ISO 9001-2015 Internal audit finding

qcman

Registered Visitor
During a recent audit of our process design and developing procedure it was noted that there were incorrect work instruction numbers called out on the CP. Further digging found more CP with the same issue This was found by the responsible department previous to the audit and is in the process of being corrected. Knowing the system this has not and would not affect part quality. So my question is since it was already found and being corrected before the audit should this be written up as a minor non conformance say for failure of the document review process? Also, correcting these documents may not be completed in time for the 3rd party surveillance audit in a few weeks. What should we expect if they are not?
 

Tagin

Trusted Information Resource
Yes, it should be written up as a minor. Although they are already taking steps to correct the errors, the role of the minor is to not just fix mistakes, but to address the root cause problem with the QMS that allowed those mistakes to happen, so that it won't recur in the future. It should also look into containment, to document why you say that these errors "would not affect part quality" on previously produced product.

As for the external audit, having the minor in process provides evidence to the auditor that the organization is actively using the internal audit tools to properly address issues, and improve the QMS.
 

qcman

Registered Visitor
Yes I was glad to see they had found it for the same reason you stated. This occurred due in part to personnel changes and losing a central point person for this task. This has been addressed as well. So with CA in place will not having all the documents corrected before the surveillance audit be an issue? Does a CA have to be completed before an surveillance audit? The department affected is fully aware of the situation and as I mentioned the nature of the issue will not affect quality.
 

Ninja

Looking for Reality
Trusted Information Resource
If it were me, I would look to see if the existing CA had a reasonable and effective lead time on it.
"We know about it, we're working on it, and in a timely manner befitting the risk it poses" should be no issue in a surveillance audit...provided it's actually true.
The general point of an internal audit is to find stuff like that, your internal audit system works, that's a plus. As long as your CA system/process is also working well and timely, there really shouldn't be an issue.

We always had open CA's during audits...as long as we were working on them there was no issue.
 

qcman

Registered Visitor
Not sure if this goes back to the old QS days but for some reason I thought you had to have all CA closed before an audit. I really appreciate the feedback.........:thanx:
 

Randy

Super Moderator
Not sure if this goes back to the old QS days but for some reason I thought you had to have all CA closed before an audit. I really appreciate the feedback.........:thanx:

Naa, open CA's in progress are evidence of the system working. I just looked at half a dozen in progress CA's from internal audits this week during an annual surveillance of an integrated QMS/RC/EMS system. No big deal. (Look out for the knucklehead 3rd party person that might use them as low hanging fruit to raise his own NC though....Very poor practice in my opinion)
 

Jim Wynne

Leader
Admin
. So my question is since it was already found and being corrected before the audit should this be written up as a minor non conformance say for failure of the document review process?
A couple of observations:
  • Internal auditing shouldn't mimic third-party auditing with regard to classification of NCs as major or minor. A thing either conforms to requirements or it doesn't, and classification doesn't help anything, and leads to subjective judgements.
  • We have to wonder why, when this problem had already been identified and is in the process of correction, wasn't the audit team aware of it? Why didn't the person or persons who identified the issue invoke the CA process?
I think it's reasonable to cite the issue as a nonconformity, and to dig deeper in the system to find out why it had to be discovered by an internal auditor. Auditors shouldn't be seen as having special powers; everyone should be responsible for documenting nonconformities when they're discovered.
 

qcman

Registered Visitor
Jim, while I did say minor in my reply I do not classify non conformance's I write in an audit. As you said findings conform or they do not. Typical reasons for why this was not written up by the discovering party.
 

Ninja

Looking for Reality
Trusted Information Resource
Totally agree.
If we found something miniscule (calibration sticker unreadable) we would simply "correct it". If it wasn't an immediate fix (and sometimes if it was) we would document it...partially so the system got reviewed and fixed if needed...partially for the CYA when the audit came by and we weren't done yet.
 
Top Bottom