ISO9000 Internal Audit Requirements

Marc

Hunkered Down for the Duration
Staff member
Admin
#1
Ah! Can this be real??? A snippet from a list-serve:

From: Charley Scalies
Subject: Re: Q: IA Program On Target or Overkill/Schwarz/Scalies

> From: JSchwarz

During a recent surveillance audit of my company, the Registrar's Lead Auditor indicated that our internal audit program was excessive. We had been under the impression that the Registrar expected us to audit each department and each ISO Clause at least annually. However, the Registrar's Lead Auditor stated that though we were expected to audit against each ISO Clause annually, there was no requirement that each department be audited on an annual basis. We were told that we could randomly select any departments we chose to audit. Any opinions? Thanks.

> J Schwarz ----------------------

Say "Thank You" to the Registrar's Lead Auditor. Sounds like he/she is sensitive to your bottom line by suggesting that more effective audits are better than more audits.

Perhaps you should revisit both the letter and the purpose of the 4.17 requirement. Your audit program must verify whether or not your quality system is suitable and effective (including meeting the minimum requirements of the standard). If you think you need to audit every department against every element in order to make a determination as to whether or not your system is suitable and effective, then go right ahead. Otherwise, don't.

Also, take another look at the 20 elements, except this time, read them as a whole, not as 20 separate disparate requirements. They are all inter-related. The proposed draft of the year 2000 standard seems headed in a direction that will tend to shift focus from the bits and pieces to a more "whole-istic" view of the standard.

As for auditing each element annually, that isn't a requirement of the standard, just of your Registrar. (Not a bad one, and not one I would argue against.) Keep in mind there are ways of auditing compliance with certain elements collaterally, rather than directly. For example, if you plan every audit to include a test of the quality records system for that particular process being audited, then you may not need to do a separate quality records audit. Depends on what you are able to conclude about quality records compliance and system effectiveness learn from the collateral audits.

Charley
 
Elsmar Forum Sponsor

Marc

Hunkered Down for the Duration
Staff member
Admin
#2
And another one I liked. We must remember this is ISO, not QS!

From: RbrtC
Subject: RE: Q: IA Program On Target or Overkill/Schwarz/Craig

The auditors response is not that atypical, especially the remark about random sampling. All 3rd party audits rely on random sampling therefore it should not be a surprise that they would accept sampling in your internal audit system.

Also, there is NO requirement that each element be audited annually. The requirement states that audit frequency should be based upon your past audit results and risk assessment. It is fairly typical to audit elements in frequently (i.e., every other year) where you have established a history of not having any issues. On the other hand, elements where you repeatedly find noncompliances in your internal audit system should be audited more frequently (i.e. every six months or quarterly).

Bottom line assign your audit frequency based on your past experience not on some established rule of thumb. As long as your reasoning is sound for assigning the frequency, the assessor should not have an issue with it.

Robert J. Craig, Director of Quality, Berg Electronics Author: NoNonsense Guide to ISO 9000 Registration, ASME Press, NY, NY
 

barb butrym

Quite Involved in Discussions
#3
You have to make the decision...does it add value? Does it make sense?

Makes sense to me (my company hat)...that if my surveillance audit is coming and I know what elements will be covered...I damn well want to cover them, and anywhere they may lead the auditor... first..no surprises. Why set my self up for grief for the sake of a little preparation..also covers Management responsibility...review the system. If I don't do MR meetings often, it will be a long time to catch up on the elements I don't do every year.

OK, now the auditors hat..simple..covering the entire system builds my confidence in the system...Is Management review capturing the system to show effectivity of the IA program? I go in looking for a complete system audit annually..but YA GOTTA PROVE TO ME that what you do works...if it does then I am happy.

now the consultant hat...If you have a matrix of all 20 elements and the areas covered you can plan a simple way to capture the most bang for the audit buck. I suggest area audits that cover all ISO elements that apply to the area (check lists with lots of room to write)then when I want to review the element....I do a desk audit of the IA results for that element portion of the check lists. Obviously some elements need more..ie design, contract review, doc control. But that covers most of the others. If the auditors are trained using this technique the audits typically become a value added exercise and feed into the CI program.
 
Thread starter Similar threads Forum Replies Date
Marc Definition Process Audit - Internal and External - ISO9000 - A Definition Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 7
C ISO9000 and CWF (Certified Welding Fabricator) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
L Innovation in Quality as applied to ISO9000 ISO14000 or TS16949 Service Industry Specific Topics 1
L Vertical vs Horizontal Integration ISO9000 QMS ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
C Explain to me the differences between ISO9000 and TQM ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
M ISO9000.3:2004 vs. AS9100 - What are the Differences? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
ScottK Which ISO9000 Registrar would you pick? (Hypothetical Situation) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
M Certification of a Group Corporation - ISO9000/14000 vs. SONY GP certification ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 15
B The new Terms and Definitions in ISO9000:2005 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
Randy ISO9000:2005 vs. ISO9000:2000 - Differences and Changes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
E Franchise of ISO9000 certified organization ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 29
M ISO9000 presentation help ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
M ISO9000 Training Presentation - Seeking introductory presentation on ISO9000 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
A How much objective evidence is required for ISO9000 certification? Records and Data - Quality, Legal and Other Evidence 8
N Signature for CAD / Engineering Drawings and ISO9000 requirements Quality Assurance and Compliance Software Tools and Solutions 3
S Changing from ISO9000 to ISO9001:2000 need help ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
B Deployment of an "ISO9000-ready" QMS - Multi-facility site ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
P Looking for subject matter for thesis about TQM, ISO9000, TS19649 IATF 16949 - Automotive Quality Systems Standard 4
J Can We Exclude ISO9000:2000 Clause 7.3.7 (Control Of Design And Development Changes)? Design and Development of Products and Processes 7
D Document Issue & Control in ISO9000-3 - Medical software ISO 13485:2016 - Medical Device Quality Management Systems 4
Y ISO9000-3 - Software Traceability Requirements ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
J ISO9000:2000 Scope Statement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
B Are ISO9000 certificates ever withdrawn? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
Q Each ISO9000:2000 requirement has intent? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
A What is the difference between Validation & Verification in the context of ISO9000? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
M ISO 9001:2006 - What is the future of ISO9000? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 19
L ISO9000 Implementation in Schools and Educational Institutions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
S How are you undertaking Supplier assessment and Educating Upper Management in ISO9000 Supplier Quality Assurance and other Supplier Issues 13
Geoff Cotton ISO9000: 2000 What are the changes? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
D QS-9000 / ISO9000 Procedures - Four Questions about Requirements Document Control Systems, Procedures, Forms and Templates 1
M ISO9000 certification in education - Higher end post graduate degree school ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
P Question for ISO9000 auditor training General Auditing Discussions 3
D Lucrative Rubber Stamp - I was once very impressed with ISO9000 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
B ISO9000 Expert Witness work with the legal profession ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
J TS 16949 - QS9000 - ISO9000:2000 QS-9000 - American Automotive Manufacturers Standard 2
K ISO9000:2000 & TS16949 EFFECTS ON QS9000 QS-9000 - American Automotive Manufacturers Standard 1
K Guidelines for implementing ISO9000 in education - ISO 21001:2018 Update June 2019 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
K Are ISO9000 and QS-9000 Quality Control or Quality Assurance Systems? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
A Industrial Deaths & ISO9000 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 14
Marc The Quality Farce - ISO9000, QS9000, Six Sigma, TQM, Fishbone Diagrams, etc. Philosophy, Gurus, Innovation and Evolution 17
P Will ISO 10013:1995 be revised, as a consequence of the ISO9000 revision? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Marc Auditing R&D for ISO9000 General Auditing Discussions 1
Marc Implementing ISO9000 - Timeline showing major milestones ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 0
Marc ISO9000:2000 and QS9000 QS-9000 - American Automotive Manufacturers Standard 2
T How many companies are giving up ISO9000 registration? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
Marc ISO9000:2000 Update ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 0
F TickIT vs. ISO9000-3 vs. ISO 9001 - What are the Differences? Software Quality Assurance 7
Marc ISO9000 Performance Metrics ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
Marc New ISO9000 E-Mail ListServe ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 0
Marc ISO9000 Registration in Educational Institutions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5

Similar threads

Top Bottom