ISO 9001 Documents for Submission to the Registrar

[Big Jim]

For what it's worth, I haven't done many Stage 1 audits yet but with my people (based on ANAB requirements) the rules are clear:

- Only one Stage 1 visit is allowed. If there's more than one, it's considered consulting.

- Because they aren't registered yet there is no such thing as a Major and Minor. Only "areas of concern" but if it's deemed the client could not pass a registration audit (Stage 2) that audit isn't scheduled and the process starts over.

- A desktop review doesn't work with new registrations, only certificate transfers from another CB. How on Earth could I properly assess readiness for a registration audit from emails??

I hope this helps.

I would very much like to see exactly what that ANAB requirement. I suspect that the perception that has been passed on to you is either incomplete on incorrect.

 

[Big Jim]

Absolutely, Sidney. Furthermore, when I worked for the first accredited CB, in the UK, it was normal practice to perform what would be recognized today as a stage 1. We didn't call it that and there was never a back to back audit done. There were several situations where had no onsite visit been made, the result wouldn't have been to the customer's satisfaction - and they wouldn't have paid a hefty cancellation fee for putting back the stage 2.

I remember performing "pre-assessments" prior to 17021. It may be similar to what you are referring to. They were not nearly as detailed as the current Stage 1, but served a somewhat similar function.

 

[AndyN]

I remember performing "pre-assessments" prior to 17021. It may be similar to what you are referring to. They were not nearly as detailed as the current Stage 1, but served a somewhat similar function.

I remember very well Jim and no, they were NOT pre-assessments. If I had meant a pre-assessment, I would have called it that for clarities' sake.

 

[Jen Kirley]

I would very much like to see exactly what that ANAB requirement. I suspect that the perception that has been passed on to you is either incomplete on incorrect.

I would love to give it to you specifically, but I don't have the ANAB rule book, only corporate procedure that I will not quote. However, I do have the IATF Rules, which I will quote by saying the CB may conduct (6.3) a single "Pre-audit or pre-assessment" prior to the stage 1 readiness review that is not part of the stage 1 or stage 2. It shall (not verbatim)

1) be conducted in a single visit to one site of a client. If more than one pre-audit is conducted it is considered consultancy.

2) be less than 80% of the time calculated for the initial stage 2 audit and

3) not reduce the combined man-days for stage 1 and stage 2.

6.3 closes by saying the pre-audit may generate non-binding findings without recommending solutions.

 

[Big Jim]

That is why I cut and pasted most of the ISO 17021:2011 as it relates to the intent and requirements for the stage 1. People who are familiar with management system standards can assess for themselves the method you described of bundling (part of) stage 1 and stage 2 into 1 activity. They can certainly determine if that method satisfies ISO 17021 or not. By the way, it is not an "opinion"; it is professional judgement supported by two decades of profound involvement in the accredited certification business.

And here is what you quoted from ISO 17021:2011:

The stage 1 audit shall be performed to

a) audit the client's management system documentation;

b) evaluate the client's location and site-specific conditions and to undertake discussions with the client's personnel to determine the preparedness for the stage 2 audit;

c) review the client's status and understanding regarding requirements of the standard, in particular with respect to the identification of key performance or significant aspects, processes, objectives and operation of the management system;

d) collect necessary information regarding the scope of the management system, processes and location(s) of the client, and related statutory and regulatory aspects and compliance (e.g. quality, environmental, legal aspects of the client's operation, associated risks, etc.);

e) review the allocation of resources for stage 2 audit and agree with the client on the details of the stage 2 audit;

f) provide a focus for planning the stage 2 audit by gaining a sufficient understanding of the client's management system and site operations in the context of possible significant aspects;

g) evaluate if the internal audits and management review are being planned and performed, and that the level of implementation of the management system substantiates that the client is ready for the stage 2 audit.

For most management systems, it is recommended that at least part of the stage 1 audit be carried out at the client's premises in order to achieve the objectives stated above.

9.2.3.1.2 identification of any areas of concern that could be classified as nonconformity during the stage 2 audit.

9.2.3.1.3 In determining the interval between stage 1 and stage 2 audits, consideration shall be given to the needs of the client to resolve areas of concern identified during the stage 1 audit. The certification body may also need to revise its arrangements for stage 2.





The portion bolded seems to be something Sidney didn't read.

Somehow it just seems logical that recommended doesn't = shall.

Somehow it seems logical that if a least part must be on site that part can also be off-site.

But maybe I just need a new pair of glasses.

 

[Stijloor]

<snip> The portion bolded seems to be something Sidney didn't read.

Somehow it just seems logical that recommended doesn't = shall.

Somehow it seems logical that if a least part must be on site that part can also be off-site.

But maybe I just need a new pair of glasses.

Please clarify for me: Why would you not be willing to do the Stage One Audit on the Client's site? For ALL my certified Clients, the Stage One audit was always done on site. I don't want an auditor walking in to perform a Stage Two audit and not having an idea about the organization.

BTW what CB do you work/audit for that would allow such practice??

 

[Jen Kirley]

I can't imagine doing a Stage 1 and approving for Stage 2 without going onsite and visiting the processes to assure they are meeting the minimum and are apparently as described in the procedures. I would feel very uneasy if I was asked, and I dare say I would decline the assignment. Am I missing something here? :mg: Some things just can't be adequately assured on paper, such as ESD controls.

 

[somashekar]

I can't imagine doing a Stage 1 and approving for Stage 2 without going onsite and visiting the processes to assure they are meeting the minimum and are apparently as described in the procedures. I would feel very uneasy if I was asked, and I dare say I would decline the assignment. Am I missing something here? :mg: Some things just can't be adequately assured on paper, such as ESD controls.

Jennifer ... I agree.
See this ...

b) evaluate the client's location and site-specific conditions and to undertake discussions with the client's personnel to determine the preparedness for the stage 2 audit;

I cannot think how this can effectively be performed hours minutes before the stage 2. :mg:

 

[Jen Kirley]

I cannot think how this can effectively be performed hours minutes before the stage 2. :mg:

It can't if we are in truth verifying a functioning quality management system is in place. No one will be able to convince me the customer is protected if critical corrections to observed process problems are done minutes before the stage 2 begins. Maybe I'm still missing something. I wouldn't agree to do it.

 

[AndyN]

One of the outcomes of the stage 1 is a plan (agenda) for the stage 2. Firstly, this is best done in collaboration with the client in person (since they have to prepare to have the right people available and so on. How this can be done remotely without seeing the place (logistics of getting around the site etc) or only a few hours before the stage 2, is - in the name of effective auditing and customer service - impractical at best and unprofessional at worst.