routers that are filed haven't been signed off. I took the position of QC manager 2 months ago and strictly enforced routers to be signed from day 1 and it has been working.

I am afraid of the auditor pulling routers from before i became manager and ding us for it.


How can i prevent this?

 

[optomist1]

simple...Escalate the issue internally...

 

[Hybrid]

simple...Escalate the issue internally...

As in issue a ICAR and since we noticed it before the auditor he wouldn't be able to ding us for it correct?

 

[Randy]

the validation, and periodic revalidation, of the ability to achieve planned results of the processes
for production and service provision, where the resulting output cannot be verified by subsequent
monitoring or measurement;

Have an audit coming up and noticed most of our routers that are filed haven't been signed off. I took the position of QC manager 2 months ago and strictly enforced routers to be signed from day 1 and it has been working.

I am afraid of the auditor pulling routers from before i became manager and ding us for it.


How can i prevent this?

Is there a specific requirement (in this case your requirement,) that routers be signed? Do you require it? Either Yes or No

 

[Hybrid]

Is there a specific requirement (in this case your requirement,) that routers be signed? Do you require it? Either Yes or No

no

 

[Mike S.]

Why did you start to "enforce" the signing of routers?

If you require it (make it a "shall") for whatever reason, you have to do it or else it is a NC. If it is a "should" it is not a requirement.

Sounds like (correct me if I am wrong) it was not a requirement before you became QM and you made it one, so routers before "you" are not in violation of a shall, so no NC.

 

[mnobrien]

Technically you could likely avoid any NC by simply documenting a change to your procedure(s) to now require sign-offs with a clear implementation date (any docs that pre-date would not be 'nc-able' due to the effective date of the process change).

But if you want to pad your binder with easily obtainable evidence that addresses other ISO req's....I would do the following...

-Write an internal audit non-conformance for that clause that your system fails to address the requirement. (+1 for evidence of internal audit program)
-Review the audit finding in a management review session (+1 for evidence of mngmt review inputs)
-Document the corrective action plan as an action item (+1 for evidence of mngmt review outputs)
-Determine the risk (if any) before action item is complete...a simple yes/no is what i use (+1 for evidence of risk assessment)
-If there is risk, document the mitigating action (+1 for evidence of risk mitigation)
-If team determines 'no risk' then no action needed
-Codify your Action Item... i use the following 'AI Codes': QI = QMS Improvement , R = Resource Addition , PI = Product Improvement
- this case would be a 'QI' (+1 for evidence for 9.3.3)
-Implement the Corrective Action (+1 for evidence of corrective action)
-At the next management review...review 'effectiveness' of this action item (+1 for evidence of corrective action)

Doing this changes this whole situation from just trying to avoid an NC during your ISO audit, and turns it into a storybook/portfolio of evidence that demonstrates that your system employs and complies with several ISO requirements.

Good luck and let me know if you want a template of how I show the above.

-Matt

 

[Randy]

Or keep it simple and take the signature block out. If it works for you and you still get what you need, go for it cutting out the piddly bull.

 

[Jen Kirley]

I take it that this signoff takes place after the job run is completed - is that correct?

Signing routers is not process validation or re-validation. It is more like an act of monitoring, or verification that something was done (or the document says it was done).

If there were problems that this post-process review should have caught but didn't, maybe the monitoring is important. I agree that if this post-process monitoring is important to you, and if you are worried about an audit NC you can start an internal NC. If this is just a signoff for the sake of signing something, I also would support the corrective action to be taking off that signature block.

 

[Conrade]

the validation, and periodic revalidation, of the ability to achieve planned results of the processes
for production and service provision, where the resulting output cannot be verified by subsequent
monitoring or measurement;

Have an audit coming up and noticed most of our routers that are filed haven't been signed off. I took the position of QC manager 2 months ago and strictly enforced routers to be signed from day 1 and it has been working.

I am afraid of the auditor pulling routers from before i became manager and ding us for it.


How can i prevent this?

Do you have a documented 'WIP Product Identification and Traceability' system (not necessarily huge procedure, can be a Matrix)? This proved useful in defending your elected approach. If Automotive, consider review of risks identified in PFMEA and related Control Plan. This review should impact related Work Instructions / SOP's